Data backup is the practice of copying data from a primary to a secondary location, to protect it in case of a disaster, accident, or malicious action. Data is the lifeblood of modern organizations and losing data can cause massive damage and disrupt business operations. This is why backing up your data is critical for all businesses, large and small.
As per NIST SP 800-53 r5 backup is a part of the contingency planning process of any and all organizations. A contingency plan is a plan devised for an outcome other than in the usual (expected) plan. It is often used for risk management for an exceptional risk that, though unlikely, would have catastrophic consequences. Contingency plans are often devised by businesses to make sure they are able to operate during an outcome that is not ideal for the organization, this could be a ransomware attack, a malware attack or could be a case where the device has been wiped clean and nothing is retrievable, another possible outcome could be a natural disaster that might have led to physical damage to the organization’s servers.
The Starting of the Backup is done by planning the backup, designing controls on how to operate this task and to move forward with reviewing and updating the current backup procedures.
The next step is to coordinate the plan with related Head of departments, and with the people carrying out the backup. In this step the capacity planning is also taken into account so as to see if it is possible to work normally during this time so as not to overload the server, we need to keep in mind to transfer the backup form processing site to an alternate site, this is done so that if there is any damage or attack to the organization than, the backup is at a safe location and can be used to get the organization back on track. We need to identify the critical servers and data that is essential for the running of the business.
Another step in this process is training of the employees to conduct the backup at given intervals so that they are ready to backup the system at a moment’s notice, and then test this theory by giving them a mock drill and to see the way team responds to the threat and to monitor the time taken, errors made and to finally see the level of preparedness for the organization.
The Backup should include system-level information which includes, system state information, operating system software, application software, and licenses. User-level information includes information other than system-level information. Mechanisms employed to protect the integrity of system backups include digital signatures and cryptographic hashes. System backups reflect the requirements in contingency plans as well as other organizational requirements for backing up information. Organizations may be subject to laws, executive orders, directives, regulations, or policies with requirements regarding specific categories of information.
Recovery is executing contingency plan activities to restore organizational mission and business functions. Reconstitution takes place following recovery and includes activities for returning systems to fully operational states. Recovery and reconstitution operations reflect mission and business priorities; recovery point, recovery time, and reconstitution objectives; and organizational metrics consistent with contingency plan requirements. Reconstitution includes the deactivation of interim system capabilities that may have been needed during recovery operations. Reconstitution also includes assessments of fully restored system capabilities, reestablishment of continuous monitoring activities, system reauthorization (if required), and activities to prepare the system and organization for future disruptions, breaches, compromises, or failures. Recovery and reconstitution capabilities can include automated mechanisms and manual procedures. Organizations establish recovery time and recovery point objectives as part of contingency planning.