Resilient backups strategy

Purpose

Data can be lost through simple error, a system failure, or a malicious interference or attack. A good backup strategy will minimize such loss and allow you to recover faster to carry on your research. 


Audience

faculty researchers Admin staff IT staff students


On this page


What can I do?

Determine what data to backup according to whether the data are volatile or disposable. 

  • Some data does not need to be backed up because they are temporary in nature 

  • Decide how often to take a backup based on how much data you are willing to lose.

  • Establish a schedule and workflow for major backups (after major edits or alterations).

Keep several points in time or versions of your backups, known as the 3-2-1 strategy.

3 copies

  • You should have at least 3 copies of your data.

2 storage mediums

  • You should have backups stored on at least 2 different storage mediums (e.g., 1 in the cloud and 1 stored locally).

    • 1 of these backups should be unalterable from the Internet; either on an external drive disconnected from your system or via a backup solution that does not allow rewrites.

1 off-site

  • You have one 1 backup that is off-site, meaning not in close proximity to your primary backup (either virtual or physical).

Protect your backups from unauthorized access by others.

Create and maintain an inventory of your backups.

Securely destroy old copies of backups.

  • When a backup copy is deprecated and no longer needed, be sure to securely delete the data to reduce the risk of a data breach.

  • Ensure you are retaining backup copies long enough to allow for rollbacks to last clean version of data (in case of delayed ransomware). 


Search

How do I...


Additional help

General

https://handbook.security.utoronto.ca/wiki/spaces/ISH/pages/4948958/Contact+us#Information-Security-(IS)

Researchers

https://security.utoronto.ca/services/research-information-security-program/


Related articles

Â