Security and Backup Policies

Chapter 53 Review

Security and Backup Policies

There are two main ways to ensure that ICT systems, once up and running, are protected from disaster, misuse or abuse. These are

• Security measures
• A personnel policy which covers data security and employee codes of conduct.

Under UK Law the responsibility for security (including hardware, networks, software and databases) lies with the company directors (not the ICT department or security officer). They are personally responsible for the security of these assets.

Backup Strategies

Some key questions need to be addressed when planning a backup strategy:

• How often should backups be done
• What should be backed up
• Where should the backups be stored
• What Method is used to conduct the backup.

In devising a backup plan, several factors need to be taken into account such as:

• The value of the data
• The amount of data stored on the computer
• The frequency with which the data changes
• The type of backup equipment.

Proper backup procedures are the first line of defence against disaster.

Both software and data need to be backed up and stored safely, off-site or in a fireproof safe. In some circumstances data may need to be backed up daily and taken off site (or even backed up to a remote site automatically). Software only needs to be backed up when a change is made or a new version is installed.

A comprehensive backup strategy is required by companies who are dependant on data (such as databases) which are being continually being updated. Hospitals, banks and government departments are typical examples, which require comprehensive back up strategies .

Full Backup

A full backup is a copy of all files on a disk. This is a very safe strategy because it ensures that you have a copy of every program and every data file on the disk, and it is easy to restore if it ever becomes necessary. However a full backup takes a long amount of time to complete and often makes the machine unusable whilst it is in progress. For an example of a full back up see the example in Heathcote, A Level ICT pages 292 /3

Incremental Backup

With this type of backup, a full backup of the entire hard disk is made say once a week on Monday. On Tuesday, only those files which have been created on or changed during the day are backed up. This backup tape or disk is labelled Tuesday. This process continues from Wednesday to Friday where only changed or newly created files are backed up. The cycle is then repeated next week.

This backup strategy is less time-consuming but more complex to restore, as all the backups have to be restored in the correct sequence.

Backup Hardware

• For small quantities of data, removable disks are the simplest. Iomega ZIP drive sells for under £100 and takes 100MB disks. They look similar to floppy disks and cost around £10 each. A full 100MB backup of data takes about 5 minutes.

• For larger backups, tape is the preferred medium. A DAT tape drive with a capacity ranging from 2-24GB costs about £600 and tape cartridges cost from £5 - £50 depending on capacity.

• A CD-ROM (CDRW) drive using re-writeable optical disks costs about £100. The 650MB disks cost about £1.

• On-line Backup (RAID – Redundant Array of Inexpensive Disks).

• Thousands of organisations can’t afford to lose data (such as hospitals, banks, airlines etc). RAID is a complex process with many different ways of setting it up. The main process means that data is replicated over two or more disks. This is called mirroring. For example if data is stored on the C drive, it is replicated on the D drive. If one disk fails, RAID can switch to the other automatically with identical data being stored.
• An online backup is similar to this, however it backs up to a remote location using a similar method as above.

Grandfather-Father-Son backups(GFS)

This is method is documented with the notes taken in class.

In batch processing, transactions are typically processed once a day.

When this method of processing is used it is common to keep at least four generations of the master file, along with the transactions that were used to update each generation.

On the fifth day, the oldest generation of the master file (the grandfather) can be overwritten. Thus there is always at least one generation of the master file, and the corresponding transactions stored off-line in a secure fire-proof safe.