Resilient backups strategy
Purpose
Data can be lost through simple error, a system failure, or a malicious interference or attack. A good backup strategy will minimize such loss and allow you to recover faster to carry on your research.
Audience
faculty researchers Admin staff IT staff students
On this page
What can I do?
Determine what data to backup according to whether the data are volatile or disposable.
Some data does not need to be backed up because they are temporary in nature
Decide how often to take a backup based on how much data you are willing to lose.
Establish a schedule and workflow for major backups (after major edits or alterations).
Keep several points in time or versions of your backups, known as the 3-2-1 strategy.
3 copies
You should have at least 3 copies of your data.
2 storage mediums
You should have backups stored on at least 2 different storage mediums (e.g., 1 in the cloud and 1 stored locally).
1 of these backups should be unalterable from the Internet; either on an external drive disconnected from your system or via a backup solution that does not allow rewrites.
1 off-site
You have one 1 backup that is off-site, meaning not in close proximity to your primary backup (either virtual or physical).
Protect your backups from unauthorized access by others.
Encrypt your backups, otherwise a download will provide all of your data and/or intellectual property.
Limit physical and electronic access to your backups to prevent unauthorized people from viewing, altering, deleting your backups.
Create and maintain an inventory of your backups.
As you should have multiple backups, it is important to maintain an inventory of where your data is stored and what version of your data is stored there.
Securely destroy old copies of backups.
When a backup copy is deprecated and no longer needed, be sure to securely delete the data to reduce the risk of a data breach.
Ensure you are retaining backup copies long enough to allow for rollbacks to last clean version of data (in case of delayed ransomware).