Perhaps the most important objective for a data backup system is to ensure that backed-up data remains exactly the same as the original and hasn't been compromised.
By definition, backup is the process by which you safely and securely replicate your data in its original form to another storage medium where authorized administrators can retrieve it.
You must ensure protection of your data backup system to keep data safe from anything that might corrupt its integrity, formatting and accessibility. This protection is necessary for data both while in transit and at rest.
You should consider protection for both personal data as well as highly confidential and secure data, such as government workloads with high security clearances. Data privacy is a requirement in a growing number of standards and regulations. For example, the National Institute of Standards and Technology's SP 800-53 standard addresses security and privacy of data in the government sector. The Security and Privacy Rules in HIPAA specify requirements for the protection of health information.
This article is part of
Ways to protect your data during the backup process
Ensure that your data backup system protects data access, integrity and security.
You can achieve data security during the backup process by using encryption in transit from the main location to the backup site. You can also potentially scan data while at rest, looking for anomalies and possible data leakage.
Be sure to examine network connections for backups periodically to ensure no transmission anomalies could damage data in transit. Network synchronization is easily overlooked, so validate it whenever you test network performance.
In today's data-intensive environment, backups to more than one repository are often the norm. You might use a cloud-based data backup system to provide multiple locations for storage repositories. However, regardless of the number of storage sites, you should implement strong protective measures on backed-up data both in transit and at rest.
A data protection policy -- in addition to a data backup policy -- is important. It should specify the requirements for protecting data integrity and data privacy, and protection from breaches and corruption. It can also detail requirements for data encryption, access and scanning that you might not cover in other policies.
Dig Deeper on Data backup security
Related Q&A from Paul Kirvan
A strong data protection strategy must follow applicable standards and regulations to protect data and comply with privacy laws. What are some key ... Continue Reading
A major element in maintaining business continuity during a pandemic is taking care of employee health. Pandemic-specific planning must be a part of ... Continue Reading
This backup and recovery audit checklist offers a comprehensive group of controls and evidence examples to get you ready for the important process of... Continue Reading