- Should be stored offsite within reasonable distance allowing for both protection from a wide area disaster and timely media recall.
- Must be stored in a secure location and under controlled environmental conditions (heat, humidity, dust, etc.) as per the media manufacturer's specifications and industry standards.
- Must be a duplicate of the onsite backup media (no single copies) and sent offsite daily shortly after creation.
- Must be inventoried via backup software or manually if the software does not provide this functionality.
- Long-term retention media should be tested periodically and migrated to new media as technology evolves to ensure recoverability of data.
- As with backup media, software installation media should have a copy available offsite.
- A copy of the software installation license keys should also be kept offsite along with system specific unique identifier information if required (some applications require it).
- Software installation media should be inventoried, subject to version control and maintained via a configuration management database.
- Software media should be stored with a copy of the system configuration and recovery documentation for disaster recovery (DR) purposes.
- Change management must also take into consideration the impact on offsite stored software media and documentation when authorizing a change such as a version upgrade.
The above are probably some of the most common best practices around backup and software media storage. Other good sources of information include the Information Technology Infrastructure Library (ITIL) and the Business Continuity Generally Accepted Practices (GAP).
Related Q&A from Pierre Dorion
With some limitations, Federal Continuity Directives 1 and 2 can be used to help conduct a business impact assessment.continue reading
Find out what business impact assessment errors you can most easily identify in this Expert Response from Pierre Dorion.continue reading
Pierre Dorion highlights some of the business impact analysis tools available to help companies in this Expert Response.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.