PURPOSE
This document is designed to clarify the policy used by The Pennsylvania State University Mont Alto Information Technology Services Department (hereafter in this document to be referred to as ITS) to archive digitally stored data as a service to University employees.
SCOPE
This policy defines the backing up of data from University-owned computers purchased by ITS for use by the staff and faculty at Penn State Mont Alto. Workstations available for academic computing do not fall within the range of these parameters. ITS will make recommendations to end-users who utilize those public computers on campus with regards to best practices for archiving data. The backing up of data should not be construed to include personal data, only work-related.
DEFINITIONS
End-user: Person who uses a computer system. End-users utilize user accounts with limited privilege.
Workstation: A computer used to complete work. The term workstation may refer to a desktop model of computer or a laptop model of computer. Most workstations are connected to the data network.
Stand-alone computer: A workstation that has no connection to the data network. All functionality on said workstations is restricted to each of those workstations.
Network: A system of devices connected for the purpose of digital data transmission. In many cases, use of the term network refers to the hardware that supports said transmission. However, for the purposes of this policy, use of the term network describes the interconnectedness of the computer-related equipment used on the Penn State Mont Alto campus.
Backup: A second copy of digital data that is transferred to a second system for the purpose of archiving said data.
Server: A computer used for the purpose of centrally storing data, managing devices on a computer network, administrating software installation and use on network devices, and conducting utilization of user accounts.
Administrative Computing: Computing efforts made by faculty or staff.
Academic Computing: Computing efforts made by students to satisfy class requirements.
Staff: Employee of the University hired to fill an administrative or a support position.
Faculty: Employee of the University hired to fill a teaching or research position.
Personal Data: Data and files unrelated to assigned employment responsibilities. Those files may range from documents to photos to music files, for example.
POLICY
Backup services for student end-users are provided at the University level utilizing centralized resources. Information regarding such services can be obtained by contacting the Penn State Mont Alto ITS Department. Similar and additional centralized backup resources are available to faculty and staff.
Penn State Mont Alto ITS commits to providing digital data backup services for its faculty and staff end-user base. The extent of these data backups is to be limited to work-related data generated by administrative computing. By dictate of University Policy AD-95, end-users must avoid creation of prohibited data that includes potentially sensitive information and must carefully protect institutional data that may be necessary to perform job duties. Due to the static nature and size of the data, backup of photographs and videos is entirely the responsibility of the end-user.
In order to facilitate the backup of data on faculty and staff workstations, file storage will be centralized on the campus file server. The campus file server will be backed up daily to an off-site location. Client backups will be tested monthly by randomly selecting files from relevant backup storage locations, restoring the files using the restore capabilities of the backup software, and verifying the integrity of the restored file. Client backups will be retained for two weeks provided sufficient storage space is available. Warnings and errors will be emailed to at least two IT staff members.
In order to facilitate the backup of end-user and/or departmental data stored on campus network file shares, data backups will occur daily, to an archival data set on an off-site network storage device. Files may be recovered if the end-user contacts the ITS department. Server backups will be tested monthly by randomly selecting files from relevant backup storage locations, restoring the files using the restore capabilities of the backup software, and verifying the integrity of the restored file. Server backups will be retained for two weeks provided sufficient storage space is available. Warnings and errors will be emailed to at least two IT staff members.
Campus servers utilize virtual machine technology. Virtual machines will be backed up in their entirety via dedicated virtual machine backup software from their Storage Area Network locations to an off-site Network Attached Storage device in a separate physical location. Virtual machines will be backed up on a daily or weekly basis depending on the rate of change and importance of the data on the virtual machine. Virtual machine backups will be tested monthly by restoring a virtual machine from the Network Attached Storage location, restoring the virtual machine using the restore capabilities of the backup software, and verifying the integrity of the restored virtual machine. The virtual machine backup software will also have the capability of restoring individual files from within the virtual machine. Daily virtual machine backups will be retained for two weeks and weekly backups will be retained for one month. Warnings and errors will be emailed to at least two IT staff members.
CROSS REFERENCE
Other policies that should also be referenced:
AD95 - Information Assurance and IT Security
AD96 – Acceptable Use of University Information Resources
PSU-MA-ITS-000 – End User Computer Agreement
PSU-MA-ITS-004 – Acceptable Use and Security Policy
PSU-MA-ITS-00I Administrative Backup Procedure
POLICY HISTORY
Ratified June 5, 2009
Updated January 17, 2015 – Removed reference to end-user administrative access. Added clarification that enrollment in the backup service is opt-in and must be requested by the user. Removed reference to configuration by end users. Clarified the nature and method of backups.
June 24, 2015 – Updated version ratified by Administrative Council
October 2, 2019 – Updated – Removed reference to campus firewall. Updated policy references.