The difference between a backup and an archive is the retention. A backup will serve for short term recovery or system restore after a failed installation. Typically, you make a backup before installing software that alters data and or system files. An archive serves to store copies of information for a long time. Keeping a copy of your data on an extra drive will safeguard it from disk crashes or any other loss of systems.

The success of a good backup and archiving policy depends on your data organization. The more pc’s you have, the bigger the challenge to keep track of all your data. Here are some basic rules to keep control of your electronic information storage.

1) Keep your original data in centralized folders. Categorize your data (music, pictures, videos, invoices, contracts, letters, etc.) and use separate folders (as suggested by windows). Some folders change more frequently than others and some files are more important than others.

2) Use a simple backup and restore tool to perform the backup and archive jobs. Do not use software that creates proprietary files, because this creates a dependency on the software and the operating system to restore information. Use a tool that stores the files without compression and that maintains the directory structure (e.g. Sysback for windows). This way you can access your copied data directly, without the use of any tool.

3) Use external drives to copy your data to (usb or firewire attached). Select reliable products for your archive drives and avoid systems that require proprietary drivers. You may opt to use a (different) drive for each of the category of data: music, pictures, etc.

4) Make at least once a month a full backup of your data. In case proprietary file formats are used, keep a copy of the software that is needed to read those files on a future safe medium (cd-rom or hard drive – try to avoid zip drives or floppy drives).

5) In case of an archive, keep the copies of your data in a remote place. Holding archives under the same roof will not help in case of a fire or a burglary. These days, small format external drives can easily be stored in a (locked) office desk or a bank safe.

You should be concerned about your Privacy on the Internet. Anti-Virus protection is not the only safety net, your mail messages expose a lot about you. Check out Email Privacy info for an audit of your mail setup!

CITES Security has developed a simple web based security wizard with guidelines on how to secure your operating system.

To keep your messages and files confidential, while sending them over the Internet, you can use PGP or S/Mime.

For more information refer to:

• The International PGP Home Page
• Tom McCune’s PGP page
• S/MIME and OpenPGP by the Internet Mail Consortium

Through my internal IT Audit function, I developed expertise on Sarbanes-Oxley compliance testing, supervision of CobiT controls and control objectives application. I performed successful operational audits on data- and network operations.

The compliance audits of your ICT environments are performed using a variety of tools and approaches depending upon the type of audit required. The methodology used to conduct operational security assessments and audits is consistent with the Information Systems Audit and Control Association (ISACA) standards, guidelines and procedures.

Contact me for a V.I.P. service.