Re: Which regulation governs data backup retention ?

From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 01/27/05 

Date: Wed, 26 Jan 2005 22:07:06 -0700

I do not think SOX dictates backup procedures and policies,
although it does have implications for the securing of these
when they hold covered private data.

Check your state laws however. Here (at one of the 10 largest
North American Us) the state laws once implied that due to the
public records and sunshine laws, backups of things like email
had to be retained (retained. period. as in forever).

Onsite and offsite, each have their uses and advantages. Both
may fail to protect against some data losses if the retention policy
and the backup frequency are not coordinated (and that assumes
the backups are all usable when needed).

If you are speaking of an AD environment, monthly full is by no
means anywhere close to adequate. In the off-the-shelf settings
a backup cannot be older than 60 days if it is to be of use for AD
authoritative restore. 

-- 
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCDBA,  MCSE W2k3+W2k+Nt4
"Marlon Brown" <marlon_brown@hotmail.com> wrote in message 
news:OzgUh3$AFHA.2792@TK2MSFTNGP15.phx.gbl...
>I work for a 5,000 public institution and I would like to confirm whether
> there are regulations that dictates data backup should be performed on 
> tapes
> and stored off-site ? How often back-up should be performed ?
> The discussion here is that a co-worker would like to adopt disk-to-disk
> backups in the data center (what I agree) and perform only backups on 
> remote
> locations connected via fiber for DR purposes.
>
> My point is that backing up to remote locations don't cover threats 
> against
> cyberattack or virus outbreaks. I mean, in my view in addition to a data
> backup in disk, there are still reasons to perform a data backup in a
> portable medium such as tape to assure that such data is clean and out of
> range of virus or cyber-attack events.
>
> In addition, if it is determined that a data backup to tape is necessary,
> such co-worker would like to perform a tape backup only once a month.
>
> Does Sarb-Oxley handles such data backup requirementss ? Please advise.
> Let me know what you think.
>
>

Relevant Pages

  • Re: VTL vs. Backup to Disk
    ... Disk is designated as DASD. ... emulated to provide a complete tape emulation solution. ... The question boils down to backup application support. ... so a good VTL may provide for a better solutions and better ...
    (comp.arch.storage)
  • RE: backup not starting
    ... "The requested media failed to mount" error message when you try to perform ... Backups on Windows Small Business Server 2003 may use more backup media ... If the issue persists, please manually clean the tape driver, and then ... by specifying the same media label name. ...
    (microsoft.public.windows.server.sbs)
  • RE: Backup failed event:
    ... 1.There is actually no tape in the tape device and it is not correctly ... Please checked the HCL list for DLT backup device from our HCL ... your backup media. ... This operation writes a "free media" label on each tape. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Standard Restore from tape
    ... I use the SBS Backup Utility from the Server management console no 3rd party backup software. ... I use the tape driver that comes with SBS 2003 with a seagate dat4 tape drive. ... When i try to do a catalog on these tapes i get the error message "The library is unable to load the media at this time because the drive is in use." ...
    (microsoft.public.windows.server.sbs)
  • Re: [SLE] Backups -- near-line disc and off-line tape
    ... daily tars copied to a 4th server with a tape ... That's actually a good strategy -- you buffer to disc, ... such real-time tape backup is why most people hate tape. ... new $500-600 backup server, or just use an existing server (that doesn't ...
    (SuSE)
Loading