STANDARD FOR ENTERPRISE BACKUP AND DATA RECOVERY

 

The University of Texas at San Antonio

Office of Information Technology

Office of Information Security (OIS) Standards

 

OIS 14 – Standard for Enterprise Backup and Data Recovery

 


I. STANDARD STATEMENT


Institutional data and records must be protected and managed in such a way as to prevent loss or destruction. This standard applies to all individuals within the UTSA enterprise who are responsible for the installation and support of information resources, individuals charged with information resources security and Data Owners.

 


II. RATIONALE


This standard supports HOP Policy 8-12 Information Resources Use and Security Policy

 


III. SCOPE



This standard applies to all UTSA faculty, staff, and students.


IV. CONTACTS


If you have any questions about OIS 14 – Standard for Enterprise Backup and Data Recovery contact the following office:

 

The Office of Information Security

informationsecurity@utsa.edu

V. PROCEDURES  


  1. All UTSA data must be backed up according to risk management plans developed by the Data Owner.
  2. Backup media must have, at a minimum, the following identifying markers that can be readily displayed by labels and/or a bar-coding system:
    • System name
    • Creation date
    • Sensitivity Classification
    • UTSA contact information
  3. Physical-access controls implemented at off-site backup storage locations must meet or exceed the physical access controls of the source systems. Additionally, backup media must be protected in accordance with the highest UTSA sensitivity level.
  4. A process must be implemented to verify the operability of the UTSA electronic information backup, including periodic testing, to ensure that backups are recoverable.
  5. Procedures involving UTSA and the off-site backup storage vendor(s), if any, must be documented and reviewed at least annually.
  6. Each department must maintain a documented recovery plan designed to restore service in the event of a disaster or significant outage.

____________________________________________________________________________

Reference for This Standard:

University of Texas System Information Resources Use and Security Policy, Section 5, Standard Backup and Disaster Recovery.

 

______________________________________________________________________________


Effective Date: August 20, 2010
Last Revised: May 28, 2015

<< Back