Home > Resources and Services > SIPA Computing > FAQ
SIPAIT Server Backup Policy
The goals of the backup policy are:
- to safeguard the information assets of the SIPA computing community
- to prevent the loss of data in the case of accidental deletion or corruption of data, system failure, or disaster
- to permit timely restoration of information and business processes should such events occur
- to manage and secure backup & restoration processes and the media employed within these processes
Backup Policies
SIPAIT will provide policy-based, system level, network-based backups of server systems under its stewardship. Full backups will back up all files specified within a system’s backup policy, regardless of when they were last modified or backed up. Differential-incremental backups will back up all files that have changes since the last successful incremental or full-backup. Restores will require a longer period of time as the last full backup and all differential-incremental backups that have occurred since the last full backup are required. Backup logs are reviewed daily during the week to monitor backups and correct any errors. Backups are tested periodically to verify data integrity.
Systems Management
SIPAIT will ensure on an on-going basis that all elements of its backup system are maintained so as to ensure:
- the integrity and confidentiality of data copied during backup and restore operations
- appropriate access to data maintained within the backup system—recoverability in the face of system failure, or disaster
- stability
Media Management
SIPAIT will maintain disk-based backup. Any backup on media will be clearly labeled and logs will be maintained identifying the location and content of backup media.
Backup images on assigned media will be tracked throughout the retention period defined for each image. When all images on the backup media have expired, the media will be re-incorporated amongst unassigned (available) media until reused. Periodically and according to the recommended lifetime defined for the backup media utilized, SIPAIT will retire & dispose of media so as to avoid media failures.
Storage, Access, and Security
All backup media must be stored in a secure area that is accessible only to designated SIPAIT staff or (in future) employees of the contracted secure off-site media vaulting vendor used by SIPAIT.
Retirement and Disposal of Media
Prior to retirement and disposal, SIPAIT will ensure the following:
- the media no longer contains active backup images or that any active backup images have been copied to other media
- the media’s current or former contents cannot be read or recovered by an unauthorized party
Restoration Requests
In the event of accidental deletion or corruption of information, requests for restoration of information will be made through processes defined within SIPAIT’s Technical Support Policy.
As the restoration of information has security consequences including:
- possible escalation of privileges by parties authorized to access information
- access by non-authorized parties
SIPAIT will carefully verify that the request for restoration of information is authorized by the owners of the information prior to performing the restoration. SIPAIT will additionally ensure that the information restored is restored to a file system location with access controls appropriate to the information being restored.
Degradation of Service
Should a failure or defect of the backup system threaten the recoverability of a computing system or its information, SIPAIT will take immediate actions to correct the situation. Additionally, SIPAIT will attempt to warn all users and owners of applications and information of the failure or defect and the potential scope of information loss. SIPAIT will work with those warned to mitigate potential or actual risks until such time as full-service can be restored.