Keeping your systems and data secure
Data back-up and disaster recovery
The extensive use of computer systems makes business operations vulnerable to major problems, ranging from the accidental loss of data to deliberate sabotage. Storage systems, whether computer or paper-based, can be at risk of theft or physical damage through a fire or flood.
If computer systems are out of action due to any of these reasons, you may face problems in paying staff, complying with data protection law, taking customer orders, or having deliveries cancelled because you have not paid your suppliers.
Backups allow you to continue trading even if computer data has been lost. Backups consist of copies of data from your key systems. These copies are made to portable media like magnetic tapes or CD-ROMs. You should have a back-up routine (often done every day) as part of your IT security policy and you should check that this is being correctly carried out.
Best practice for backing-up data includes:
- giving one person the main responsibility for backing up, and designating a second to cover for absence
- using a different tape or disk to back up each day of the week and have a schedule for rotating them
- keeping backups secure - preferably off-site from the main business premises, eg in a bank box
Disaster recovery is intended to provide cover for really serious incidents such as fire or flood. It is good security practice to work out in advance how your business could survive and recover from such an incident, recording this in the form of a disaster recovery plan. Good data security and data backups are essential requirements for disaster recovery. See our guide on business continuity planning in IT.
You should train your staff in business continuity methods - safeguarding essential functions. You should also consider IT security - see the page in this guide on IT security policy.
Subjects covered in this guide