Module-3

Information Security Management

DATA BACKUP
 Backup
• Activity of copying files or databases so that they will
be preserved in case of equipment failure or other
catastrophe.
• Retrieval of files you backed up I called restoring
• All electronic information considered of institutional
value should be copied onto secure storage media on
a regular basis (i.e., backed up), for disaster recovery
and business resumption.
• Allows business processes to be resumed in a
reasonable amount of time with minimal loss of data
 Types of Backup
• Full backup
• Incremental backup
• Differential backups
• Mirror backup
• Full PC backup
• Local backup
• Online backup
• Remote backup
• Cloud backup
• FTP backup
• Full backup
– Backup all files and folders
– initial or first backup followed with subsequent
incremental or differential backups
– Adv:
• Restores are fast and easy to manage as the entire list of
files and folders are in one backup set.
• Easy to maintain and restore different versions
– Disadv:
• take very long as each file is backed up again every time the
full backup is run
• Consumes the most storage space compared to incremental
and differential backups.
• Incremental backup
– backup of all changes made since the last backup
– one full backup is done first and subsequent backup
runs are just the changed files and new files added
since the last backup.
– Adv:
• Much faster backups
• Efficient use of storage space as files is not duplicated
– Disadv:
• Restores are slower than with a full backup and differential
backups.
• Restores are a little more complicated
• Differential backups
– fall in the middle between full backups and
incremental backup
– backup of all changes made since the last full
backup
– one full backup is done first and subsequent backup
runs are the changes made since the last full backup
– Adv:
• Much faster backups then full backups
• More efficient use of storage space then full backups
since only files changed since the last full backup will be
copied on each differential backup run.
• Disadv:
– Backups are slower then incremental backups
– Not as efficient use of storage space as compared
to incremental backups.
– Restores are slower than with full backups.
– Restores are a little more complicated than full
backups but simpler than incremental backups.
• Mirror backups
– mirror of the source being backed up
– when a file in the source is deleted, that file is
eventually also deleted in the mirror backup
– Adv:
• The backup is clean and does not contain old and obsolete
files
– Disadv:
• files in the source deleted accidentally, by sabotage or
through a virus may also be deleted from the backup mirror
• Full PC backup
– backup of full computer backup typically involves backing
up entire images of the computer’s hard drives rather than
individual files and folders.
means entire h/w
– restore the hard drives to its exact state when the backup
was done
– sometimes called “Drive Image Backups”
– Adv:
• A crashed computer can be restored in minutes with all programs
databases emails etc intact. No need to install the operating
system, programs and perform settings etc.
– Disadv:
• Any problems that were present on the computer (like viruses, or
mis-configured drivers, unused programs etc.) at the time of the
backup may still be present after a full restore
• Local Backup:
– storage medium is kept close at hand
– Adv:
• Offers good protection from hard drive failures, virus
attacks, accidental deletes and deliberate employee
sabotage on the source data.
• Very fast backup and very fast restore
• Storage cost can be very cheap when the right storage
medium is used like external hard drives
• Data transfer cost to the storage medium can be negligible
or very cheap
• Full internal control over the backup storage media and the
security of the data on it. There is no need to entrust the
storage media to third parties.
• Disadv:
– does not offer good protections against theft, fire,
flood, earthquakes and other natural disasters
• Offsite backup:
– Any backup where the backup storage medium is kept
at a different geographic location from the source
– Adv:
• Offers additional protection when compared to local
backup such as protection from theft, fire, flood,
earthquakes, hurricanes and more.
– Disadv:
• it requires more due diligence to bring the storage media to
the offsite location
• May cost more as people usually need to rotate between
several storage devices
• Online Backup:
– a backup done on an ongoing basis to a storage medium
that is always connected to the source being backed up
– “online” refers to the storage device or facility being
always connected.
– does not involve human intervention to plug in drives and
storage media for backups to run
– Adv:
• Offers the best protection against fires, theft and natural
disasters.
• Because data is replicated across several storage media, the risk
of data loss from hardware failure is very low
• Because backups are frequent or continuous, data loss is very
minimal compared to other backups that are run less frequently.
• requires little human or manual interaction after it is setup.
• Disadv:
– expensive option then local backups.
– Can be slow to restore.
– Initial or first backups can be a slow process
spanning a few days or weeks depending on
Internet connection speed and the amount of data
backed up.
• Remote Backup:
– form of offsite backup with a difference being that you
can access, restore or administer the backups while
located at your source location or other physical location.
– refers to the ability to control or administer the backups
from another location.
– Adv:
• Much better protection from natural disasters than local
backups.
• Easier administration as it does not need a physical trip to the
offsite backup location.
– Disadv:
• More expensive then local backups
• Can take longer to backup and restore than local backups
• Cloud backup
– Loosely and interchangeably with Online Backup and Remote
Backup
– data is backed up to a storage server or facility connected to
the source via the Internet
– “cloud” refers to the backup storage facility being accessible
from the Internet
– Adv:
• offers protection from fire, floods, earth quakes and other natural
disasters.
• Able to easily connect and access the backup with just an Internet
connection
• service is managed and protection is un-paralleled.
– Disadv:
• More expensive then local backups
• Can take longer to backup and restore
• FTP backup
– backup is done via the File Transfer Protocol (FTP)
over the Internet to an FTP Server.
– Adv:
• it offers protection from fire, floods, earth quakes and
other natural disasters.
• Able to easily connect and access the backup with just
an Internet connection.
– Disadv:
• More expensive then local backups Can take longer to
backup and restore.
• Backup and restore times are dependent to the
Internet connection
 Backup Procedures
• 3-2-1 rule
– 3 copies of any important file (a primary and two
backups)
– files on 2 different media types (such as hard drive
and optical media), to protect against different
types of hazards
– 1 copy should be stored offsite (or at least offline)
• data backup procedures must include
– frequency,
– data backup retention – must meet the system and
institutional recommendations of the critical data
– testing – restoration of backup data must be performed and
validated of all media types.
– media replacement – based on manufacturer
recommendations we’ll replace the storage device.
– recovery time – defined by the mnufacturer, how long it will
take to restore the data.
– roles and responsibilities – who has
• Local data backup procedures must include
– Data Backup Retention. Retention of backup data must meet
System and institution requirements for critical data
– Testing - Restoration of backup data must be performed and
validated on all types of media in use periodically.
– Media Replacement - Backup media should be replaced
according to manufacturer recommendations.
– Recovery Time - The recovery time objective (RTO) must be
defined and support business requirements.
– Roles and Responsibilities - Appropriate roles and
responsibilities must be defined for data backup and restoration
to ensure timeliness and accountability
• Offsite Storage - Removable backup media taken offsite must be
stored in an offsite location that is insured and bonded or in a
locked media rated, fire safe
• Onsite Storage - Removable backup media kept onsite must be
stored in a locked container with restricted physical access.
• Media Destruction - How to dispose of data storage media in
various situations.
• Encryption - Non-public data stored on removable backup media
must be encrypted.
• Third Parties - Third parties' backup handling & storage procedures
must meet System, or institution policy or procedure requirements
related to data protection, security and privacy.
 Definitions
• Archive:
– collection of historical data specifically selected for long-term retention and
future reference
• Backup:
– A copy of data that may be used to restore the original in the event
the latter is lost or damaged beyond repair.
• Critical Data:
– Data that needs to be preserved in support of the institution's ability
to recover from a disaster or to ensure business continuity
• Data:
– Information collected, stored, transferred or reported for any
purpose, whether in computers or in manual files
• Destruction:
– Destruction of media includes: disintegration, incineration, pulverizing,
shredding, and melting. Information cannot be restored in any form following
destruction.
• Media Rated, Fire Safe:
– A safe designed to maintain internal temperature and humidity levels low
enough to prevent damage to CDs, tapes, and other computer storage devices in
a fire.
• Information Technology Resources:
– Facilities, technologies, and information resources used for System
information processing, transfer, storage, and communications.
• Recovery Point Objective (RPO):
– Acceptable amount of service or data loss measured in time. The RPO is the
point in time prior to service or data loss that service or data will be
recovered to.
• Recovery Time Objective (RTO).
– Acceptable duration from the time of service or data loss to the time of
restoration
 Types of storage
• Local storage options
– External hard drive
– Solid state drive (SSD)
– Network attached storage
– USB thumb drive or flash drive
– Optical drive(CD/DVD)
• Remote storage options
– Cloud storage
Features of a good backup storage
• features to aim for when designing your backup strategy:
– Able to recover from data loss in all circumstances like hard
drive failure, virus attacks, theft, accidental deletes or data
entry errors, sabotage, fire, flood, earth quakes and other
natural disasters.
– Able to recover to an earlier state if necessary like due to data
entry errors or accidental deletes.
– Able to recover as quickly as possible with minimum effort,
cost and data loss.
– Require minimum ongoing human interaction and
maintenance after the initial setup. Hence able to run
automated or semi-automated
• Planning your backup strategy:
– What to backup?
– Where to backup?
– When to backup?
– Backup types
– Compression & encryption
– Testing your back up
– Backup utilities & services