IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Communications Remarks<br />

____________________________________________________________________ .........................................<br />

S 6.19 Data backup on PCs<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: <strong>IT</strong>-users<br />

<strong>The</strong> requirements of S 6.32 Regular data backup should generally be<br />

observed. <strong>The</strong> following example demonstrates effective data backup on a PC.<br />

Under the three-generations principle (three different data backups are made<br />

before the first is overwritten), all application data and the configuration data<br />

of the used software is saved at weekly intervals on externally storable or<br />

externally held data media (floppy disks, removable hard disks, streamer<br />

tapes, server). If the data stock to be saved is too voluminous, data backup can<br />

be confined to files whose content has changed since the last data backup<br />

(incremental backup). However, it is still necessary to back up the entire data<br />

stock (full backup) every third data backup.<br />

Data backup must be documented; as a minimum, the designation of the data<br />

medium and the date of the backup should be recorded. the name of the data<br />

medium and the date of the backup is to be recorded, for instance:<br />

"BP940518" = backup of 18.05.94. In addition, the parameters selected for<br />

data backup must be documented (for documentation, cf. S 2.24 Introduction<br />

of a PC Checklist Booklet).<br />

Data backup must comply with any established data backup policy (cf. S 6.13<br />

Development of a data backup policy).<br />

If no products are available for easy data backup, system applications such as<br />

the DOS command BACKUP can be used. If the program used allows the data<br />

backup to be password-protected, use should be made of this option. In this<br />

case, the password must then be deposited safely (cf. S 2.22 Depositing of<br />

passwords).<br />

Additional controls:<br />

- Is all computer data backed up?<br />

- Are completed data backups documented?<br />

- Does the data backup procedure comply with existing data backup policy?<br />

Note: this safeguard is no longer used by any of the components covered in<br />

the <strong>IT</strong> <strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>. <strong>The</strong> contents of this safeguard have<br />

already been added to the text for S 6.32 Regular data backups.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!