Backup and Disaster Recovery Planning Overview

 

Adequate Backup and Disaster Recovery Planning (DRP) Standards will help protect information assets of the courts, in the event of an accidental erasure or unforeseen catastrophe, and allow for the continued ability to provide services while reducing the operational and financial impact of the loss or destruction of critical systems and data.

 

Backup involves vital processes generally followed for the periodic protection of computer applications, operating systems, and data by creating properly protected copies of critical systems and data that are readily available after a computer loss or outage. 

 

Disaster Recovery Planning provides for a process to follow in restoring critical computer hardware and software (equipment, operating systems, network communications, data files, applications) after an event that results in the destruction of court computer systems.

 

Business Continuity involves overall reestablishment of an entire court infrastructure after a natural or man-made disaster occurs; however, the following IT Standards do not address business continuity except as it relates to computer system disaster recovery.  

 

IT standards requirements for backup, off-site rotation of backup copies produced, and computer system hardware and software reestablishment (i.e. disaster recovery) after a catastrophe may vary widely due to the numerous courts differing levels of automation.  Some courts may be using automated PC-based case management software and/or standard desktop applications (word processing, spreadsheets, etc.), while other courts may provide Internet connectivity for email and Web access and/or the use of accounting information system software.  For IT Standards requirement purposes (addressed below), two basic profiles were defined for the courts based upon their technology environment:

 

1.      Stand-alone PC’s – this profile includes all of the courts that have only stand-alone PC’s that are not part of a local area network (LAN). 

 

2.      Local Area Networks (plus) – this profile includes all of the courts with at least a LAN and perhaps even more computer processing capabilities, like a mid-range or mainframe central processing unit (CPU) or link to a Wide Area Network (WAN).


Backup and Disaster Recovery Planning Standards

Minimum Security Option

Description

Benefits

Disadvantages

Backup: Critical data and systems copied weekly and moved to a different area with adequate physical access, fire protection, and environmental controls provided.

 

Disaster Recovery: Stand-alone PC’s or LAN hardware is purchased at the time just after a disaster and then loaded with backup copies of critical systems/data created previously. 

 

Provides for basic PC and/or LAN backup and very basic DRP.  Inexpensive when compared to other backup/DRP options. 

Potentially lose all non-critical systems & data and full week of critical systems/data. May be impossible to recover if area-wide disaster prevents hardware purchase.

 

Backup and Off-site Rotation Standards:

 

Backup copies of all court computer operating systems, applications, and data files that are considered to be critical to the court’s on-going service needs will be created at least weekly.  These backup copies of critical court systems and data shall be removed from the immediate vicinity of the computer from which it was created (preferably a different building) and stored in an area that is physically secured from unauthorized access with adequate fire protection and environmental controls.

 

Disaster Recovery Standards:

Provide in the IT standards for the following basic measures to help ensure recovery will eventually be able to be made after a natural or man-made disaster. 

Stand-alone PC’s and/or Local Area Networks (plus)

Replace computer hardware and software through emergency purchases immediately following a disaster occurrence and reload the new computers with backup systems and data copies as discussed in “Backup and Off-site Rotation Standards” (above).

 

 

Optimum Security Option

 

Description

Benefits

Disadvantages

Backup: Full backups of all systems & data weekly.  Incremental backups done daily. Backups immediately moved to a physically secure, fire protected, and environmentally secure off-site facility.

 

Disaster Recovery:

Stand-alone PC’s are purchased at the time just after the disaster and loaded with backup copies of critical systems/data created previously.

LANs use contracted “cold site” obtained prior to a disaster that is equipped with LAN hardware bought only at the time just after a disaster occurs. Load LANs with copies of systems and data created previously and stored at the off-site facility.

 

Much better backup provided. No “rotation gap”. Negligible effort required for the “cold site” pre-disaster preparation.

More expensive due to improved off-site facility and “cold site” contract requirement. May be impossible to recover if area-wide disaster prevents hardware purchase.

 

Backup and Off-site Rotation Standards:

 

Tape backup and off-site tape rotation procedures will address all of a courts computer system's programs and data files, will be kept up-to-date, and will have been specifically tested (i.e. not just "we recovered lost files in the past when a data loss has occurred").

 

Tape backup and off-site rotation procedures will include “full” backups being created at least weekly and “incremental” backups being performed each night for all computer and network operating systems, application programs, and data files.  “Full” backups include copies of all current systems, applications, and files.  “Incremental” backups only involve copying changes made to systems and files since the last “full” or “incremental” backup.

 

Backup tapes will be rotated at least weekly, and more often for critical systems and data, to a physically secure and environmentally protected off-site storage location. In addition, backup tape rotation will be performed immediately after backup copies are produced in order to help prevent a potential loss of a week (or more) of critical systems and data in a catastrophe.  A "rotation gap" between the creation of backup copies and their rotation to an off-site facility could, in the event of a disaster during that time gap, cause a complete loss of recoverable systems and data back to the tapes created up to two weeks previous.

 

The off-site tape storage location will be either a proprietary or state facility specializing in the storage of such media, or will be specifically prepared to address the proper storage of such media.  The off-site tape storage facility will also be physically inspected on an annual basis to ensure that it provides proper physical access security, as well as adequate fire detection/prevention/suppression and environmental controls (air conditioning/heat, water, electricity surges or dips, etc.).

 

Disaster Recovery Standards:

 

Stand-alone PC’s

 

Replace computer hardware and software through emergency purchases immediately following a disaster occurrence and reload the new computers with backup systems and data copies as discussed in “Backup and Off-site Rotation Standards” (above).

 

Local Area Networks (plus)

Obtain a contract for use of an alternate “cold site” at the State of Texas’ West Texas Disaster Recovery Operations Center, or with a private commercial computer recovery firm, in order to provide for a physical site to reestablish computer systems and data in the event of a catastrophe.  Then, replace computer hardware and software immediately after a disaster through emergency purchases and load these new computers with backup systems and data copies as discussed in “Backup and Off-site Rotation Standards” (above).


Maximum Security Option

Description

Benefits

Disadvantages

Backup: Optimum Security Option plus: Backup tapes verified after creation. Proper tape storage in labeled dust-free containers. DRP, hardware & software inventories, insurance policies, documentation, and special documents all put in off-site facility.

 

Disaster Recovery:

Stand-alone PC’s that are compatible are purchased prior to a disaster and stored or used at an alternate site. At the time just after a disaster, data and systems backups are loaded to the PCs. LANs will require an alternate “hot-site” facility equipped with compatible hardware & software. Backup copy systems/data is loaded after a disaster.

 

Best possible backup and disaster recovery efforts provide ability to survive almost any computer system loss or catastrophe.

More effort required for backup. Most expensive due to required purchase of PC hardware prior to a disaster and the need for a LAN “hot site” that is fully equipped.

 

Backup and Off-site Rotation Standards:

 

Backup tapes created will be validated and verified to ensure that they are readable prior to their being sent to the off-site storage facility (i.e. “read after write” verification).

 

Backup tapes maintained at the off-site tape storage facility will be adequately physically labeled to determine what they are in the event of a loss or disaster.                       

 

One complete and regularly updated hardcopy inventory of all hardware and software will be maintained within the off-site tape storage facility (including operating systems, applications, purchased hardware and software, and both the vendor name and the court’s given name for each piece of hardware and software).

 

At least one complete hardcopy version of the most current Disaster Recovery Plan and any IT insurance coverage (for use in the event of a computer system loss) will be kept in the off-site tape storage facility.

Hardcopy documents used by the courts that are not readily available from normal vendor channels (check stock, for example) will be kept in adequate supply at the off-site storage facility for use in the event of a disaster.                 

 

Hardcopy and digital versions of standard system configurations and documentation for all critical applications will be maintained at a physically secured off-site storage facility.

 

Tapes stored at the off-site storage facility will be kept in adequate dust free containers and be stored on their sides (especially 9-track tapes) in order to be certain that their data contents do not degrade or are lost completely.

 

Archival tapes (those kept for 2-3 years or more) will be annually checked for readability, and re-restored to newer media every few years, in order to maintain their capability to be restored (especially in the event new hardware or software make the old tapes unreadable due to new data text bit configurations).

 

Disaster Recovery Standards:

 

Stand-alone PC’s

Obtain compatible computer hardware and software to that currently being used by the court prior to a potential disaster occurrence and store or use them at an alternate site that is removed from the everyday court site.  When a computer disaster occurs, simply load these off-site computers with backup data and systems copies as discussed in “Backup and Off-site Rotation Standards” (above).

Local Area Networks (plus)

Obtain a contract for use of an alternate “hot site” at either the State of Texas’ West Texas Disaster Recovery Operations Center or with a private commercial computer recovery establishment in order to quickly reestablish computer systems and data in the event of a catastrophe.  The “hot-site” facility will contain compatible hardware and software to that used by the court on a daily basis. When/if a catastrophe occurs, load these “hot site” computers with systems and data backup copies as discussed in “Backup and Off-site Rotation Standards” (above).