Incident Response, Policies and Procedures

Backup Guidelines for Institute-Owned Assets and Data

Posted on Jul 27, 2021Share on

computer screen showing clouds to depict cloud backup

Regular backups are critical for recovering and restoring data that has been lost or stolen. It is important to protect the Institute’s data by backing up your data regularly and appropriately. The CIS (Center for Internet Security) provides some very helpful information on the Data Recovery Capabilities control, which is a good basis for the Institute’s Backup Guidelines below.

  1. Be sure that all data is backed up on a regular basis.
    • Confidentiality, Integrity, and Availability are the keys to any successful IT security program.
    • Availability means that authorized users have access to the system and its data when needed.
    • Backups ensure that the data is available even in the event of a ransomware attack.
  2. Perform complete backups on systems.
    • You should do full backups on a weekly basis.
    • It would also be helpful to do daily incremental backups.
    • Full backups take longer to create, but are faster to restore.
  3. Test data on backup media regularly.
    • Your backups are no good if you cannot restore them.
    • Test the data restoration process to see that the backup is working properly.
    • You need to know that you can restore encrypted files.
    • Make sure the backup works *before* you need it.
  4. Protect your backups.
    • You need to use physical security or encryption to protect backups when moved across the network (in transit), as well as when stored (at rest).
    • Use only UT’s One Drive for Business or UT’s Google Drive for storing data in the cloud. They are both certified for protecting the types of data the Institute uses, including HIPAA.
  5. Store your backups in a secure location.
    • Do not store backups on the same computer’s hard drive that you backed up.
    • There should always be at least one copy of the backup that is stored offline and in a different location.
    • You may use an external hard drive or a flash drive, but always encrypt the drive to protect the contents.
    • Don’t forget the password on the encrypted drive, as this password cannot be recovered.
    • Choose an offsite location, such as another office or home, to store the backup.
    • Never, ever leave a backup on the external drive attached to the computer when not being used, as that defeats any purpose of having a backup.

Please remember that backups are the best way to prevent loss of data in these ways and more:

  1. If hit by ransomware, you won’t have to pay the ransom if you can restore your data from a backup.
  2. If your computer has a virus or malware, the hard drive can be completely wiped and the data can be restored from the backup.
  3. If your hard drive dies and cannot be recovered, you can use the backup to restore the data.

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu