Backup and Recovery Policy

2.Policies and Procedures

2.1.Protecting Department Data

1. 
   _{Department data will be protected by regular backups.}
   

• 
  ‘data’ means any stored information, including:
  

1. 
   ‘Department data’ which means all Department business related information created, received or maintained by the Department in the course of conducting its business activities, including
   

• 
  ‘systems data’ which means all operating system files, programmes and configurations
  
• 
  ‘application data’ which means all application files, programmes and configurations
  
• 
  ‘network protocol data’ which means all network files, programmes, configurations and log files that monitor system traffic.
  

• 
  ‘backup’ means a copy of data for safekeeping in case the original is lost or damaged, including:
  

2. 
   ‘incremental backup’ which means the backup of data that has been altered since the last backup
   
3. 
   ‘full backup’ which means a backup of all data regardless of whether files have been altered since the last backup.
   

• 
  ‘business day’ means any normal working day
  

4. 
   ‘non-business day’ and ‘non-working day’ mean a weekend or public holiday and backups shall be performed the previous business day.
   

• 
  ‘Infrastructure Operator’ means the contractor holding the contract for the support of Department technology infrastructure, including server, desktop, network and security services management.
  

1. 
   All Department data, systems data, application data and network (protocol) data shall be protected by backup at the end of each business day.
   
2. 
   The backup scheme varies to meet operational needs, but is generally:
   

5. 
   servers backed up to a local tape drives are backed up in full each work day
   
6. 
   servers that are backed up to a network drive are backed up incrementally each work day and in full once a week.
   

1. 
   The Infrastructure Operator shall develop procedures to comply with this policy, including:
   

7. 
   all software, whether purchased or developed, is to be protected once by means of a full backup
   
8. 
   systems data must be protected with a full backup each work day
   
9. 
   network protocol data must be protected with a backup each work day
   
10. 
    application data must be protected with a backup each work day.
    

1. 
   The backup scheme for application data is in general:
   

11. 
    daily backups for normal office operations are performed out of office hours Monday through Thursday and can be overwritten one week after creation
    
12. 
    daily backups for 24x7 operations are performed Saturday through Thursday and can be overwritten one week after creation
    
13. 
    weekly backups are performed out of office hours on Fridays and may not be overwritten within one month of their creation date.
    

1. 
   The archive scheme is in general:
   

14. 
    the end-of-month backup tape is archived and stored indefinitely
    
15. 
    the year end backup tape is archived and stored indefinitely where the archive set is
    

• 
  a complete set of verified, successful end-of-month backups
  
• 
  taken at both the end of the financial year (to coincide with end-of-financial-year reporting) and at the end of the calendar year.
  

1. 
   The retention schedule for backups includes:
   

16. 
    end of financial year backups must be kept for 7 years for statutory purposes
    
17. 
    personnel information shall be kept for 71 years from a person’s date of birth
    

1. 
   The Infrastructure Operator shall maintain a log of all backups undertaken.
   

1. 
   _{Exceptions to the standard process must be approved by the Director, Information Services.}
   

1. 
   The approved exception for email is:
   

1. 
   Email traffic (daily incremental and weekly full backups OR journals) are retained indefinitely.
   

1. 
   _{Department data created on non-networked workstations must be saved to the Encrypted Files folder.}
   

• 
  ‘Non-networked workstations’ refers to workstations that are not always connected to the Department computer system network.
  

1. 
   The Encrypted folder:
   

1. 
   is located on the C: drive
   
2. 
   is the only encrypted directory on a standard workstation.
   

1. 
   The Encrypted folder is backed up
   

3. 
   each time a workstation is connected to the Department network
   
4. 
   after the user is prompted to confirm the backup and selects the ‘OK’ button.
   

1. 
   The Encrypted folder cannot be backed up unless the workstation is connected to the network.
   

1. 
   _{The Department will not explicitly or deliberately exclude non-department data from its backup regime.}
   

• 
  ‘Non-department data’ includes all data on department facilities that is not department data, including
  

1. 
   personal data
   
2. 
   temporary files.
   

1. 
   Non-department data
   

3. 
   may be backed up when department data is backed up
   
4. 
   that is backed up will not be recovered through the recovery process.
   

2.2.Storing a Copy

1. 
   _{Backup copies must be stored in an environmentally protected and access controlled secure offsite location.}
   

• 
  An environmentally protected and access controlled secure offsite location refers to
  

1. 
   physical site security
   
2. 
   physical access
   
3. 
   storage management.
   

1. 
   Physical site security shall include:
   

4. 
   monitored security services, i.e. alarmed to a certified security organisation
   
5. 
   installation of appropriate fire detection devices
   
6. 
   secured windows, e.g. bars/alarmed
   
7. 
   ram bars across roller doors
   
8. 
   a fire rated secured vault for storage of backup copies
   
9. 
   relevant Quality Assurance accreditation, including evidence of annual review
   
10. 
    police clearance for all personnel managing the service, with evidence of bi-annual review.
    

1. 
   Storage management shall include:
   

11. 
    security policies and procedures on the retention and retrieval of data storage
    
12. 
    justification of cost analysis versus benefits for the storage management service provided, upon request
    
13. 
    defined retention periods and storage terms
    
14. 
    media library management procedures, including contents of media library
    
15. 
    verifying integrity of stored media, including measures to detect, prevent and recover from physical media defects
    
16. 
    regular audit reviews, including evidence of review and action taken.
    

1. 
   Offsite storage management shall comply with the relevant components of standards such as:
   

17. 
    AS/NZS ISO/IEC 27002:2006, ISO/IEC 27002:2005 (Information technology - Security techniques - Code of Practice for information security management)
    
18. 
    AS/NZS ISO/IEC 27001:2006, ISO/IEC 27001:2005 (Information technology - Security Techniques - Information Security Management Systems – Requirements)
    

2.3.Accessing a Copy

1. 
   _{Stored copies must be made available upon authorised request.}
   

• 
  The request for stored data must be approved by an authorised person nominated by Department Management.
  

1. 
   Requests for stored data must include:
   

1. 
   completion of a form that outlines the specifics of the request, including what copy is being requested, where and when the requester would like it delivered and why they are requesting the copy
   
2. 
   acknowledgement that the backup copy will be returned promptly upon completion of its use
   
3. 
   acceptance of a return receipt (to be supplied by the courier) as evidence that the backup copy has been returned.
   

1. 
   _{A record of the physical movements of all backup copies shall be maintained.}
   

• 
  Physical movement of backup copies shall refer to:
  

1. 
   the initial backup copy data and its transit to storage
   
2. 
   any movement of backup copies from their storage location to another location.
   

1. 
   The record of physical movements of backup media shall include:
   

3. 
   all identification information relating to the requested copies
   
4. 
   purpose of request
   
5. 
   person requesting the copy
   
6. 
   authorisation for the request
   
7. 
   where the copy will be held while it is out of storage
   
8. 
   when the copy was released from storage
   
9. 
   when the copy will be returned to storage.
   

2.4.Transporting a Copy

1. 
   _{The Infrastructure Operator shall develop procedures for the handling and storage of information in order to prevent unauthorised disclosure, misuse or loss.}
   

1. 
   Media in transit shall be protected from unauthorised access, misuse or corruption, including
   

1. 
   sufficient protection to avoid any physical damage arising during transit
   
2. 
   packed in accordance with manufacturer’s specifications.
   

1. 
   All personnel responsible for the transportation of backup media shall have:
   

3. 
   police clearance with evidence of bi-annual review
   
4. 
   relevant identification
   
5. 
   relevant authorisation.
   

1. 
   Where special controls are required, i.e. to protect sensitive or critical information, the following should be considered:
   

6. 
   use of a secured container(s)
   
7. 
   hand delivery
   
8. 
   tamper-evident packaging
   
9. 
   in extreme cases, the delivery split and dispatched by separate routes.
   

2.5.Retention and Disposal of Copies

1. 
   _{Backup copies are to be maintained in accordance with the Department’s Retention and Disposal Schedule for backup copies.}
   

• 
  The schedule will determine the status of the information, as whether it can be disposed, cycled back into production or remain in archive storage.
  

1. 
   _{All backup media shall be appropriately disposed.}
   

• 
  ‘Media’ refers to an object or device, such as a disk or magnetic tape, on which data is stored.
  

1. 
   Media used
   

1. 
   by Infrastructure Operator for backup purposes shall be of a high quality
   
2. 
   for backups must be replaced at appropriate frequency, i.e. every 2 years or as recommended by the media manufacturer.
   

2.6.Periodic Validation

1. 
   _{Every quarter the Infrastructure Operator shall report on its ability to recover data}
   

• 
  The ability to recover data shall be measured by:
  

1. 
   inspection of the storage facility
   
2. 
   ability to retrieve backup media sample (copies)
   
3. 
   a backup recovery exercise.
   

1. 
   The backup media recovery sample shall include:
   

4. 
   visual inspection of backup copies and media boxes to ensure safekeeping and secure transit. Selection should be from various boxes and include daily and weekly backup copies
   
5. 
   general comments relating to backup copy conditions
   
6. 
   random selection of backup copies to measure integrity of stored media.
   

1. 
   Inspection of the storage facility will culminate in the creation of a Media Storage Environmental Report, which includes issues such as:
   

7. 
   site security
   
8. 
   climate control including temperature and humidity
   
9. 
   date of last fire system review
   
10. 
    potential for flood inundation
    
11. 
    general comments relating to any environmental issues.
    

• 
  The ability to recover data shall be reported to the Department via the monthly reporting system and in the quarterly Infrastructure Report.
  

3.Summary of Responsibilities

3.1.Information Services

Information Services is responsible for:

1. 
   providing adequate operational resources for data backup and testing of media
   
2. 
   instructing appropriate staff in data backup and recovery procedures
   
3. 
   ensuring the data backup and recovery procedures are followed
   
4. 
   ensuring only authorised people with sufficient knowledge conduct backup and recovery processes
   
5. 
   outlining the roles and responsibilities relating to backups in Department job descriptions
   
6. 
   establishing measurements to ensure that Service Level Agreement requirements are met.
   

3.2.Department Staff

Department staff are responsible for:

1. 
   Storing department data on the network
   
2. 
   performing independent backups of Department data stored on decentralised or non-networked systems.
   

3.3.Infrastructure Operator

The Infrastructure Operator is responsible for:

1. 
   developing procedures that conform with this policy
   
2. 
   maintaining backup and recovery procedures in accordance to changes to IT systems
   
3. 
   documenting exceptions in their procedures for event-dependent backups, such as after the processing of certain transactions or the execution of programs after system modification
   
4. 
   ensuring only authorised people make, transmit and restore backups
   
5. 
   appointing people with sufficient knowledge specifically for the role of backup and recovery
   
6. 
   ensuring that documentation regarding backup and recovery processes is sufficient to allow a substitute to carry out data restoration
   
7. 
   recovering media from the offsite storage facility, including after hours
   
8. 
   randomly testing copies to ensure that the information stored on them is still recoverable
   
9. 
   recovering lost data reliably and within defined timeframes as per the Infrastructure Service Level Agreement
   
10. 
    a process for redressing backup failures
    
11. 
    reporting to the Department backup failures and corrective action taken
    
12. 
    providing regular reports on the status of the storage facility and environment.
    

4.References and Attachments

4.1.References

1. 
   AS/NZS ISO/IEC 27002:2006, ISO/IEC 27002:2005 (Information technology - Security techniques - Code of practice for information security management)
   
2. 
   AS/NZS ISO/IEC 27001:2006, ISO/IEC 27001:2005 (Information technology - Security Techniques - Information Security Management Systems – Requirements).
   
3. 
   ISO/IEC 22399:2007 Guideline for incident preparedness and operational continuity management
   
4. 
   ISO/IEC 24762:2008 Guidelines for information and communications technology disaster recovery services
   

4.2.Attachments

1. 
   nil
   

5.Associated Processes

This section is included for convenience, but is not part of the policy.

5.1.Business Continuity plans

1. 
   _{Department business units are responsible for creating Business Continuity Plans (BC).}
   

• 
  ‘Business Continuity’ means the strategy used to ensure the Department can carry on its functions to a substantial degree in the face of a major adverse event (such as fire, flood, storm, explosion, power outage) until recovery of systems is achieved.
  

1. 
   In preparing Business Continuity Plans, the Business Units should
   

1. 
   Identify scenarios for a range of plausible adverse events
   
2. 
   Document internal key personnel, and backups for those persons, and identify those who can work from remote sites
   
3. 
   Document external contacts who can assist in providing alternative services
   
4. 
   Document critical equipment, including non-computer (eg communications lines, specialist printers) facilities
   
5. 
   Identify critical documents
   
6. 
   Identify contingency equipment options
   
7. 
   Identify contingency locations
   
8. 
   Identify possible manual substitutions and workarounds for information systems
   
9. 
   Produce a plan detailing steps to take to maintain business activities, with responsibilities assigned, where necessary adjusting the steps for the different scenarios
   
10. 
    Put the information together, and store it in multiple repositories that will still be available if systems are down or there is limited access to worksites
    
11. 
    Communicate these plans and make them available to staff.
    

• 
  Information Services will assist business units with the information, communication and technology aspects of their business continuity plans.
  

5.2.Disaster recovery plans

1. 
   _{Department business units are responsible for creating Disaster Recovery Plans.}
   

• 
  ‘Disaster’ means a major event that causes a significant proportion of the Department’s information systems to become unavailable, or to lose some degree of functionality, for a significant period of time.
  
• 
  ‘Recovery’ means the process of restoring information system functions to a degree that allows the Department to carry out its functions at an acceptable level within an agreed timeframe.
  

1. 
   The Disaster Recovery Plan (DRP) should be prepared by the Disaster Recovery Committee, which should include representatives from all critical sections or areas of the department's functions.
   
2. 
   The DRP must specify
   

1. 
   Membership of the Disaster Recovery committee (in terms of job roles)
   
2. 
   Each person’s DR functions, especially the job title or the person to be named as Recovery Coordinator
   
3. 
   Criteria for defining levels of disaster, especially what level of interruption requires activation of the disaster plan
   
4. 
   Communication methods to be used
   
5. 
   Training required, immediate and ongoing, in terms of skills needed to perform disaster recovery
   
6. 
   Which information services will need to be restored, in what order and to what level of functionality
   
7. 
   What resources need to be, and have been, set aside in terms of
   

• 
  duplicate equipment
  
• 
  data backups
  
• 
  physical locations available for personnel and equipment
  
• 
  where extra specialist personnel will be obtained
  
• 
  what contracts are in place for this.
  

• 
  Information Services will assist business units with the information, communication and technology aspects of their disaster recovery plans.
  

5.3.Testing Disaster Recovery and Continuity Plans

1. 
   _{Business Continuity Plans and Disaster Recovery Plans must be tested to verify correct operation of processes and adequate restoration of services.}
   

1. 
   The Department’s DRP and BCP must be
   

1. 
   tested at regular intervals to ensure that they remain relevant and effective.
   
2. 
   periodically updated and maintained to adjust for new and changed systems, infrastructure and circumstances.
   

• 
  Information Services will assist business units with the information, communication and technology aspects of testing and validation.
  

6.Approval, Delegations and Maintenance

6.1.Approval

Executive Director, Corporate Services
Name:
Signature:
Date:

6.2.Maintenance and Review

Responsible Officer
Position:	Director, Information Services
File Reference:	9999/9999
Review Date:	2012

7.Notes for Agencies adapting the Model Policy

The Inter Agency Information Security Management Group suggests that agencies consider:

1. 
   Whether they wish to remove the procedural elements of this document and create a separate procedure document
   
2. 
   Whether to crate a separate Business Continuity policy.
   

© Copyright 2011 The State of Western Australia Aug-2012 of

Directory: cms
cms -> Security Survey
cms -> 1. naclo 2015 – North American Computational Linguistics Olympiad
cms -> 1. naclo 2017 – North American Computational Linguistics Olympiad
cms -> Chem I honors Unit 2 Notes: Numbers in Chemistry Measurement
cms -> Sanderson High School ap human Geography Summer Assignment 2016
cms -> Find fantastic ousd elementary music programs
cms -> Tiger Leaps Progress Update from Tenafly High School March 28, 2012 English
cms -> Lorain county board of commissioners
cms -> Haiti Relief – esf 15 Support Organization Situation Report # 17 1/28/10

Download 67 Kb.

Share with your friends: