IT Baseline Protection Manual S 2.137 Procurement of a suitable data backup system
S 2.137 Procurement of a suitable data backup system
Initiation responsibility: Head of IT section
Implementation responsibility: Administrators
Many of the errors occurring during the creation or restoration of a data backups are attributable to incorrect handling. For this reason, a data backup system should be selected not only on the basis of the performance it offers, but also for its handling properties and, in particular, its tolerance to user errors.
The selected backup software must fulfil the following requirements:
The data backup software should be able to identify an incorrect medium and a damaged medium in the backup drive.
The backup software should be fully compatible with the existing hardware.
It should be possible to allow backup to be executed automatically at pre-determined times, i.e. at pre-set intervals, without the necessity of manual intervention (except possibly for the provision of backup data media).
It should be possible to inform one or several selected users, via E-Mail or a similar mechanism, of the result of the backup and of any faults. Data backup procedures, including the backup results and any error messages, must be recorded in a log file.
The backup software should support securing of the backup medium via a password or, better still, via encryption. Furthermore, it should be able to save the backed up data in compressed form.
By entering appropriate Include and Exclude lists when selecting files and directories, it should be possible to specify exactly which data ought (and ought not) to be backed up. It should be possible to create backup profiles where the lists can be summarised, saved and re-used for later backups.
It should be possible to select data to be backed up independent of the date it was created and the last modification.
The backup software should support the creation of logical and physical full copies as well as incremental copies (backup of changes).
It should also be possible to store data backups on hard disks and network drives.
The backup software should be able to carry out an automatic comparison after backup between the backed up data and the original. After restoring data, it should be able to carry out a respective comparison between the restored data and the content of the backup data medium.
When restoring files it should be possible to select whether the files are to be restored into their original location or onto another disk or directory. In the same way it should be possible to control how the software reacts if a file with the same name already exists at the target location. It should be possible to select whether the existing file is to be always, never or only overwritten if it is older than the restored file, or that in this situation an explicit request appears.
If, with the used program, the data backup can be protected by a password, use should be made of this option. In this case, the password will have to be deposited safely (cf. S 2.22 Depositing of passwords).
Most operating systems are delivered together with data backup programs. However, not all of them meet the demands placed on professional, easy-to-execute data backup products. If no such products are available though, then the system programs should be used.