AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Main purpose of a data backup policy12/10/2023 How much redundancy you want or need is dictated by how much time, money, and equipment you’re willing to invest. Some businesses make a point to rotate their backups periodically to make sure that even if one backup fails, another can take its place. Also think about whether you need a backup of your backup. Most backup systems work by backing up all of your data once, and then incrementally updating only what’s changed or new. The best time to backup is whenever data changes, so a continuous backup system is the best. So it’s important to talk to your service provider to ensure that your company is protected from a criminal accessing their site to destroy your data. One item to note - criminals who infect your systems with ransomware are now turning to deleting backups. This section would cover backups at a remote location by a service provider. In this section of the document define the periodicity of backups. For this reason, it is critical to capture the date of origin of the data (like in the file name), such as BalanceSheetNCSS0123118. The “Data Protection Act” requires personal data processed for any purpose “shall not be kept for longer than necessary for the purpose.” This act states the maximum period of retention is regarded as 5 years. Ensure these storage devices are locked up.įive years is usually the maximum time required to keep data. Some small businesses routinely store a copy on removable hard drives. Plan to have your data stored locally and an offsite location. Remember that having your business data only in the cloud is a single point of failure. For example, if your accountant submits financial records for monthly or yearly closeout, define how your staff would store it and where - there might be a local file copy and a backup copy at an offsite location. Access to these files should also be controlled through access control procedures – like identity authentication and verification (login in name, password, as well as two factor authentication).ĭefine the procedures your employees must use to back up data. This data will need to be encrypted whether it is stored locally or offsite. During the data audit, your team should identity all sensitive data that needs to be maintained and backed up. Financial records, customer records, tax forms, sales records, websites files, software, and project plans are all examples of critical data to back up. It is a good time to brush off your data inventory audit - which should list all the data your store, the sensitivity and controls to protect it.Īny data that’s critical to keeping your business running should be backed up. In this section, define the means by which your workforce backs up your business data. Often businesses who are prone to weather outages from hurricanes, floods or other natural disasters, back up their data outside the threat prone area. A service provider may use tapes or other means to store the data. These backup services typically copy all data after the end of the business day. A remote site could be in another state or county. An offsite location is helpful in the event the business location is compromised by fire, vandalism or theft. In this section, define what should be stored offsite, how often it is backed up, where the storage location is and the provider of the service. ISO 15489-1:2016, is the international standard for record management and defines the principles and approaches to create, capture and manage records. Define the structure of the file - often businesses use record management procedures to name the files. In this section of the policy document, establish the methodology and location of where employees should store business data locally such as a server. NEVER ALLOW employees to store business data on their personal device. In this section provide guidance on what employees can and cannot store on their workstations, laptops and personal devices. Explain how employees are to use the following storage locations and what should be stored at each location. This policy template focuses on codifying your backup strategy.ĭefine your backup strategy in the policy. To provide a template that can be modified for your company’s use in developing a Data Backup Policy.
0 Comments
Read More
Leave a Reply. |