Data security

This brief course overview discusses the basics of backing up data and includes an overview of methods, tape rotation, the grandfather-father-son practice and offsite copies.

Information held on the File Server can be defined in one of two categories:


  • Data files - these are typically spreadsheet, configuration files, word processing files and user specific files created by application software.
  • Application files - these are program files. Typically these files will have file extensions of EXE, OVR and DLL.

Responsibility for data security

It is critical that one member of staff holds overall responsibility for data security.

The archive bit

File Attributes Archive Bit Attrib
Every file created on the network is automatically assigned . These attributes give properties that are specific to a file. Typically, attributes govern whether a user can see the file, copy the file or rename the file. Fundamental to the process of file back up is the notion of the . This is an attribute of every file which defines whether a file has been backed up or not. A file's attributes may be viewed by the command in DOS or by using Microsoft's Explorer utility. Any file that is created or changed since it was last backed up should have the Archive bit set on. As a general rule, files that are copied to tape have their archive bits set to off. There are some exceptions to this rule.

Backup schedule

Typically, data files should be backed up on a daily basis. However application software files and other non-changing information may only need to be copied on a weekly or monthly basis.

Backup method

Full Backup Partial Backup
  • Incremental: Only files whose archive bit is set ON will be copied to tape. Once the files are copied, the archive bit is set to off.
  • Differential: Only files whose archive bit is set ON will be copied to tape. Once the files are copied, the archive bit is left unchanged.
  • Selected files: Only files that are individually flagged will be copied to tape. The files are copied whether or not the archive bit is set. The archive bit may or may not be cleared from the files after the backup.
The simplest method of backing up data is to copy all files from the File Server disk to tape. When a backup is performed, the backup software copies all the hidden information contained within the Operating system database to tape, in addition to the specified data files and directories that are flagged for back up. The process of copying all files to tape is known as a . If selected files are copied to tape the process is known as a . There are three main categories of partial backup.

Tape rotation method

This ensures that:

  • Different versions of backed up files can be maintained on different tapes.
  • In the event of a tape failure during a restore, another recent tape is available.
  • Certain tapes can be stored off site.

There are a number of different types of tape rotation methodologies. Listed below are some of the most commonly used systems.

The purpose of a rotation scheme is to have a number of different back up tapes each containing files that were backed up on a given date.

Grandfather Father Son

Grandfather Father Son

There are four tapes to be used only on Fridays - Friday1, Friday2, Friday3 and Friday 4. The Friday tapes are used depending on the week number within the month. For example, the Friday2 tape would be used on the second Friday of the month.

There are also twelve monthly tapes named January through December. These tapes are used on the last day of every month in preference to any other tapes.

This is a simple system to manage if the backups do not extend to more than one tape. (GFS) requires 19 tapes. There are four designated daily tapes for Monday, Tuesday, Wednesday and Thursday. These tapes are only used for their prescribed day's backup.

Ten Tape Rotation

During the first four weeks the same tapes are used Monday to Thursday. At the end of each week a nominated end of week tape is used.

During the second four week cycle the tapes are brought forward one day and the weekly tapes (shaded) are brought forward. The table below illustrates the tapes numbers and the usage sequence.

Networking
Ten Tape Rotation
The Ten Tape Rotation method consists of a sequence of four-week cycles occurring over a forty-week period.

Offsite copies

These tapes are rotated with the other tapes in the cycle so that there are always a number of tapes stored off site in a secure location.

In order to maximize protection against a disaster such as a fire of flood in the computer room, it is good practice to ensure that several tapes in a back up cycle are stored off site.

Disaster recovery


The people at FreeSkills.com were nice enough to share one of their many free tutorials with us in order to make "Data security" available to SearchNetworking.com readers. FreeSkills.com has more than 400 free tutorials and many reasonably-priced courses available for different IT subjects. We recommend you stop by and visit this wonderful resource!

In the event of a disaster occurring and the File Server being destroyed, it is prudent to have available a process which eases the process of rebuilding the system.
This was first published in July 2004

Dig deeper on Network Security Best Practices and Products

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close