S 2.138 Structured data storage

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: User, Administrator

Poorly structured data storage can lead to a wide variety of problems. For this reason, all IT users should be instructed on how to store data in clear, well-structured patterns. Appropriate structures should be specified by the administrators on all servers. This is also a prerequisite for achieving a differentiated allocation of access rights.

Program and work files should always be stored in separate sectors. This provides a clear overview and also makes it easier to perform data backups and ensure correct access protection. In the case of most application programs, no or only very few configuration files are modified following installation. If possible, all files which are modified regularly should be stored in separate directories so that only these directories need to be included in the regular data backups.

When programs and data are separated clearly, it is sufficient to include the data in the regular data backups. It is important to store and secure work files carefully; they can thus also be processed on other systems if necessary.

In the case of networked systems, it is also necessary to determine which programs and files should be stored on local hard disks or on a network server. Both options have advantages as well as disadvantages and must be evaluated in accordance with the existing organisational structure as well as the hardware and software in use. For example, files which need to fulfil high availability requirements and the related application programs should be stored on workstation computers instead of the network server. In this case, appropriate contingency planning measures also need to be implemented for these workstation computers.

Task-specific or project-specific directories should be created in order to facilitate the allocation of files. As few files as possible should be stored in personal directories.

To prevent the existence of different versions of basic files required for ongoing activities, such as letter templates, forms, project plans etc., such files should be managed centrally. For example, these files should be stored on a server so that all users have read access to them, but only one person is authorised to modify each individual file.

The following example shows how data can be structured on a server by specifying directory paths:

\
\bin
\bin\program1
\bin\program2
\bin\program3
\user
\user\user1
\user\user2
\projects
\projects\p1
\projects\p1\texts
\projects\p1\images
\projects\p2
\projects\p2\projectplan
\projects\p2\sub-project1
\projects\p2\sub-project2
\projects\p2\sub-project3
\projects\p2\result
\standard forms

A regular check is required as to whether

These checks should be performed regularly by users on their IT systems and the directories managed by them, and by the server administrators. The checks should be made at least once every three months; otherwise employees will no longer be able to recall the contents and origin of the files.

Review questions: