Information Technology Reference
In-Depth Information
High
Low
Budget
Low
Risk Tolerance
High
Business
Drivers
Local backups; file copy to ..\backup directory
Local backups; e.g. overnight [tape|CD] backup
Local backup; disk mirror, RAID
Remote; database replication, SAN
Non-
Real-Time
Real-Time
Figure 8.16
Backup strategic decision tool.
8.16.4.2
Tactics
Figure 8.17 is a tactical complement to Figure 8.16. Backup tactics include media
selection, on-site backup, off-site backup, backup to hot swap media, fast recovery
media, media transport, storage, and access for restoration.
8.16.5
Best Practices
Best practices for backup and recovery include ISO 27002:
Information Technol-
ogy—Code of Practice for Information Security Management
, COBIT
Control
Objec-
tives
, DISA
Field Security Operations
, and NIST SP 800-34:
Contingency Planning
Guide
. Best practices for backup and recovery include:
n
−
Stagger full backups throughout the week.
Schedule a percentage of full backups every night to maximize resource
utilization.
For example, X
M
full backups and YT
M
incremental backups on Mon-
day, X
T
full backups and YT
T
incremental backups on Tuesday, etc.
n
Defense Information System Agency.