INFORMATION BACKUP POLICY

Objectives

Business Information and services are a vital part of any organization and should be protected. Simply saving information is not enough, performing backups of all application critical information within GrowMore Recruitment will help prevent business downtime and/or loss of data and services. Without adequate backups, failure due to computer malfunction, human error, and natural disasters could cause unrecoverable interruptions.

  • The objective of this policy is to safeguard the GrowMore Recruitment information assets, prevent loss of data due to accidental deletion or corruption, and facilitate the timely restoration of information and business process(es) should a system failure occur.
  • In order to protect GrowMore Recruitment information assets and information systems, this Information Backup Policy is to protect both the company and individual users.
  • Backup of GrowMore Recruitment’s data files, and the ability to recover such data, is a top priority. Management is responsible for ensuring backup operation frequency and recovery procedure(s) align with the professional standards and product goals of GrowMore Recruitment. 

Scope

The GrowMore Recruitment Information Backup Policy shall apply to all information assets, information systems and other resources provided by GrowMore Recruitment for the purpose of supporting GrowMore Recruitment’s software applications. 

Policy

General Requirements

Backups of GrowMore Recruitment servers and data must be retained to the degree that server operating systems and applications are fully recoverable with limited data or service level agreement loss. This may be achieved using a combination of snapshots, copies, incremental backups, differential backups, transaction logs, replication, or other techniques.

Information system owners must ensure adequate backup, system recovery, and testing procedures are in place to ensure recovery from loss of service level in a safe and expeditious manner. Application critical object storage shall receive quarterly audits, via random statistical sampling, of existing inventory to the replication destination. Application critical block storage volumes shall be backed up on a nightly schedule. Application critical block storage recovery and test shall occur daily, migrating the previous night’s production backup into the development environment, to proof and audit safe and expeditious recovery every day.            

Management must ensure safeguards are in place to protect the integrity of data during the recovery and restoration of data, especially where such data may replace more recent data. Application-critical object storage shall employ versioning and replication as safeguards to the integrity of object storage, while block storage shall employ encrypted backups and snapshots to ensure data integrity.           

Business information should not be stored on laptops or portable computers. For our remote workforce, all business information should be stored in the cloud (either in a company cloud drive or a company-owned personal cloud drive).

Definitions

Backup – The procedure for making extra copies of information stored on disparate servers and computers in case the original is lost or damaged.

Restore – The process of returning to a former condition using a backup.

Cross Region Replication – Process by which an object created or updated in, for example, eu-east-1 is immediately replicated to another region for backup.

Responsibilities

  • The Technology Lead is responsible for ensuring this Information Backup Policy remains current and is aligned with GrowMore Recruitment business activities and security objectives.
  • All GrowMore Recruitment employees, contractors, and third-party vendors are responsible for the compliance of all information backups detailed within the scope of this policy.