BACKUP AND RECOVERY POLICY
The centralized backup system is designed to provide consistent, reliable backup
for servers maintained by Information Technology. This policy governs the design and
use of the backup facilities.
The backup system is housed in two locations (on and off campus). Southern’s network
is connected to these two locations by fiber-optic Ethernet.
Each server has a customized backup schedule. Participating servers are grouped into
two classes.
- Servers containing primarily financial or student records are backed up nightly and maintain a daily snapshot for six weeks. Additionally, the information contained in these servers is backed up to the off-campus location monthly.
- Servers containing other proprietary and confidential university data are backed up nightly and maintain a daily snapshot for two weeks.
- Departments not participating in the centralized backup system must submit a backup-and-recovery plan to Information Technology. This plan must include backup methods, schedules, and recovery procedures.
- Backup-and-recovery plans are not required for servers used primarily for personal files or that are experimental.
Users needing individual files restored may contact Information Technology during
business hours. Requests must include the specific file name, location, and restore
date. Files may be restored on a best-effort basis.
When the operating system and large portions of data are destroyed from a server or if the server is physically damaged, the following disaster-recovery procedures are activated to assure an orderly and timely recovery.
- Information Technology makes disaster recovery the highest priority. The executive director meets with the networking staff to assess the situation.
- If more than one server is down, priorities are set based on the number of people using the server and the type of information it contains. First priority is given to servers containing financial or student records. Because it is not feasible to enumerate every combination of servers in this policy, priorities are set by the executive director at the time of the disaster.
- As the recovery process begins, the executive director is responsible for communicating to users the plan of action and the methods we are using to communicate updated information.
- As the recovery process progresses, networking staff will communicate status on a regular basis using the defined communication methods.
This policy will be reviewed annually to ensure that it is relevant, serves the needs and priorities of the institution, and is consistent with current trends in information technology. The following process will be followed:
- The I/T advisery committee reviews this policy before the May meeting. Additional input is solicited from members of the University Senate.
- The executive director of Information Technology compiles possible changes for discussion at the summer I/T advisery committee meeting.
- The I/T advisery committee votes policy changes.
- Policy changes involving funding are voted by the Administrative Council.