S 6.74 Emergency archive

Initiation responsibility: Head of IT, Top Management

Implementation responsibility: Head of IT

An emergency archive contains the backup data needed to restore the overall system to a consistent state.

Under no circumstances should it be possible for this backup data to be destroyed by an event that also destroys the production data. The backup data must be available and accessible even after a catastrophic event, i.e. it must be possible to access the backup data media and transport them within the time frame stated in the plan as being available for recovery. Storing the data media in a data media safe or a data media security archive alone is not adequate for the following reasons:

• It may be impossible to access the data media due to rubble, for example.
• The location affected by the damage may be cordoned off by the fire department or other investigators for several days.
• It may be completely impossible to enter the area because there is a danger the building could collapse, for example.

To resolve these problems, the backup data media should be stored externally.

The following options can be considered in this case:

• The emergency archive could be set up in another part of the building (generally two fire zones away) or in a completely different building. The data media with the backup data must be transported promptly to the emergency archive in this case. The data backups stored there also need to be protected against unauthorised access and sabotage. Depending on the risk situation, it could be necessary to consider protection against fire, smoke and fumes, water, and destruction by magnetic fields. For this reason, the data backups could be stored in a data safe of a suitable class or in a data backup media archive.

• No data media are transported to the off-site storage location and the data backups are transmitted over communication routes to a robotic library system or to a remote hard disk mirroring system. Fibre optic links should be used for large amounts of data since they permit higher data rates and longer transmission routes. To increase the availability even further when using this solution, consideration should be given to using redundant cable routes (see also S 6.18 Provision of redundant lines).

The emergency archive can also be operated by an external service provider who offers both data transfer as well as data storage. In an emergency, such companies can also supply the hardware components needed to temporarily take over the processing of information. When selecting the external service provider, agreements and rules regarding the exact scope of services to be provided and security safeguards to be taken must be made (see S 5.87 Agreement regarding connection to third party networks).