Backup Policy

Objective:
To establish an effective backup procedure that ensures data integrity, availability, and a quick recovery in the event of a data loss or system failure within the Digital Forest server and cloud environment. This procedure includes defining Recovery Point Objective (RPO) and Recovery Time Objective (RTO) values to guide the backup strategy.

1.RPO and RTO:

  • Recovery Point Objective (RPO): The maximum acceptable data loss in case of an incident is set to 4 hours, data recovery should not exceed a 4-hour window.
  • Recovery Time Objective (RTO): The acceptable downtime for system recovery is set to 2 hours, the system should be fully operational within 2 hours after an incident.

2. Identify Critical Data and Systems:

  • On every new client or application or data model introduction we identify critical data, applications, and systems that require regular backups and review if RPO and RTO values are still valid or need redefinition.

3. Implement Regular Backup Schedule:

  • Regular automated backups are scheduled based on the criticality of data and systems.
  • Daily backups for less critical data.
  • Real-time or frequent backups for mission-critical data.

4. Backup Types:

  • Full backups: Complete backup of all selected data and systems.
  • Incremental backups: Back up only the changes made since the last backup.
  • Differential backups: Back up all changes since the last full backup.

5. Select Backup Storage:

  • We implement secure and reliable storage solutions, such as cloud storage, external drives, or a combination for redundancy.

6. Encryption and Security Measures:

  • Encryption for data in transit and at rest is implemented to ensure data security.
  • Restricted access to backup files and regularly review access controls.

7. Test Backup and Recovery Procedures:

  • Regularly test the backup and recovery procedures are processed to ensure they meet the defined RPO and RTO values.
  • Simulation of different scenarios to validate the effectiveness of the backup strategy are in place.

08. Periodic Review:

  • Quarterly review and adjust the backup strategy based on changes in technology, business requirements, or incident response lessons learned.

By following this backup procedure with defined RPO and RTO values, the organization can ensure a resilient and efficient data protection and recovery mechanism. Regular testing and reviews help maintain the effectiveness of the backup strategy over time.

Digital Forest srl
Via G. Cadolini 30
20137 Milano
P.IVA IT07798480963