3.4 Data Backup Policy


As a result of technical failure, inadvertent deletion or manipulation, data can be rendered useless or lost. The creation of back-ups thus ensures that any redundant data of the IT operation can be restored quickly in the event that parts of the operative data are lost.

Due to the complexities involved, however, such a back-up must be conceived systematically. This chapter describes how to prepare a data backup policy for an IT system.

Threat Scenario

The following typical threat is assumed for a data backup policy as part of IT baseline protection:

Technical Failure:

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended.
The safeguard group "Data Backup" is presented in the following. These safeguards are particularly useful for large IT systems and those handling large volumes of data. The safeguards should be treated in the order stated so as to ensure that the data backup policy is compiled systematically.

Contingency Planning:


© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000