If you’ve been reading our blog, you obviously know we are big fans of backing up critical data to the cloud. It is, after all, what we do. We try to give advice with some (hopefully) funny quips along the way. We’ve talked about why you need to be backing up your data, but we haven’t really talked about how to enforce backing up your data.
“And I understand the policy”
Ah, policies. How many times have you been handed a memo on a new policy? To tell youthe truth, I actually do not get those often, but every time I hear the word policy, I immediately think of Office Space:
“Yeah. I got the memo. And I understand the policy. And the problem is just that I forgot the one time. And I’ve already taken care of it so it’s not even really a problem anymore.”
Policies are written as a general guideline to help employees follow the pre-determined rules of the company. Many people think these are just a piece of paper, but that’s not true. Policies, especially data critical policies, are living, breathing documents that guide your staff.
Why you need a policy
Creating a backup policy is one of the more important things you can do for your data protection plan. First of all, it’s free and secondly, it’ll help you to define what you need to do and when you need to do it. It doesn’t matter if you are backing up online or with tape, a policy should be in place so you, your department, and your company know the procedures that need to happen and when.
Take Hurricane Sandy for example. The strength of the storm far surpassed what most in the north east expected, and battered New York City and the New Jersey shoreline. Companies were forced to close their buildings as it was unsafe for employees to make their way into the office. Many of the companies even went offline as power was lost and streets were flooded. These companies faced a grave aftermath as they couldn’t get to their buildings for days, and systems remained offline, data trapped in a location that the companies executives couldn’t get to.
These companies all faced a situation where a backup policy would help in determining what to do. The policy would have indicated when the last backups for each system were run, so when IT departments tried to recover the data, they would know what date to access and could advise on how old the data was. The policy would also tell anyone and everyone how to get the data restored, from who to call to what procedure to follow. A backup policy will guide the IT department through the steps they need to follow.
5 Things you need to know
Now that you know why you need a backup policy, you need to know what should be included in it.
1) The method of backup you are going to use. Before writing your policy, you need to decide if you are going to use physical, cloud, or both for backup. Keep in mind that some of your critical data may very well need to be backed up via multiple methods.
2) Types of data to be backed up. When getting ready to design your backup policy, you need to know what kinds of data you will be backing up. You’ll need to know if you are going to do a full image backup, full backup, or incremental backups as well as the different systems.
3) When data needs to be backed up. Each database or file type may need to be backed up at different time frames, such as daily, weekly, or monthly. Additionally, you’ll need to decide the time of day to back up. Typically, off business hours are suggested for backing up data.
4) Administrators. Before writing your policy, you should define who will have access to the backups. This person will be responsible for running the backups, monitoring the success or data stored, and be the contact for data recovery. You should limit the number of people with access to 2 to 5 people.
5) How to protect the backups. When choosing a backup method, be sure you know how the protection of that method works. You’ll need to know if the data will be encrypted or not, if logs are kept on data interaction, and how employees gain access to the information.
Getting to the Policy
Depending on the type of backups you choose, and the company you work with, you may be able to get a backup policy template to help you navigate this process. These templates are typically standardized with area’s for you to customize. Of course, if you are using a template, make sure you do your due diligence and check your industry’s regulatory board standard first.
We know writing a policy can be difficult. Click here to get a free copy of our Backup Policy Best Practices to learn more about why you need a policy and how to write one.
And who knows, maybe we will share our backup policy template with you!