Information Systems Data Protection Disaster recovery Backups
Data protection act 1998 - Rights The rights of data subjects People whose personal data is stored are called data subjects. The DPA sets uprights for people who have data kept about them. You need to know these rights for the exam. They are: 1. A Right of Subject Access A data subject has a right to be supplied by a data controller with the personal data held about him or her. The data controller can charge for this (usually around 10 pounds). 2. A Right of Correction A data subject may force a data controller to correct any mistakes in the data held about them. 3. A Right to Prevent Distress A data subject may prevent the use of information if it would be likely to cause them distress.
Data protection act 1998 - Rights The rights of data subjects 4. A Right to Prevent Direct Marketing A data subject may stop their data being used in attempts to sell them things (e.g. by junk mail or cold calling.) 5. A Right to Prevent Automatic Decisions A data subject may specify that they do not want a data user to make "automated" decisions about them where, through points scoring, a computer decides on, for example, a loan application. 6. A Right of Complaint to the Information Commissioner A data subject can ask for the use of their personal data to be reviewed by the Information Commissioner who can enforce a ruling using the DPA. The Commissioner may inspect a controller's computers to help in the investigation. 7. A Right to Compensation The data subject is entitled to use the law to get compensation for damage caused ("damages") if personal data about them is inaccurate, lost, or disclosed. Remember: These rights only practically exist if you know who has data stored about you. Some data controllers are exempt from the Act.
Understand Backup Strategies There are a number of different types of backups that you can perform on your system. Each one backs up a different subset of files and enables you to minimize the amount of media required to protect your data and the amount of time required to complete the backup. The four types of backups we examine in this lesson are: 1. Full 2. Differential 3. Incremental 4. Daily
Task Research the 4 types pf back ups 1. Explain what they are. 2. Describe a situation that they might be used for and when. 3. Evaluate whether they would suite an organisation such as the college. 4. Provide advantages and disadvantages for all types. 5. Upload your findings to Your-space/Moodle.
Full Back up A full backup is a method of backup where all the files and folders selected for the backup will be backed up. It is commonly used as an initial or first backup followed with subsequent incremental or differential backups. After several incremental or differential backups, it is common to start over with a fresh full backup again. Advantages: All files from the selected drives and folders are backed up to one backup set. In the event you need to restore files, they are easily restored from the single backup set. Disadvantages: A full backup is more time consuming than other backup options. Full backups require more disk, tape, or network drive space.
A differential backup provides a backup of files that have changed since a full backup was performed. A differential backup typically saves only the files that are different or new since the last full backup, but this can vary in different backup programs. Together, a full backup and a differential backup include all the files on your computer, changed and unchanged. Differential Advantages: Differential backups require even less disk, tape, or network drive space than incremental backups. Backup time is faster than full or incremental backups. Disadvantages: Restoring all your files may take considerably longer since you may have to restore both the last differential and full backup. Restoring an individual file may take longer since you have to locate the file on either the differential or full backup.
Incremental Monday - Perform the first incremental backup of selected files and/or folders using a file set with the Incremental option enabled. Tuesday - Perform another backup with the backup file set you created Monday. Only files that have changed since Monday's backup are backed up. Wednesday - Perform another backup with the backup file set you created Monday. Only files that have changed since Tuesday's incremental backup are backed up. Advantages: Backup time is faster than full backups. Incremental backups require less disk, tape, or network drive space. You can keep several versions of the same files on different backup sets. Disadvantages: In order to restore all the files, you must have all of the incremental backups available. It may take longer to restore a specific file since you must search more than one backup set to find the latest version of a file.
Daily A daily backup copies all the files that you select that have been modified on the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared). Advantages: Backup time is faster than full backups. Daily backups require less disk, tape, or network drive space. Daily backups ensure less data is lost if done regular. Disadvantages: Time consuming for the amount of data created that day. Data needs to be stored and retrieved quickly is often kept on servers and is less secure.
Disasters Happen Question: Why should I spend my valuable time and effort backing up my data? Answer: Sooner or later, you're going to lose that data.
Failures Hardware failure: Hard drives can have mechanical failures, develop bad sectors, or just completely stop working one day, all of which can cause your data to disappear. Software failure: If you're running Windows, you may be aware of the types of operating system crashes that can occur. Operating system crashes, software application errors, and lockups can all cause data to become damaged or corrupted, not to mention the destruction that may occur if your computer becomes infected with a computer virus. Natural disasters: Floods, fires, tornadoes, and hurricanes don't occur every day, but when they do, they tend to have quite an impact on computer components involved and the data stored within them.
Failures Human error: A roommate, spouse, parent, or child with good intentions (or, perhaps, not-so-good intentions) may inadvertently change or delete important data. You may even accidentally slip with the mouse yourself, perhaps permanently deleting a document when you shouldn't have. Natural disasters: fires, earthquakes, floods... There is a whole list in your insurance policy, but you may not be able to retrieve any information from your computer if a disaster strikes.
Failures Other disasters: Theft is a possibility, from a stranger or from someone working for you (who may be working for your competition). What is your backup plan if your computer suddenly is gone? Although these occurrences may seem very remote to you at the moment, one of these (and, for the unfortunate of us, more than one) will occur. It's only a matter of time. If you place any value on your data, spending a small amount of time making backups will be well rewarded when you encounter one of these situations.
Disaster Recovery (policy) Disaster Recovery (DR) Is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans. While Disaster Recovery plans, or DRPs, often focus on bridging the gap where data, software, or hardware have been damaged or lost, one cannot forget the vital element of manpower that composes much of any organization. A building fire might predominantly affect vital data storage; whereas an epidemic illness is more likely to have an affect on staffing. Both types of disaster need to be considered when creating a DR Plan. Thus, organizations should include in their DRPs contingencies for how they will cope with the sudden and/or unexpected loss of key personnel as well as how to recover their data.
Disaster Recovery Plans Disaster Recovery Plans are generally part of a larger, more extensive practice known as Business Continuity Planning. DR plans should be well practiced so that the key players are familiar with the specific actions they will need to take should a disaster occur. DR plans must also be adaptable and routinely updated, e.g. if new people, a new branch office, or new hardware or software are added to an organization they should promptly be incorporated into the organization's disaster recovery plan. Companies must consider all these facets of their organization as well as update and practice their plan if they want to maximize their recovery after a disaster.
Disaster Recovery Plans Business continuity / Disaster Recovery Plans Business Continuity or DRP steps involve an extensive analysis of an organization s business processes, IT infrastructure, data backup, resources, continuity requirements and disaster prevention methods. Secondly, it is the process of creating a comprehensive document encompassing details that will aid businesses in recovering from catastrophic events. Developing a disaster recovery plan differs between enterprises based on business type, processes, the security levels needed, and the organization size. There are various stages involved in developing an effective Disaster Recovery or Business Continuity planning. The key phases and the plan steps are outlined below:
Phase I Data Collection Project should be organised with timeline, resources, and expected output Business impact analysis should be conducted at regular intervals Risk assessment should be conducted regularly Onsite and Offsite Backup and Recovery procedures should be reviewed Alternate site location must be selected and ready for use Key Phases Phase II Plan Development and Testing Development of Disaster Recovery Plan Testing the plan Phase III Monitoring and Maintenance Maintenance of the Plan through updates and review Periodic inspection of DRP Documentation of changes
Read the Document found on the Wiki and Yourspace. Disaster Recovery Task What do you think the most valid points are? How could this be used in an organisation such as the college? Think of a disaster and plan for it. Submit to Your-space
What is a DRP main aim? Questions Name a limitation on a DRP Why do we back up There are 4 main types of Backup what are they?