Each backup that takes place has a built-in expiry date. Beyond this expiry date the details of the backup will be forgotten, and the data itself will often become unavailable. With the advent of legislation that requires data to be available for significant periods of time, commonly up to 10 years, expiry periods for data need to be set to retain the backed up data for the appropriate length of time. Equally important, when the expiry time for the backup has been reached the tape on which the backup resides should either be destroyed or recycled.
Businesses need to have a clear data expiration policy, based on both internal and external requirements and defined separately for different categories and types of data as required. Backups need to be classified against these categories and types, and checks must be made at the point of backup to ensure that expiry dates are set correctly. Checks also need to be made to ensure that any tapes containing expired backups are either destroyed or recycled.
A backup that is considered successful by the backup application can no longer be said to be truly successful unless a number of extra criteria are met. The question of “Is my business protected?” cannot be answered by backup applications alone. Advanced Data Protection Management software is required to bridge the gap between the technical and business definitions of success. Each business, and often each department within the business, may have different success criteria depending on the internal and external regulations to which they are party, and reporting needs to be flexible enough to allow for this. Finally, backup reporting needs to be provided in a way to which the business can relate; reporting on applications and business units rather than servers, databases and filesystems.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.