Server administrators should make backup copies of the operating system, application software, and critical data on a regular basis. The backup frequency, method, media used, and retention period may vary depending on the criticality of the services available from the server.
Server administrators should always have a current backup copy of the most recent version of the operating system and application software available to rebuild the server. These copies are generally obtained from the hardware or software vendor at the time of purchase or initial installation. Server administrators should create a new backup of the currently installed software version as soon as possible after each software upgrade or update.
Server administrators should also have access to backup copies of the server resident data files in case the current data is lost. The frequency of the backups should consider how much time and effort users would need, or can afford, to invest in manual recovery of lost transactions. An application with low activity and sufficient paper transactional records may only need occasional backup. An application database with a high volume of transactions and little paper documentation of these transactions requires daily backup.
One method is the "grandfather, father, son" method where three versions are kept, the oldest version is always replaced by the newest. This method allows restoring of data to a point from 48 to 72 hours prior, in the case of a daily backup cycle, or two to three weeks in the case of a weekly backup cycle.
Another method often used in daily backup schemes involves the designation of a different set of backup media for each day of the week. Monday’s backup is retained until the following Monday, at which time it is overwritten. Tuesday’s backup is retained until the following Tuesday when it is overwritten, and so on. In this scheme, Friday backups are often retained for longer periods (e.g., a month). Thus, the backup of the 1st Friday of the month is retained until it is overwritten on the 1st Friday of the following month. This method provides recovery to any day in the prior week and to a designated point in each week of the prior month.
There are numerous variations on the methods described above. Regardless of the method, server administrators should have written backup procedures that specify clear labeling of all backup media. System administrators must destroy obsolete backup media as described in Section 04.10 of UPPS No. 04.01.01, Security of Texas State Information Resources.
There are different schemes used for rotating backups to offsite locations. It is always best to have a current copy of the data stored offsite. Where this is impracticable, send the most current copy offsite at least weekly or monthly. In the above example, where Friday backups are recycled monthly, the Friday backups are often taken offsite. If data were backed up daily and a copy sent offsite weekly, users would lose, at most, one week’s worth of data. Again, the criticality of the data should drive the decision.
Ideally, the server administrator should select an offsite backup location that is as physically secure as the onsite location, yet accessible during an emergency situation. One effective practice is storing backups in another campus building, under a reciprocal agreement with another server administrator, using locking fireproof safes and a hard copy access log that stays in the safe with the backup. Server administrators should also encrypt offsite backups to reduce risk in case of loss during transit to or from the offsite location. Server administrators should also contact the Information Technology Assistance Center (ITAC@txstate.edu) for offsite storage options available through Technology Resources. NOTE: Server owners and administrators should avoid storing offsite backups in private residences. The homeowner could sever ties with the university and not return the data files. There is also no way to assure restricted access to the backup data when it is stored in someone's home.