This policy is not designed to use systems backup for the following purposes:

Transcription

1 Number: AC IT POL 003 Subject: Backup and Restore Policy 1. PURPOSE The backup and restore policy establishes the need and rules for performing periodic system backup to permit timely restoration of Africa Centre information assets in the case of system malfunction, accidental deletion, intentional destruction or natural disaster. This policy is not designed to use systems backup for the following purposes: 2. SCOPE To archive data for future reference To maintain a versioned history of data This policy applies to all information assets stored on servers owned, leased, operated or maintained by the Africa Centre. 3. POLICY 3.1. Persons in charge Each data backup process should have at least one primary person in charge and one substitute Data backup is a critical security measure thus the relevant persons in charge should be committed in writing to adherence to this backup policies The person in charge will be responsible for the development and implementation of the backup procedures on per server basis as defined in section 7.1 in accordance with the best practices described in section 3.2 to section Frequency Differential backups will be performed daily Differential backups will be saved for a full week A full systems backup will be performed weekly Weekly backups will be saved for a full month. Page 1 of 6

2 The last weekly backup of the month will be marked as a monthly backup Monthly backups will be saved for 4 months Storage, access and security Legible, unique labels shall be placed on all backup media Daily incremental backup shall be stored in an adjacent building in a fireproof safe Monthly backup shall be stored in a secure location at least 10 km away from the server room Proper environment controls, temperature, humidity, fire protection and low level of electro magnetic radiation shall be maintained at the storage location During transport or changes of media, media shall not be left unattended Read only access to backup data is restricted to the persons in charge who have responsibility for recovering the data. Write access is granted only to the batch job creating the copy Backup verification The backup software should capture a list of all files and directories encountered and saved to tape. Logs should contain information about successful backups, tapes that were left in place accidentally and overwritten, when and where the tapes were sent offsite, the success or failure of restore tests and bad tapes encountered which may affect the ability to obtain files from previous backup On a daily basis, logged information generated from each backup job will be sent by to data custodians and persons in charge and reviewed for the following purposes: To check for and correct errors To monitor duration of the backup job To optimize backup performance 3.5. Testing The ability to restore data from backups shall be tested at least quarterly It must at least once be proven that complete data restoration is possible (e.g. all data contained in a server must be installed on an alternative server using substitute reading equipment to the data backup writing equipment). This ensures reliable testing as to whether: Data restoration is possible The data backup procedure is practicable. Page 2 of 6

3 There is sufficient documentation of the data backup, thus allowing a substitute to carry out the data restoration if necessary The time required for the data restoration meets the availability requirements The person in charge must maintain records demonstrating the review of logs and test restores so as to demonstrate compliance with this policy for auditing purposes Training All persons in charge of data backup should receive adequate training on the data backup process, data restoration process, media rotation, retention and storage Regular refresher, motivation campaigns and adherence checking on data backup must be conducted 3.7. Request for Restoration Users that need files restored must submit a request to the help desk with information about the file creation date, the name of the file, the last time it was changed, and the date and time it was deleted or destroyed Tape Drive Cleaning Tape drives shall be cleaned monthly The cleaning tape shall be changed when they reach the maximum number of cleanings as per manufacturer recommendation Retirement and Disposal of Media The date each tape was put into service shall be recorded on the tape Tapes that have been used longer than two years shall be discarded and replaced with new tapes Prior to tape retirement or reuse for other purpose, the person in charge will ensure the following: The media no longer contains active backup images or that any active backup images have been copied to other media The media s current or former contents can not be read or recovered by an unauthorized party Prior to tape disposal, the person in charge will ensure the physical destruction of the media. Page 3 of 6

4 4. REFERENCES N/A 5. DEFINITIONS/ABBREVIATIONS 5.1. Backup: To back up data is to copy them to another medium so that, if the active data are lost, they can be recovered in a recent if not completely current version. Backup is primarily intended for disaster recovery, and the assumption is that in most cases the backed up data will not be read Archive: To archive data is to move them to another medium for long term storage. Archive is intended for the storage of data that do not need to be kept immediately accessible, but which may possibly be needed at some point in the future Restore: The process of bringing off line storage data back from the offline media and putting it on an online storage system such as a file server Full data backup: With this procedure, all data requiring backup are stored on an additional data medium without consideration as to whether the files have been changed since the last backup. For this reason, full data backup requires a high storage capacity. Its advantage is the simple and quick restoration of data due to the fact that only the relevant files need to be extracted from the last full data backup. If full data backups are carried out infrequently, extensive changes to a file can result in major updating requirements 5.5. Incremental data backup: In contrast to full data backup, this procedure simply stores the files which have been changed since the last (incremental or full) backup. This saves storage capacity and shortens the time required for the data backup. The restoration time for data is generally high, as the relevant files must be extracted from backups made at different stages. Incremental data backups are always based on full data backups and should be interspersed periodically by full data backups. During restoration, the last full backup is taken as a basis which is then extended with the updates from subsequent, incremental backups Differential data backup: This procedure stores only the files that have been changed since the last full data backup. A differential backup requires more memory space than an incremental backup but the files can be restored quicker and easier. For restoration of data, the last full data backup will suffice as will the most recent differential backup. This is not the case with an incremental backup, since under some circumstances many data backups must be read one after the other. Page 4 of 6

5 6. APPENDICES 6.1. Backup procedures on a per server basis The person in charge will document and implement backup procedures on a per server basis that define: 1. Influential factors o Specifying the data to be backed up o Data availability requirements o Effort required for data reconstruction without data backup o Data volumes o Modification volumes o Modification times o Deadlines o Confidentiality requirements o Integrity requirements o Knowledge and data processing competence of users 2. Data backup a. Specifications for each backup type Type of data backup Frequency and times of data backup Number of generations Tape identification Responsibility for data backup Storage location for backup copies Reconstruction times for the existing data backup system b. Determining procedures of data restoration by type c. Identify operational reading device Sign-off by Africa Centre data custodians and data owners DOCUMENT CONTROL Document Information Document Title Backup and Restore Policy Version 1.2 Page 5 of 6

6 Status Approved First Issued Maintained by Head of IT Revision History Version Date Details Page 6 of 6