|
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Administrators
High standards must be set as regards the availability of the data stored on the hard disk of the server since, as a rule, these data are accessed by many users. Regular data backups must provide for reconstruction of all data on the server hard disk which, for instance, are not older than one day (cf. also S 6.32 Regular data backup).
A possible data backup policy is to backup data daily on an incremental basis (i.e. all modified data) and to make a complete backup once a week or once a month. As a minimum, the three-generations principle should be applied (three subsequent data backups are made before overwriting the first).
Documentation must be provided on all backups. As a minimum, the designation (as telling as possible) of the storage medium, the date and the type of data backup (incremental, complete) must be recorded.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |