Information system owners must ensure that adequate backup and system recovery procedures are in place.
Information stored on laptops or portable computers must be backed up regularly. It is the responsibility of the user that this takes place on a regular basis.
Backup of the university’s data files and the ability to recover such data is a top priority. Management is responsible for ensuring that the frequency of such backup operations and the procedures for recovery meet the needs of the university.
The storage media used for the archiving of information must be appropriate to its expected longevity. The format in which the data is stored must be carefully considered, especially where proprietary formats are involved.
The archiving of electronic data files must reflect the needs of the business and also any legal and regulatory requirements.
Management must ensure that safeguards are in place to protect the integrity of data files during the recovery and restoration of data files; especially where such files may replace more recent ones.
Backups of LUIS servers and data must be retained such that server operating systems and applications are fully recoverable; any exceptions to this policy must be approved by the system owner and the information security office. This may be achieved using a combination of snapshot copies, incremental backups, differential backups, transaction logs, or other techniques.