Author Stuart Barker
Backup, backup and check up
Let’s face it things sometimes go wrong! It could be an all out ransomeware attack such as Wanna Decryptor. It can be as simple as you have deleted that wrong file that now you need back. We have all deleted a file we didn’t mean to.
It may well be that you all ready have back up in place. If you don’t – stop reading this and go set it up now. You don’t need a standard such as ISO 27001 to tell you you need to back up your data.
So you have a back up process and you have ensured there’s a back-up process in place and for the last X months/years. Your data has been backed up and stored securely in another location so all you need to do is restore it. But this is where it can all go wrong. Backup software and systems are just as prone to problems as any other. It’s vital that you back up your systems but it is equally important to test your back up. Don’t leave it to chance so follow a few simple tips and you’ll get your back up when you need it, not get your backup in frustration!
- First tip – please make sure you have a back up process in place
- Do not trust your backup is working as expected – you need to test it by restoring files on a frequent basis
- Make sure your backups are stored securely and encrypt them if possible
- Backup not just your data but the tools too (I’ve lost count how companies say “Our Customer data is backed up. But we don’t backup the customer database itself.”)
We know that contingency planning is important and the most basic step is to have a copy, a back up of the most important files that we need. Don’t leave it to chance. Don’t just have a back up but make sure you give it a check up.
Speak to a member of the team now on
03455 760 999
We would love to help you
What ISO 27001 has to say about backups
ISO 27001 back up
ISO 27001 is the international standard for information security. It is an information security management system and include guidance and best practice for back up. Consideration should be given to achieving ISO 27001 certification.
Sections 12.3.1 Information backup
ISO 27001 back up forms part of section 12.3.1.
The business takes copies of information, software and system images and then tests them in line with the back up policy.
The backup policy should define requirements of the business for retention and protection. You should provide adequate backup that ensures that all essential information and software can be recovered following a disaster or media failure. Or even a ransomeware attack.
You need a back up policy that defines your requirements for backup of information, software and systems.
Consider the following when designing the back up plan
- The business defines accurate and complete records of the backup copies and documented restoration procedures
- The business sets the frequency of your back up and the security of what you back up
- The back up system makes sure that back ups are stored at a remote location
- The business physically protects the back ups
- The business will test that the back up works
- The back up system will encrypt the back up