IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Communications Remarks
____________________________________________________________________ .........................................
intervals (e.g. daily, weekly, monthly or annual bookkeeping statements),
only full backups are recommended for this purpose.
Knowledge of IT users:
Implementing data mirroring requires appropriate knowledge of the system
administrator but no previous knowledge of the IT user. A full data backup
can be carried out by an IT user with little system knowledge. Compared
with full data backup, incremental data backups require much greater
familiarity with the system being used.
Frequency and times of data backup
If data is lost (e.g. due to a head crash on the hard disk), all data changes since
the last backup must be restored. The shorter the backup intervals, the less the
restoration effort in general. At the same time, it must be noted that in addition
to regular data backup intervals (daily, weekly, every workday...), eventdependent
backup intervals (e.g. after certain transactions or following the
execution of certain programs after system modifications) might also be
required.
The following factors must be considered during the determination of the
frequency and times of data backup:
Availability requirements, reconstruction effort without data backup,
modification volumes:
The interval between data backups should be selected so that the
restoration time (the restoration time required for modified data which has
not been backed up) for the data changed within this period (modification
volume) is shorter than the maximum permissible downtime.
Data modification times:
If data are changed to a large extent (e.g. program sequence for salary
payments or different software version) or the entire database needs to be
made available at certain points in time, it is advisable to carry out a full
data backup immediately afterwards. Regular as well as event-dependent
intervals need to be stipulated here.
Number of generations
On the one hand, data backups are repeated in short intervals in order to have
up-to-date data available, on the other hand, the data backup must guarantee
that saved data are stored for as long as possible. If a full data backup is
considered as a generation, the number of generations should be determined,
as should the time intervals which must be observed between the generations.
These requirements are illustrated using the following examples:
- If a file is deleted intentionally or unintentionally, it will no longer be
available in later data backups. If it turns out that the deleted file is still
required, it can only be restored by using a backup version made before the
time of deletion. If such a generation no longer exists, the file must be
created again.
- A loss of integrity in a file (e.g. due to a technical failure, inadvertent
modification or computer virus) will probably be noticed at a later stage
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000