1/14/2024 0 Comments Data backup definitionTypically, a retention policy for backups is about 30 days, but archived data might be retained longer before it’s destroyed. A retention policy determines the amount of time an archive stays available before the data can be overwritten or destroyed. ![]() In conjunction with other rules about archiving, a retention policy is also necessary. ![]() Using archive policies, an administrator ensures that data moved to the storage location follows the right regulatory standards and requirements. An archiving policy must be created to determine the rules behind moving data. An administrator configures the time, location, and data that must be archived, and the software does the rest. The features and capabilities offered by archiving software depend on the vendor, but most have standard features across every platform. Many organizations have moved to cloud storage for its convenience and savings, but it’s still the responsibility of the organization to keep the data secure.ĭata archiving best practices typically recommends using software to automate the process. Cloud storage has the advantages of availability and low costs, but the speed is dependent on the organization’s bandwidth and network speed. But unlike most tape systems, network drives offer secure data archives that are readily available should the organization or investigators ever need to access them.Ī third common option is cloud storage. Network storage requires the real estate to host it and expensive hardware to secure and maintain it. Still, this media is still standard for some organizations that need a low-cost way to store large amounts of data in a small space.Īttached network drives are also common, but this media is much more expensive. Organizations have traditionally used magnetic tape due to its ability to store much more data than other media, but tape devices tend to be slower. The media used to store archives is up to the organization, and the decision usually hinges on its convenience, reliability and availability. These data archives are a target for attackers who gain access to high-privilege network accounts or exploit vulnerabilities that give them access to archive data. Attackers know that archives have a wealth of information on organization intellectual property, internal messages, and financial data. Securing data archives is just as important as keeping it unaltered. It also stops attackers from changing data to hide their tracks after a compromise. Creating secure data archives in read-only mode serves to retain its integrity should it be needed in an investigation after a data breach or impropriety. This process can also speed up productivity by reducing the time it takes for employees to open files and access data.īecause the archived data is no longer in use, most administrators store it in read-only mode so that it cannot be altered. By moving data to a lower-cost storage area, the organization can save money and allocate faster storage for more critical data. The type of storage space used can be cheaper and slower, but it must be secure and available when archives need to be reviewed. Outside of archiving for standard requirements, the idea that data should be archived starts with administrators determining the files and data that are no longer in use and can be moved. By archiving files, email messages, and database records, organizations can free up space without risking violations of regulatory standards or losing valuable information that must be reviewed in the future. Unused old data can needlessly take up terabytes of storage.Īrchiving data frees up storage space for newer data, which is useful for organizations that have limited storage space. But most businesses accumulate large amounts of data as they grow. ![]() ![]() Organizations that don’t have a lot of data can use simple backups instead of archives. Archived data can be used for disaster recovery, but it’s mainly useful after a cyber-incident during forensic investigations. But it is up to each organization to determine when data should be archived, how long it is kept before it can be overwritten or destroyed, and where it should be stored. Some specific regulatory standards (such as PCI-DSS, HIPAA, SOX), impose frequency and retention requirements. Any organization that aggregates and stores a significant amount of data should archive it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |