UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
1. Purpose
The purpose of the Backup procedure is to ensure proper addition, modification and discontinuation of backup.
2. Objectives
The objectives of this procedure are:
- To ensure correct backup in relation to any requirements for length of stay, frequency and time for restore.
- To ensure that business does not suffer data loss in the event of a breakdown in the production environment.
- To provide efficient backup management
3. Scope
Backup procedure for virtual and physical servers includes adding backup, modifying existing backup and shutting down backup.
Excluded from scope is the application owner's assessment of backup criteria based on applicable contract and legal requirements. This assessment is input to the Backup procedure.
4. General
When ordering a new application server and / or server (ticket in the business service management system), the application owner must before implementation prepare a description of legal requirements, physical dimensions and the importance of the application for the organization, thus details for the backup in question if it is a business critical application or not, so a recommendation can be made about the type of backup, the location of the backup, and frequency.
The result will then be entered into the business retention plan, which in addition to the backup's length of stay, contains an annual plan for performing backup and testing of backup at restore.
5 . Process activities
Backup procedure consists of the activities below.
- Application owner assesses based on contact and legal requirements:
- Time in rest
- Frequency
- Time to resore (Recovery Time Objective (RTO)
Adding or changing backups
6. Adding backup
6.1 Virtual server - business critical application
The servers / applications that exist of a business-critical nature are established with the business backup system.
The business-critical servers / applications backup is set up by adding the server to the production group, which matches the backup frequency and downtime according to input from the application owner. The verification takes place the next working day by reviewing the backup report.
Finally, the server / application is added to the business Retention plan, which also contains information on requirements for systematic restore testing.
6.2 Physical servers - business critical application
The servers / applications that exist of a business-critical nature are established with the physical backup system.
The physical backup system takes place in 2 tempi, first by installing the physical backup client on the server, then setup in physical backup application, where the backup frequency and length of stay are set up in accordance with legal requirements and agreement with the application owner.
Finally, the server / application is added to the business Retention plan, which also contains information on requirements for systematic restore testing.
6.3 Not business-critical application
The Servers / applications that do NOT exist of a business critical nature are established for virtual server with backup and the virtual backup system and for physical servers with te physical backup system.
The backups are created in folders set up with 14 days of retention, and the verification takes place the next working day, by reviewing the backup report.
Finally, the server / application is added to the business Retention plan, which also contains information on requirements for systematic restore testing - see section 6.4 Retention plan.
6.4 Retention plan (applies to both addition and change of backup)
The application is then created in the business retention plan, where a decision is made on:
- Hardware type (physical or virtual)
- Storage of backup based on assessment of how business-critical the application is.
- Retention period for backup
- Number of versions of backup
- Restore / test frequency
The above is agreed with the application owner following a recommendation from IT.
As the size of the backup has an economic consequence, Internal systems will as a rule always be located on the business own infrastructure, otherwise the finances will be submitted to the CFO for approval of the cost of storing the backup.
The retention plan is the basis for the annual cycle, through which IT ensures backup and testing of Restore. The document is reviewed and updated regularly with an annual revision - (1 May / 1 December).
7. Changing the backup
In the event of a change to an already running backup process, the server / application must be revised in relation to the already approved agreement. Changes to the backup frequency and length of stay are made immediately. When downgrading to a non-business-critical server / application, the backup frequency and latency change according to standard retention for non-business-critical applications.
Regardless of the extent of the change, finish by updating the server / application in the business Retention plan which also contains information on requirements for systematic restore testing - see section 6.4 Retention plan.
8. Decommissioning of backup
The servers will be removed from the pools where they are located in the backup systems application and if they have clients installed they will be uninstalled. Even the backup will expire with the selected retention period, and the deleted server will be removed in the retention plan.