Backup Verification Data
Organizations deal with huge amounts of data which needs protection for a variety of reasons such as Disaster Recovery (DR).If a disaster strikes, the organization will reach a point where it will need to recover existing backups prepared before the disaster. Now, if the backup itself – for whatever reason – cannot be used, the organization will face a new and bigger catastrophe. So, Organizations should periodically inspect the results of backups to verify that the processed functions effectively meet the organization’s data protection needs. This may involve reviewing logs, inspecting hash values, or requesting an actual restore of a system or file.
Organizations need to regularly test the ability to actually recover data from backup media, to ensure that they can do so in the event of a hardware malfunction or disaster.
There are several considerations including the following:
1- Data recovery versus disaster recovery: There are two main reasons for backing up data:
- Data recovery: When data storage location (such as Hard disk or SAN) has a major problem, or when data has been intentionally or unintentionally deleted (human error), and so on. In this case, should backup media is near production systems, in such a way that data recovery is simple.
- Disaster recovery: When an event has resulted in damage to primary Processing systems, so necessitating recovery of data onto alternate Processing systems, and this must be done until the problem of the primary processing systems is finally resolved and normal conditions are established. Quite the opposite of the previous case, this type recovery requires backup media to be far away from the primary processing site so that it is not involved in the same natural disaster. Some organizations have developed a very good strategy. They use two backup media. One is kept close to production / administration systems and the other is stored in a very far geographical location (for example, outside the city, state, or even country). It is very important that the backup media stored in the far area should not have a very old backup and should be systematically and plannedly updated in terms of content.
2- Data integrity: there is a rule known as referential data integrity. This rule means that a database should not be recoverable to a state where relationships between indexes, tables, and foreign keys would be broken.
3- Version control: For requests to recover data to an earlier state, must many components so roll-back to same state. These components include computer programs, any changes in the applications, operating system versions and patches, and etc.
4- Staging environments: Depending upon the reason for recovering data, it may be appropriate to recover data onto a separate environment. For instance, if certain transactions in an e-commerce environment were lost, it may make sense to recover data including the lost transactions onto a test server, so that those transactions can be found.
If older data was recovered onto the primary production environment, this would effectively wipe out transactions from that point in time up to the present.
Training and Awareness
Organizations need to have training programs for their staff to increase their awareness. If this item properly do, then personnel at all levels of the organization can understand how to respond to new threats and vulnerabilities.
Security awareness training is discussed in security and risk management domain, earlier.
Disaster Recovery (DR) and Business Continuity (BC)
Most organizations after a disaster, cannot afford to be unable to perform their business processes for the very long period. This means that disaster recovery operations in these organizations are slow or that the above organizations do not have the ability to recover disasters at all.
The organization needs a plan that process disaster recovery regardless of what happens around.
This is same the business continuity that we discussed about it in the previous sections of this course.