Data Backup, Retention, and Destruction PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Summary
This chapter discusses the importance of data backup, retention, and destruction for organizations. Data loss is a significant risk, and having a robust data backup plan is crucial for recovering critical data and avoiding severe issues, as well as the prevention of such incidents.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Data Security Module Flow 01...
Certified Cybersecurity Technician Exam 212-82 Data Security Module Flow 01 03 Understand Data Security 494 7:4. ¥ /g”" ’ Discuss Data Backup, Discuss and its Importance ' Retention, and )' ) Destruction ) O” 02 ’ 04 Discuss Various Data /,,4 /,,. ' // ’ Discuss Data Loss Security Controls Prevention Concepts Copyright © by EC M.I, All Rights Reserved, Reproduction Reproduction sis Strictly Prohibited Prohibitec Discuss Data Backup, Retention, and Destruction Data loss is @ major risk that organizations are facing today. Loss of critical data can result in a lot of damage to the organization. Any organization that encounters a critical data loss has a higher probability of facing serious issues later. Therefore, you should have a strong data backup and retention plan in place to deal with such incidents. The objective of this section is to explain the concept of data backup, retention, and destruction. Module 15 Page 1849 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Introduction to Data Backup Data backup is the process of making a duplicate copy of critical data, such as physical (paper) and computer records It is mainly used for two purposes: to reinstate a system to its normal working state after damage, or to recover data and information following data loss or corruption A successful data backup strategy is necessary to avoid severe damage to an organization’s assets Copyright pyrig Copyright ©© byby Y All Rights All [ Rights Reserved, Reproduction Reserved, P Reproduction isis Strictly Strictly Y Prohibited, Prohibited Introduction to Data Backup Data backup is the process of copying or storing important data. A backup copy will help you restore the original data when data is lost or corrupted. Backup is a mandatory process for all organizations. The process of retrieving lost files from a backup is known as restoring or recovery of files. The main idea behind data backup is to protect data and information and recover the same after data loss. Data backup is mainly used for two purposes: to reinstate a system to its normal working state after damage, or to recover data and information following data loss or corruption. Data loss in an organization affects its finances, customer relationship, and company data. Data loss in personal computers may lead to the loss of personal files, images, and other important documents saved in the system. Reasons for Data Loss =* Human error: Deletion of data purposefully or accidently, misplacement of data storage devices, and errors in administering databases. = Crimes: Stealing or making modifications to critical data in an organization. = Natural causes: Power failures, sudden software changes, or hardware damages. = Natural disaster: Floods, earthquakes, fire, etc. Benefits of Performing a Data Backup = |t offers access to critical data even in the event of a disaster, ensuring peace of mind in a workplace. Module 15 Page 1850 Certified Cybersecurity Technician Copyright © by EG-Council EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security = Backup of critical data prevents an organization from losing its business. It also helps them retrieve data anytime. = Data recovery helps organizations recover lost data and ensure business continuity. It is recommended that every organization performs a data backup on a regular schedule to run their business successfully and efficiently. To avoid severe damage to an organization’s assets, it is important to design a strategy for a successful data backup process. Going forward, this data backup strategy can act as a blueprint while working on the data backup process for the entire organization. Certain companies also create a data backup policy that is required while implementing a backup strategy. Module 15 Page 1851 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Data Backup Strategy/Plan 1 2 3 4 e— — | | e — |[ 1] S — — Identifying the Selecting the backup Selecting a backup Selecting the critical business data media technology appropriate RAID levels S 6 Z 8 Selecting an Selecting the backup Choosing the right Conducting a appropriate backup types backup solution recovery drill test method cll. All Rights Reserved. Reproduction Reproduction iss Strictly Prohibited Data Backup Strategy/Plan An ideal backup strategy includes steps ranging from selecting the right data to conducting a test data restoration drill. Although the backup strategy might differ among organizations, it is important to consider the following features before drafting a backup strategy: *= The backup strategy should have a data recovery feature from any external device. These devices may include servers, host machines, laptops, etc. = |f the data loss is because of a natural disaster, the backup strategy should not be restricted to only a certain number of incidents. The strategy should also cover the methods for recovering the data after a natural disaster. = The strategy should include the steps to recover data at the earliest. = The lower the cost for data recovery, the more the financial benefit to the organization. = Auto recovery options should be included in the backup strategy as well, as they reduce the chances of human error during the recovery process. Steps involved in data backup strategy/plan: 1. Identifying the critical business data 5. Selecting an appropriate backup 2 Selecting the backup media method 3. 3. backup technology Selecting aa backup Selecting technology Selecting the 6.6. Selecting backup types the backup types 44 Selecting the appropriate RAID 7. Choosing the right backup solution levels 8. Conducting a recovery drill test Module 15 Page 1852 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Certified Cybersecurity Technician Technician Exam 212-82 Exam 212-82 Data Security Data Security ing the Backup Media Selecting Select Data backups Data backups consume consume aa large large amount amount ofof storage storage space. Therefore, space. Therefore, select select the the best best backup backup method method toto meet meet the the organization’s organization’s requirements requirements S —— L All Rights Reserved. Reproductionis Strictly Prohibited Selecting the Backup Media Choosing the best backup media is a a common concern within most organization s. The selection organizations. of a wrong media device can lead to a segregation of data across different media devices. With a carefully considered plan, selecting an appropriate media will enable a better level of data backup. Once Once the media to the data is identified, it is important to choose an appropriate backup media the store the to store data. Backup media selection depends on the type and amount of data in the backup. At times, data backup consumes a large amount of space; consequently, consequently, an increased attention isis organizational needs. necessary to select the best backup media for a situation, and to fulfill the organizational Choosing the best backup media is based on the following factors: == Cost: The Cost: Organization should have backup storage mediums that best fit their budget. The backup media should have more storage space than the data it will contain. == Reliability: Organizations must be able to rely on the data stored on the backup media backup media without fail. Organizations must select a media that is reliable and not susceptible to damage or loss. =» Speed: Speed: Organizations Organizations should select select backup mediums which require reduced require reduced number of human human interactions interactions during during the the backup process. process. Speed Speed becomes concern ifif becomes aa concern the backup the backup process process cannot completed when be completed cannot be machine is idle. when aa machine == Availability: Availability: The The unavailability unavailability ofof the the backup backup medium could be medium could an issue be an data following data issue following loss loss or or data data corruption. corruption. Organizations Organizations should should decide on decide medium on aa medium that always that isis always available. available. == Usability: Usability: Organizations Organizations should media that select aa media should select easy toto use. that isis easy An easy use. An type media type easy media has has aa greater greater flexibility flexibility during during the the backup process. backup process. Module Module 1515 Page Page 1853 1853 Certified Technician Copyright Cybersecurity Technician Certified Cybersecurity EG-Gouncil Copyright © © byby EC-Gouncil All Rights All Rights Reserved. Reserved. Reproduction Reproduction isis Strictly Strictly Prohibited. Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Examples of Data Backup Media Devices Several manual disk swaps may be.‘ ‘ required because of the limited ‘ S/ _{ Optical disks ~200 G8 GB = Affordable, easy to store and data capacity (’ (' (DVD) (DVD) transport i; -y ovo oyo— = Recording and verifying a backup is slow = Relatively higher storage Portable hard capacity than optical disks = More expensive than DVD backups drives/USB flash NoNo limit = Ideal for the home or small |deal = Less recommended for small drives offices backups *= Faster recording of backups =* Media Media for for enterprise-level enterprise-level o* G Expensive Tape drives No limit backups m [EE = Easy to store and transport Examples of Data Backup Media Devices = Optical Disks (DVD) DVD recordable disks can store up to ~200 GB of data and are readily available. DVDs store more data and are available at affordable rates, in bulk if need be. However, they are not used as much as in the past, as external hard drives are available at reasonable prices and can store more data than DVDs. o Advantage: e Less expensive, easy to store, and transport o Disadvantage: e Several manual disk swaps may be required because of the limited data capacity e Recording and verifying a backup is slow = Portable Hard Drives/USB Flash Drives Portable hard drives are considered a better medium for data backup than a DVD. They are available in high capacities and can also be used for smaller backups. Flash drives are available in different sizes and have the ability to store large backup files. RAID is another available hard drive option. It contains two or more hard drives. The second drive may be used to copy data stored in the first drive. This process allows important data to be preserved. Any change in the data will be automatically reflected in all other drives as well. Module 15 Page 1854 Certified Cybersecurity Technician Copyright © by EG-Gouncil EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security o Advantages: Relatively higher storage capacity than optical disks Ideal for the home or small offices Faster recording of backups o Disadvantages: Expensive than DVD Less recommended for small backups = Tape Drives A Tape drive is considered as the best media for data backup. It facilitates data backup atane nterprise level. Tape drives are used for storing programs and data. There is no limit in storage capacity and can be used to store large amounts of data. o Advantages: Media for enterprise-level backups Easy to store and transport Requires no user intervention Tape backup is completely automatic o Disadvantages: Expensive for home users Home computers require additional hardware and software updates Module 15 Page 1855 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.