Magazine

Data backup IT baseline protection: how to do it right.

Data protection is an integral part of the IT-Grundschutz catalogs. What key questions should every company ask itself regarding data backup in order to make it BSI-compliant?Data backup is an important component of IT-Grundschutz.

The German Federal Office for Information Security (BSI) has developed general guidelines in its IT baseline protection catalogs to help companies build a secure IT environment. The focus here is on generalized dangers that can be identified by laypersons on the basis of the guidelines and, if necessary, remedied with the help of experts. This is intended to make it possible for companies that are not experts in the field to develop adequate basic IT protection with comparatively little effort. Naturally, this basic protection does not cover all eventualities and is not sufficient for companies with extremely high security requirements alone.


Data protection is vital for companies

Often, those responsible in companies are not at all aware of the security requirements. Among other areas, this mainly concerns the topic of data backup, which is mandatory for commercial IT systems (also for fiscal reasons). In order to be able to better assess the dangers of a possible data loss, the BSI recommends that all businesses clarify some fundamental questions.


Is there a backup strategy?

With the complexity of today's IT systems, it is no longer sufficient to just back up certain data to some data carriers. Rather, it must be ensured that a regular and, above all, comprehensive data backup is carried out to ensure that all important components can be restored in an emergency. For this purpose, it is advisable to develop a backup strategy that should specify which data is to be backed up and at what intervals. The storage location also plays a role here; for example, physical backup can also be outsourced to appropriately certified cloud systems.

Is it specified which data is backed up and for how long?

Not all data is equally important. Just as in a normal paper office, some data can be disposed of after a certain period of time, while other data must or should be kept as a record for a longer period of time. As this can lead to extremely large data collections in some companies, it should be defined when data can be deleted again (if at all). Special attention should also be paid to personal customer data, the deletion of which may be subject to data protection regulations

Does backup include portable computers and non-networked systems?

Few businesses today are purely desktop-based. Employees in the field or in certain areas of the business (e.g., warehouse) often access mobile devices and portable computers that don't always need to be up-to-date networked systems. These devices must not be forgotten when backing up data. Regular synchronization is highly recommended to avoid losing important processes.

Are the backup tapes checked regularly?

In many companies, backup is still done on backup tapes. Regardless of the storage medium (tapes, hard drives, optical media, etc.), regular checks should be made to ensure that the media are still functioning properly. Even the best backup is of no use if the media can no longer be read. A redundant design can also be helpful, i.e. making additional copies on other media or suitable cloud storage.

Are the backup and restore procedures documented?

To ensure that backups can be traced at any time later, all backup and restore procedures should be adequately documented. This not only serves to improve the organizational structure of the backup strategy, but also to provide evidence of the coherent implementation of data backup measures. This can be an advantage in the event of insurance claims or even if questions from financial and other regulatory authorities are unclear. Last but not least, good documentation also facilitates the resolution of any technical issues.

New Version 12

Protect all your files.

Secure 30% discount now!   Buy Now   Try it for free
4
days
9
hours
0
minutes
52
seconds

Langmeier Backup for Windows

About the Author Sebastian Müller
partner support


Sebastian Müller is partner and top customer support at Langmeier Software, making him the best person to talk to about Langmeier backup backup solutions.

Phone: +41 44 861 15 70
Email: sebastian@langmeier-software.com
 

Further lookup: Backup, Data backup, Data Security, Langmeier Backup, Backup data, Cloud Backup

Articles relevant to the topic
Which backup type is the best choice for my data?
The most frequently asked questions when choosing a backup solution
Difference between file backup and image backup?


Post a comment here...

This article covers:
Data backup in IT-Grundschutz
Cloud Backup ISO/IEC 27001 BSI
BSI Basic Protection Backup
BSI Basic Protection "Backup & Data Protection"