Recovering data - e-Strategy Guide

Quick Links

Australian Government Logo - Department of Broadband, Communications and the Digital Economy
Skip to content
Home More from the net Get connected Make email work Creative web use Online security
IT risk Securing a PC Virus protection Firewalls Recovering data Spam Secure email Authentication Spyware Online scams Filters Confidentiality Secure networks
Phone on the web Why a website? Build a website Website functions Promotion Training Resources Templates Case studies Feedback

Backing up and recovering data

In case of some natural disaster, virus infection, hardware failure or theft, or an attack on your website, make sure you have a good backup and recovery plan.

This could include a plan to take manual renewals or orders over the phone if access to your website has been denied to users for any reason.

An effective plan should cover where you can go to set up an office that has telephones and internet access, what processes need to be restarted, the number of computers, servers and other hardware devices such as printers and modems you need to function, and most important, where backup copies and software copies can be located to load onto the temporary systems.

Laptop computers are particularly vulnerable to theft, so pay particular attention to their backup procedures.

True story

Make sure your backups work!

In our Port Pirie office we recently lost all our database. We had a system of backups – but the team was making a mistake. Our database was on one drive while all our office files were on the other. They were regularly backing up the office drive but missed the drive the database was on. The server crashed and we lost everything in the database. Four months later we still haven’t been able to recover it. The lesson: regularly test your backups.

David Bulloch, WestSide Community Lawyers, South Australia

What you should do

To protect your information and systems from these sorts of disasters:

  • ensure backup procedures are in place and tested and remember to test the actual data and restoration process
  • ensure email is stored on network drives that are backed up and that procedures are in place to store email correspondence for the periods covered by law which is usually a minimum of seven years
  • make sure that PCs are set up to save files by default to network drives that are backed up regularly and that staff and volunteers are trained to save files to these network drives
  • ensure backup procedures include all back office systems such as finance, payroll and member and supporter databases
  • ensure your ISP or website host has a properly managed backup procedure. If backups are destroyed so is your website. Always keep a copy of your current site on another server that is regularly backed-up as part of your internal processes
  • all third party software should be copied prior to its initial use (software licensing allows for the making of copies for legitimate backup purposes). These master copies should not be used for ordinary business activities but should be reserved for recovery purposes.
  • a copy of all backups should be stored in a secure off-site location.
  • Structure the backup procedure to ensure regularity and integrity. A typical backup regime would be Monday to Thursday daily, Friday weekly, first Friday of the month monthly. This limits the cost and number of tapes/devices/storage capacity you need to purchase and ensures that more recent material is never more than a day without backup while older material will still be possibly available on backup.

Tip

Low cost backup

If you are a small organisation, it is relatively painless to keep a backup of all your data on a USB memory or data stick at home, or even your iPod. Update your backup say every Friday. That way if the office burns down you will still have the data.

Incident response

Incident response is the process you go through when:

  • your website is hacked into and unauthorised data changes made
  • employee data falls into the wrong hands
  • a virus spreads through your computer system.

Develop a plan with your website host or internet service provider (or application service provider) with response procedures written down and explained to staff. They should include clear roles and responsibilities. Develop a response based on the risk of the incident and the responses required – both automated and manual.

What to do when it happens

Recommendations from System Administrator Network Security (SANS)You are now leaving the e-Strategy website include:

  • Don't panic – document what happened: who, what, when, where and how
  • Notify the right people within the organisation and get help
  • Contain the problem; keep it from getting worse
  • Assess what damage has been done
  • Make a backup of the affected system as soon as practical (use new disks and not recycled disks as experts will be able to re-create your computer system from these backups)
  • Get back to work after checking your backups to ensure they are not compromised, restore your system from the backups and monitor the system closely to determine whether to reinstate it

Deal with the cause and learn from the incident.

If you suspect there has been criminal activity regarding your information systems you should inform the police.

In this case it is important that the incident has been recorded and that all evidence, including reports and logs, be preserved.

Copyright | Privacy | Disclaimer | Contact Us | Site Map | Back to top
Document ID: 1516, Last Updated: 23 January 2008 9:11am