Model Backup and Recovery Policy
Content
Backup and Recovery
Policy
Purpose This policy defines the objectives, accountabilities and application of
backup and recovery for data held in the information and communication
technology environment of the Department of . . .(“Department”).
Replaces !revious !olicy Document"
Commences date"
File: file reference or policy number"
Scope The policy covers all aspects of #ackup and $ecovery for Department
data.
Principle The follo%ing principles direct this policy&
• proper backup, storage, and handling of data is necessary for the
Department to achieve its objectives efficiently
• the Department %ill act to preserve information relating to its
business.
• 'taff must protect the availability, confidentiality and integrity of
Department data.
Responsibility This policy applies to all employees, contractors, consultants and
authorised users of Department (acilities (“staff”).
!olicy breaches may lead to disciplinary and)or legal action.
Custodian
Director, Information Services Date
Approver
!ecutive Director, Corporate Services Date
ndorser
Director "eneral Date
© Copyright 2011 The State of Western Australia Aug-2012 1 of 18
247270593.doc
Department of . . . Backup and Recovery Policy
#able of Contents
$% P&'ICIS A(D ")ID'I(S%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% *
*.*. !rotecting Department Data................................................................................................. +
*.,. 'toring a -opy..................................................................................................................... .
*./. 0ccessing a -opy................................................................................................................ 1
*.+. 2edia in Transit.................................................................................................................... 3
*.4. $etention and Disposal of #ackup -opies........................................................................... 3
*... !eriodic 5alidation............................................................................................................... 3
+% S),,AR- &F RSP&(SIBI'I#IS%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% $.
,.*. 6nformation 'ervices.......................................................................................................... *7
,.,. Department 'taff................................................................................................................ *7
,./. 6nfrastructure 8perator....................................................................................................... *7
*% RFR(CS A(D A##AC/,(#S%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% $$
0% APPR&1A', D'"A#I&(S A(D ,AI(#(A(C%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%$+
© Copyright 2011 The State of Western Australia ver 2011 Page 2 of 18
Department of . . . Backup and Recovery Policy
$% Policy
The follo%ing principles direct this policy&
• proper backup, storage, and handling of data is necessary for the Department to
achieve its objectives efficiently
• the Department %ill act to preserve information relating to its business.
• 'taff must protect the availability, confidentiality and integrity of Department data.
!olicies for #ackup and $ecovery are&
Policy 1:Department data will be protected by regular backups.
Policy 2:Exceptions to the standard process must be approved by the Director,
Information Services.
Policy 3:Department data created on non-networked workstations must be saved to
the Encrypted Files folder.
Policy 4:The Department will not explicitly or deliberately exclude non-department data
from its backup regime.
Policy 5:Backup copies must be stored in an environmentally protected and access
controlled secure ofsite location.
Policy 6:Stored copies must be made available upon authorised request.
Policy 7:A record of the physical movements of all backup copies shall be maintained.
Policy 8:The Infrastructure Operator shall develop procedures for the handling and
storage of information in order to prevent unauthorised disclosure, misuse or
loss.
Policy 9:Backup copies are to be maintained in accordance with the Department’s
Retention and Disposal Schedule for backup copies.
Policy 10:All backup media shall be appropriately disposed.
Policy 11:Every quarter the Infrastructure Operator shall report on its ability to recover
data
Policy 12:Department business units are responsible for creating Business Continuity
Plans (BC).
Policy 13:Department business units are responsible for creating Disaster Recovery
Plans.
Policy 14:Business Continuity Plans and Disaster Recovery Plans must be tested to
verify correct operation of processes and adequate restoration of services.
© Copyright 2011 The State of Western Australia ver 2011 Page 3 of 18
Department of . . . Backup and Recovery Policy
© Copyright 2011 The State of Western Australia ver 2011 Page 4 of 18
Department of . . . Backup and Recovery Policy
+% Policies and Procedures
2.1. Protecting Department Data
*. Department data %ill be protected by regular backups.
• 9data: means any stored information, including&
a. 9Department data: %hich means all Department business related
information created, received or maintained by the Department in the
course of conducting its business activities, including
• 9systems data: %hich means all operating system files,
programmes and configurations
• 9application data: %hich means all application files, programmes
and configurations
• 9net%ork protocol data: %hich means all net%ork files,
programmes, configurations and log files that monitor system
traffic.
• 9backup: means a copy of data for safekeeping in
case the original is lost or damaged, including&
b. 9incremental backup: %hich means the backup of data that has been
altered since the last backup
c. 9full backup: %hich means a backup of all data regardless of %hether
files have been altered since the last backup.
• 9business day: means any normal %orking day
d. 9non;business day: and 9non;%orking day: mean a %eekend or public
holiday and backups shall be performed the previous business day.
• 96nfrastructure 8perator: means the contractor holding
the contract for the support of Department technology infrastructure,
including server, desktop, net%ork and security services management.
.i All Department data, systems data,
application data and network (protocol) data
shall be protected by backup at the end of
each business day.
.ii The backup scheme varies to meet
operational needs, but is generally:
e. servers backed up to a local tape drives are backed up in full each %ork
day
f. servers that are backed up to a net%ork drive are backed up
incrementally each %ork day and in full once a %eek.
.iii The nfrastructure !perator shall develop
procedures to comply with this policy,
including:
© Copyright 2011 The State of Western Australia ver 2011 Page 5 of 18
Department of . . . Backup and Recovery Policy
g. all soft%are, %hether purchased or developed, is to be protected once
by means of a full backup
h. systems data must be protected %ith a full backup each %ork day
i. net%ork protocol data must be protected %ith a backup each %ork day
j. application data must be protected %ith a backup each %ork day.
.iv The backup scheme for application data is in
general:
k. daily backups for normal office operations are performed out of office
hours 2onday through Thursday and can be over%ritten one %eek after
creation
l. daily backups for ,+<1 operations are performed 'aturday through
Thursday and can be over%ritten one %eek after creation
m. %eekly backups are performed out of office hours on (ridays and may
not be over%ritten %ithin one month of their creation date.
.v The archive scheme is in general:
n. the end;of;month backup tape is archived and stored indefinitely
o. the year end backup tape is archived and stored indefinitely %here the
archive set is
• a complete set of verified, successful end;of;month backups
• taken at both the end of the financial year (to coincide %ith end;of;
financial;year reporting) and at the end of the calendar year.
.vi The retention schedule for backups includes:
p. end of financial year backups must be kept for 1 years for statutory
purposes
=. personnel information shall be kept for 1* years from a person:s date of
birth
.vii The nfrastructure !perator shall maintain a
log of all backups undertaken.
,. ><ceptions to the standard process must be approved by the
Director, 6nformation 'ervices.
.viii The approved e"ception for email is:
a. >mail traffic (daily incremental and %eekly full backups 8$ journals) are
retained indefinitely.
/. Department data created on non;net%orked %orkstations
must be saved to the >ncrypted (iles folder.
• 9?on;net%orked %orkstations: refers to %orkstations
that are not al%ays connected to the Department computer system
net%ork.
.i" The #ncrypted folder:
© Copyright 2011 The State of Western Australia ver 2011 Page 6 of 18
Department of . . . Backup and Recovery Policy
a. is located on the -& drive
b. is the only encrypted directory on a standard %orkstation.
." The #ncrypted folder is backed up
c. each time a %orkstation is connected to the Department net%ork
d. after the user is prompted to confirm the backup and selects the 98@:
button.
."i The #ncrypted folder cannot be backed up
unless the workstation is connected to the
network.
+. The Department %ill not e<plicitly or deliberately e<clude
non;department data from its backup regime.
• 9?on;department data: includes all data on
department facilities that is not department data, including
a. personal data
b. temporary files.
."ii $on%department data
c. may be backed up %hen department data is backed up
d. that is backed up %ill not be recovered through the recovery process.
2.2. Storing a Copy
4. #ackup copies must be stored in an environmentally
protected and access controlled secure offsite location.
• 0n environmentally protected and access controlled
secure offsite location refers to
a. physical site security
b. physical access
c. storage management.
."iii &hysical site security shall include:
d. monitored security services, i.e. alarmed to a certified security
organisation
e. installation of appropriate fire detection devices
f. secured %indo%s, e.g. bars)alarmed
g. ram bars across roller doors
h. a fire rated secured vault for storage of backup copies
i. relevant Auality 0ssurance accreditation, including evidence of annual
revie%
j. police clearance for all personnel managing the service, %ith evidence
of bi;annual revie%.
© Copyright 2011 The State of Western Australia ver 2011 Page 7 of 18
Department of . . . Backup and Recovery Policy
."iv 'torage management shall include:
k. security policies and procedures on the retention and retrieval of data
storage
l. justification of cost analysis versus benefits for the storage management
service provided, upon re=uest
m. defined retention periods and storage terms
n. media library management procedures, including contents of media
library
o. verifying integrity of stored media, including measures to detect, prevent
and recover from physical media defects
p. regular audit revie%s, including evidence of revie% and action taken.
."v !ffsite storage management shall comply with
the relevant components of standards such
as:
=. 0')?B' 6'8)6>- ,177,&,77., 6'8)6>- ,177,&,774 (6nformation
technology ; 'ecurity techni=ues ; -ode of !ractice for information
security management)
r. 0')?B' 6'8)6>- ,177*&,77., 6'8)6>- ,177*&,774 (6nformation
technology ; 'ecurity Techni=ues ; 6nformation 'ecurity 2anagement
'ystems C $e=uirements)
2.3. Accessing a Copy
.. 'tored copies must be made available upon authorised
re=uest.
• The re=uest for stored data must be approved by an
authorised person nominated by Department 2anagement.
."vi (e)uests for stored data must include:
a. completion of a form that outlines the specifics of the re=uest, including
%hat copy is being re=uested, %here and %hen the re=uester %ould like
it delivered and %hy they are re=uesting the copy
b. ackno%ledgement that the backup copy %ill be returned promptly upon
completion of its use
c. acceptance of a return receipt (to be supplied by the courier) as
evidence that the backup copy has been returned.
1. 0 record of the physical movements of all backup copies
shall be maintained.
• !hysical movement of backup copies shall refer to&
a. the initial backup copy data and its transit to storage
b. any movement of backup copies from their storage location to another
location.
© Copyright 2011 The State of Western Australia ver 2011 Page 8 of 18
Department of . . . Backup and Recovery Policy
."vii The record of physical movements of backup
media shall include:
c. all identification information relating to the re=uested copies
d. purpose of re=uest
e. person re=uesting the copy
f. authorisation for the re=uest
g. %here the copy %ill be held %hile it is out of storage
h. %hen the copy %as released from storage
i. %hen the copy %ill be returned to storage.
2.4. Transporting a Copy
3. The 6nfrastructure 8perator shall develop procedures for the
handling and storage of information in order to prevent
unauthorised disclosure, misuse or loss.
."viii *edia in transit shall be protected from
unauthorised access, misuse or corruption,
including
a. sufficient protection to avoid any physical damage arising during transit
b. packed in accordance %ith manufacturer:s specifications.
."i" All personnel responsible for the
transportation of backup media shall have:
c. police clearance %ith evidence of bi;annual revie%
d. relevant identification
e. relevant authorisation.
."" +here special controls are re)uired, i.e. to
protect sensitive or critical information, the
following should be considered:
f. use of a secured container(s)
g. hand delivery
h. tamper;evident packaging
i. in e<treme cases, the delivery split and dispatched by separate routes.
© Copyright 2011 The State of Western Australia ver 2011 Page 9 of 18
Department of . . . Backup and Recovery Policy
2.5. Retention and Disposal of Copies
D. #ackup copies are to be maintained in accordance %ith the
Department:s $etention and Disposal 'chedule for backup
copies.
• The schedule %ill determine the status of the
information, as %hether it can be disposed, cycled back into production
or remain in archive storage.
*7. 0ll backup media shall be appropriately disposed.
• 92edia: refers to an object or device, such as a disk
or magnetic tape, on %hich data is stored.
.""i *edia used
a. by 6nfrastructure 8perator for backup purposes shall be of a high =uality
b. for backups must be replaced at appropriate fre=uency, i.e. every ,
years or as recommended by the media manufacturer.
2.6. Periodic alidation
**. >very =uarter the 6nfrastructure 8perator shall report on its
ability to recover data
• The ability to recover data shall be measured by&
a. inspection of the storage facility
b. ability to retrieve backup media sample (copies)
c. a backup recovery e<ercise.
.""ii The backup media recovery sample shall
include:
d. visual inspection of backup copies and media bo<es to ensure
safekeeping and secure transit. 'election should be from various bo<es
and include daily and %eekly backup copies
e. general comments relating to backup copy conditions
f. random selection of backup copies to measure integrity of stored media.
.""iii nspection of the storage facility will culminate
in the creation of a *edia 'torage
#nvironmental (eport, which includes issues
such as:
g. site security
h. climate control including temperature and humidity
i. date of last fire system revie%
© Copyright 2011 The State of Western Australia ver 2011 Page 10 of 18
Department of . . . Backup and Recovery Policy
j. potential for flood inundation
k. general comments relating to any environmental issues.
• The ability to recover data shall be reported to the
Department via the monthly reporting system and in the =uarterly
6nfrastructure $eport.
© Copyright 2011 The State of Western Australia ver 2011 Page 11 of 18
Department of . . . Backup and Recovery Policy
*% Summary of Responsibilities
3.1. !nformation Ser"ices
Information Services is responsible for:
a. providing ade=uate operational resources for data backup and testing of
media
b. instructing appropriate staff in data backup and recovery procedures
c. ensuring the data backup and recovery procedures are follo%ed
d. ensuring only authorised people %ith sufficient kno%ledge conduct
backup and recovery processes
e. outlining the roles and responsibilities relating to backups in Department
job descriptions
f. establishing measurements to ensure that 'ervice Eevel 0greement
re=uirements are met.
3.2. Department Staff
Department staf are responsible for:
a. 'toring department data on the net%ork
b. performing independent backups of Department data stored on
decentralised or non;net%orked systems.
3.3. !nfrastr#ct#re $perator
The Infrastructure Operator is responsible for:
a. developing procedures that conform %ith this policy
b. maintaining backup and recovery procedures in accordance to changes
to 6T systems
c. documenting e<ceptions in their procedures for event;dependent
backups, such as after the processing of certain transactions or the
e<ecution of programs after system modification
d. ensuring only authorised people make, transmit and restore backups
e. appointing people %ith sufficient kno%ledge specifically for the role of
backup and recovery
f. ensuring that documentation regarding backup and recovery processes
is sufficient to allo% a substitute to carry out data restoration
g. recovering media from the offsite storage facility, including after hours
h. randomly testing copies to ensure that the information stored on them is
still recoverable
i. recovering lost data reliably and %ithin defined timeframes as per the
6nfrastructure 'ervice Eevel 0greement
j. a process for redressing backup failures
k. reporting to the Department backup failures and corrective action taken
l. providing regular reports on the status of the storage facility and
environment.
© Copyright 2011 The State of Western Australia ver 2011 Page 12 of 18
Department of . . . Backup and Recovery Policy
0% References and Attac2ments
4.1. References
a. 0')?B' 6'8)6>- ,177,&,77., 6'8)6>- ,177,&,774 (6nformation
technology ; 'ecurity techni=ues ; -ode of practice for information
security management)
b. 0')?B' 6'8)6>- ,177*&,77., 6'8)6>- ,177*&,774 (6nformation
technology ; 'ecurity Techni=ues ; 6nformation 'ecurity 2anagement
'ystems C $e=uirements).
c. 6'8)6>- ,,/DD&,771 Fuideline for incident preparedness and
operational continuity management
d. 6'8)6>- ,+1.,&,773 Fuidelines for information and communications
technology disaster recovery services
4.2. Attac%ments
a. nil
© Copyright 2011 The State of Western Australia ver 2011 Page 13 of 18
Department of . . . Backup and Recovery Policy
3% Associated Processes
This section is included for convenience, but is not part of the policy.
5.1. &#siness Contin#ity plans
*,. Department business units are responsible for creating
#usiness -ontinuity !lans (#-).
• 9#usiness -ontinuity: means the strategy used to
ensure the Department can carry on its functions to a substantial degree
in the face of a major adverse event (such as fire, flood, storm,
e<plosion, po%er outage) until recovery of systems is achieved.
.""iv n preparing ,usiness -ontinuity &lans, the
,usiness .nits should
a. 6dentify scenarios for a range of plausible adverse events
b. Document internal key personnel, and backups for those persons, and
identify those %ho can %ork from remote sites
c. Document e<ternal contacts %ho can assist in providing alternative
services
d. Document critical e=uipment, including non;computer (eg
communications lines, specialist printers) facilities
e. 6dentify critical documents
f. 6dentify contingency e=uipment options
g. 6dentify contingency locations
h. 6dentify possible manual substitutions and %orkarounds for information
systems
i. !roduce a plan detailing steps to take to maintain business activities,
%ith responsibilities assigned, %here necessary adjusting the steps for
the different scenarios
j. !ut the information together, and store it in multiple repositories that %ill
still be available if systems are do%n or there is limited access to
%orksites
k. -ommunicate these plans and make them available to staff.
• 6nformation 'ervices %ill assist business units %ith
the information, communication and technology aspects of their
business continuity plans.
© Copyright 2011 The State of Western Australia ver 2011 Page 14 of 18
Department of . . . Backup and Recovery Policy
5.2. Disaster reco"ery plans
*/. Department business units are responsible for creating
Disaster $ecovery !lans.
• 9Disaster: means a major event that causes a
significant proportion of the Department:s information systems to
become unavailable, or to lose some degree of functionality, for a
significant period of time.
• 9$ecovery: means the process of restoring
information system functions to a degree that allo%s the Department to
carry out its functions at an acceptable level %ithin an agreed timeframe.
.""v The Disaster (ecovery &lan (D(&) should be
prepared by the Disaster (ecovery
-ommittee, which should include
representatives from all critical sections or
areas of the department/s functions.
.""vi The D(& must specify
a. 2embership of the Disaster $ecovery committee (in terms of job roles)
b. >ach person:s D$ functions, especially the job title or the person to be
named as $ecovery -oordinator
c. -riteria for defining levels of disaster, especially %hat level of
interruption re=uires activation of the disaster plan
d. -ommunication methods to be used
e. Training re=uired, immediate and ongoing, in terms of skills needed to
perform disaster recovery
f. Ghich information services %ill need to be restored, in %hat order and to
%hat level of functionality
g. Ghat resources need to be, and have been, set aside in terms of
• duplicate e=uipment
• data backups
• physical locations available for personnel and e=uipment
• %here e<tra specialist personnel %ill be obtained
• %hat contracts are in place for this.
• 6nformation 'ervices %ill assist business units %ith
the information, communication and technology aspects of their disaster
recovery plans.
© Copyright 2011 The State of Western Australia ver 2011 Page 15 of 18
Department of . . . Backup and Recovery Policy
5.3. Testing Disaster Reco"ery and Contin#ity Plans
*+. #usiness -ontinuity !lans and Disaster $ecovery !lans
must be tested to verify correct operation of processes and
ade=uate restoration of services.
.""vii The Department0s D(& and ,-& must be
a. tested at regular intervals to ensure that they remain relevant and
effective.
b. periodically updated and maintained to adjust for ne% and changed
systems, infrastructure and circumstances.
• 6nformation 'ervices %ill assist business units %ith
the information, communication and technology aspects of testing and
validation.
© Copyright 2011 The State of Western Australia ver 2011 Page 16 of 18
Department of . . . Backup and Recovery Policy
4% Approval, Dele5ations and ,aintenance
6.1. Appro"al
><ecutive Director, -orporate 'ervices
?ame&
'ignature&
Date&
6.2. 'aintenance and Re"ie(
$esponsible 8fficer
!osition& Director, 6nformation 'ervices
(ile $eference& DDDD)DDDD
$evie% Date& ,7*,
© Copyright 2011 The State of Western Australia ver 2011 Page 17 of 18
Department of . . . Backup and Recovery Policy
6% (otes for A5encies adaptin5 t2e ,odel Policy
The 6nter 0gency 6nformation 'ecurity 2anagement Froup suggests that agencies
consider&
a. Ghether they %ish to remove the procedural elements of this document
and create a separate procedure document
b. Ghether to crate a separate #usiness -ontinuity policy.
© Copyright 2011 The State of Western Australia ver 2011 Page 18 of 18
