Trinity College data backup guidelines

Backup procedures, ensuring that both data and software are regularly and securely backed up, are essential to protect against the loss of that data and software and to facilitate a rapid recovery from an emergency, such as a computer failure, a virus infection, a flood or a fire which could result in the destruction of the original data.

This page outlines guidelines for Trinity College staff and students on backing up Trinity data. Please note that only critical systems are routinely backed up by IT Services in the current model. The responsibility for backing up data held on the workstations of individuals regardless of whether they are owned privately or by Trinity falls entirely to the end user.

Responsibility for data backup

If you are responsible for a collection of data held either remotely on a server or on the hard disk of a computer, you should consult your departmental system administrator or IT Services regarding the existence of local data backup procedures. If you do not use the facilities provided by IT Services or those of your department then you should put in place your own procedures.

Recommended backup procedures

IT Services makes the following recommendations regarding the backup of data held on Trinity systems:

  • Take time to identify the important data you store on your computer. Imagine that your computer is destroyed tomorrow - what data you would want to get back? For example, consider important documents, Microsoft Word and Excel files, PDFs, any databases held locally on your machine and possibly your email archive. Make a list of all your important documents and their location on your computer and use this to form the basis of your backup plan. For further guidance see our data backup guidelines for offices and labs.

  • Select appropriate backup media. Backup media refers to the device that you back your data up to. This could be an external hard drive, memory key or shared network drive. Your computer most likely has an appropriate drive for one of these devices and this will influence your decision. If you are unsure what backup media you should use please contact IT Services for help.

  • Physical backup media (external hard drive, memory key) should be labelled as precisely as possible with the date, and some information to indicate what data has been backed up. You could alternatively keep more detailed records of what has been backed up on a separate piece of paper and just label a reference number on the backup media.

  • Keep multiple copies of important data from different time intervals e.g. you could have a backup from one day ago, a backup from one week ago and a backup from one month ago. This protects against loss of data where data becomes corrupt and a user does not notice immediately. This is known as a ‘generational’ backup. In this case three generations of back-up data would be kept known as the grandfather/father/son.

  • Copies of the back-up media, together with any notes on what has been backed up, should be stored safely e.g. in a locked drawer or fireproof safe. Ideally you should have a copy of the data in another location, at a sufficient distance away to escape any damage from a disaster (e.g. a fire or flood) at the location of the data i.e. the location of your computer.

  • You should test the process of restoring your data from your backup copy. This will ensure that you have backed up all necessary data correctly and also familiarise you with the process which should speed things up if you ever need to restore data in the case of a real emergency.

Legal requirements

Users when formulating a backup strategy should take the following legal implications into consideration:

  • Where data held is personal data within the meaning of the Data Protection Act, there is a legal requirement to ensure that such back-ups are adequate for the purpose of protecting that data
  • Depending on legal or other requirements, e.g. Financial Regulations, it may be necessary to retain essential business data for a number of years and for some archive copies to be permanently retained
  • Depending on legal or other requirements, e.g. Data Protection Act, Software Licensing, it may be necessary to destroy all backup copies of data after a certain period or at the end of a contract.

Back-up of private systems

Staff and students using personal workstations/laptops should ensure that their data is backed up using one or a combination of the following methods:

  • Backing-up to a local device e.g. external hard drive, memory key
  • Copying critical data on a regular basis to a remote server that is properly backed up by IT Services.

Further details can be obtained from IT Services or the IT Security Specialist.

Disaster Recovery

You should plan for the worst-case scenario i.e. the total loss of their entire system. If this occurs you need to be in a position, once you have procured replacement hardware, to reload the data/software from the back-up location.

You may also need to re-licence the software, because often the licence manager keys on hardware-specific attributes e.g. size and type of hard disk, MAC address and/or host-id. Arrangements for replacement hardware can be made as follows:

  • Purchase - most vendors will try to provide a rapid delivery in the event of a disaster
  • Use of spare capacity on a colleague's computer in other building/site

Checklist

All users are advised to check that their backup strategy meets the following requirements:

  • Are all data, operating systems and utility files adequately and systematically backed up? (Ensure this includes all patches, fixes and updates)
  • Are there adequate records of what is backed up and to where?
  • Are there records of the licensed software?
  • Are copies of the media and records stored remotely and safely?
  • Has the backup viability been checked by regular tests of reloads?
  • Can the new hardware read the backup media?
  • Will the software license run on the new hardware?
  • Has a disaster recovery exercise been practiced successfully?