S 6.32 Regular data backup

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: User, Administrator

In order to avoid irretrievable losses of data, regular backups of the data must be made. In most computer systems, the backup process can be automated for the most part. Rules must be defined to specify which data must be saved by whom at what time.

At a minimum, the data that cannot be derived from other information must be backed up regularly. Documentation, program descriptions, and descriptions of the program procedures must be available according to S 2.111 Keeping manuals at hand.

It is recommended to create a data backup policy.

The following must be specified depending on the amount and importance of the data requiring backup and on the possible damage when this data is lost:

• interval
  
  Examples: daily, weekly, monthly
• time
  
  Examples: nights, Friday evenings
• number of generations to be stored
  
  Example: When a full backup is performed daily, the last seven backups will be placed in storage as well as the Friday evening backups of the past two months.
• extent of the data to be backed up
  
  The simplest way to back up data is to define partitions and/or directories that will be backed up regularly. A suitable differentiation can make it easier to obtain an overview and help to save time and money.
  
  Examples: files created by the users and individual configuration files
• data media (depending on the amount of data)
  
  Examples: tapes, cassettes, CDs or DVDs, hard disks
• deletion of all data on a data medium prior to reuse (e.g. for tapes or cassettes)
• person responsible for implementation (administrator, users)
• person responsible for monitoring the backups, especially in the case of automatic backups (error messages, storage capacity remaining on the data media)
• documentation of the backups generated (date, type of backup procedure and parameters selected, data media labels)

Due to the large amount of time and effort involved in making full backups, it is generally only possible to make one full backup per day at the most. It is not possible in this case to restore the data generated since the last backup. For this reason and to reduce costs, differential or incremental backups should be made at regular intervals between full backups. Information on the different types of data backups can be found in S 6.35 Stipulating data backup procedures.

Differential or incremental backups can be made more frequently, for example immediately after creating important files or simply several times per day. Compatibility with current operations must be ensured.

A separate decision must be made regarding the software used stating whether or not it needs to be backed up during regular data backups. The decision depends, for example, on how much work is required to reinstall the software and then reinstall all patches and updates. Under some circumstances, it will suffice to make backup copies of the original data media.

Tests must be performed regularly to determine if the data backup functions as desired, and in particular if the data backed up can also be restored without any problems.

All users should be informed of the data backup rules so that they can point out any shortcomings (e.g. in case the backup intervals are too short for their requirements) or take additional action on an individual basis (e.g. temporary mirroring of essential data on their own disk). It is also important to inform users as to how long the data backup will be retained, and therefore how long the data will be available should it need to be restored. If, for example, data is lost in a system where only two generations are stored and a full backup is performed once a week, the data will only be available for restoration for two to three weeks, depending on when the data was lost.

If a computer network is installed and backups are only made of the server disks, it must be ensured that the data to be backed up is transferred to the server disks regularly, either by the users or automatically. When major changes are made to the information system or to individual IT systems, the data backup process must be modified accordingly.

Confidential data should be encrypted prior to backup, if possible, with the need to take into account that encryption must also be possible after a longer period (see S 6.56 Data backup when using cryptographic methods).

Printing the data on paper is not considered an appropriate way to back up data.

Review questions:

• For confidential data, possibly also when outsourcing the backups: Is the backed up data stored in an encrypted format?
• Is at least the data that cannot be derived from other information backed up regularly?
• Were the organisational and technical details of the data backup procedure specified?
• Does the procedure specified for data backups meet the availability requirements?
• Were the users informed of the procedures defined for performing data backups?
• Are tests conducted regularly to check if the data backed up can be restored without any problems?