- Commandment 1: Start with a Written Plan
- Commandment 2: Back Up Data Daily
- Commandment 3: Properly Label Backups
- Commandment 4: Review Backup Settings
- Commandment 5: Maintain Multiple Backups
- Commandment 6: Ensure that the Backup Medium Is Sound
- Commandment 7: Regularly Test Backups
- Commandment 8: House a Backup Offsite
- Commandment 9: Dont Overlook Security
- Commandment 10: Revisit Backup Routines
Commandment 5: Maintain Multiple Backups
Never rely upon a single backup file. Tapes can fail. Electrical failures can interrupt a backup, corrupting the data written to a backup file. Worse, a virus or other malicious activity can compromise the source data that’s backed up, thereby overwriting a valid backup with compromised data.
By maintaining a library of backups, an organization vastly expands its recovery options in the event of a disaster. Consider a disgruntled employee or hacker who intentionally edits data within financial programs or a database. By changing fields selectively, the employee or hacker might alter data, create fraudulent entries, delete valid records at will—and evade detection for days, weeks, or even months. Having backup sets older than the malicious activity proves critical in recovering from such episodes.
How far back your organization’s backups should date will depend upon several factors. Industry, company type, and even legislation may affect how long the organization must maintain backup records. Sarbanes-Oxley and the Health Insurance Portability and Accounting Act (HIPAA) require specific entities to maintain various records for distinct periods of time. For example, healthcare organizations are required to maintain patient data securely for six years.