Signature Assignment: Backup Policies

Mark Roebuck

05/31/2021

CYB/110

Mark Stweart
 Backup Policies

Organizations usually backup systems, data, security parameters, and other information resources. Even
with this, the company should have a data backup policy. The policy should start with a backup
schedule. The backup policy should make sure to define what exactly should be backed up, the timing of
which the backup process should be carried out and how often. There also needs to be a time frame on
the duration for which backed up data should be stored, the process that should be followed when
recovering backed up data, and how that should be used for confirming whether backups have been
done successfully.

There are various tools that are for data backup purposes. For instance, a backup PC is necessary for
archiving many files to networked or local disk storage. This tool used compression and pooling to make
the backed-up files as small as possible so as to reduce storage costs and reduce disk storage capacity
requirements. The second tool for data backup is AMANDA. This is an abbreviation for Advanced
Maryland Automatic Network Archiver. AMANDA supports tape, disk, and optical media backups. The
third tool is Bacula which is one of the most popular programs for backing up programs (Mohanta &
Nadagouda, 2015). The tool has features for backup of data, recovery, and verification of data. Other
tools that may be used for purposes of data backup include Bareos, Box Backup, BURP, Clonezilla, FOG,
among others.

Employees can still access backedup data beginning from the day it has been backed up. If the data has
been backed up using open-premises backup, the data is within the reach of the employee. However,
the risk is that the data is vulnerable to loss or theft by people who may have ill intents or even prone to
damage. If the data has been remotely backedup, employees can also access it since the computer
automatically sends the data to the remote centers ate intervals that have been preset or specified. To
access data that has been backed up, employees should create a disk image of the core software of the
computers (Chakraborty, Dethe & Mallik, 2019). This is a copy of the way the files of the computer have
been set up. The disk image is accessed by pressing a combination of keys while the computer is
starting. When updating backed up data, the user may be informed through a popup window on the
screen of the computer that informs him or her that the backed-up files are being updated. Further, if
the tool used for backing up the data had a feature for adding an email address, the user may be
informed through an email notification.

The following are the steps that should be followed when recovering databases and
telecommunications:

• Get the most current log dump of all the databases stored on the device

• Examine every database on the device

• Check the amount of space that has occupied by each data base

• Drop each of the database

• Any failed devices should be dropped using sp_dropdevice

• Recreate all the databases, each at a time

• The most recent database dump is then dropped into each database

• Lastly, every transaction log dump is applied in the order in which it was created

Additional company assets may be recovered using the steps outlined below.

• Go to Site Tools then click on Security

• Click on Backups then proceed to click on Manage Backups

• Choose the preferred backup data

• Click Restore databases

• Selected the preferred company asset then click Confirm

The best policies for backup media storage are those that ensure that backed up data is never lost.
Companies should follow the 3-2-1 approach for backup media storage. This approach states that the
company should have three copies of the data to be backed up. This means that apart from the original
file to be backed up, the company should have two more identical copies (Chakraborty, Dethe & Mallik,
2019). Further, the original file and one copy should be stored in different media, though they may be in
the same location. Finally, the company should have offset set of the data that has been backed up. This
is necessary for ensuring that even if malware, theft, or fire destroy the files that have been stored
onsite, there would still be another copy that is stored offsite.

One of the policies that can be used for encryption of backed up data is ensuring that for companies that
cannot afford to pay for host processing, they use backup servers to encrypt data. Secondly, the
passcodes used for data protection should be strong enough. Thirdly, any classified data should be
labelled as “Confidential”. The fourth strategy that should be applied when encrypting backed up data is
using digital signatures to ensure that entities or users have been associated with their respective public
keys. Finally, the encryption keys that are used for protecting confidential data should also be
considered confidential data.
References

Chakraborty, A., Dethe, T., & Mallik, S. (2019). U.S. Patent No. 10,200,470. Washington, DC:

U.S. Patent and Trademark Office.

Mohanta, T., & Nadagouda, S. M. (2015). U.S. Patent No. 9,015,527. Washington, DC: U.S.

Patent and Trademark Office.