Backing up Important Files and Directories

For each important or critical file or directory, you must have backup copies that allow you to trace all the changes introduced for those files and directories. You must be able to identify the following changes:

• File type

• File path

• Alternate paths, such as links, aliases, and shortcuts

• Contents of files and directories

• Precise file size

• Data and time when the file was created and last modified

• File owner and access rights

These changes can be traced using integrity-control tools that were covered in the previous chapter. The description of the backup tools themselves (such as ARCserver, Ghost, etc.) goes beyond the range of topics discussed in this book.

Critically important elements of the information system that must be backed up and controlled include the following:

• Operating system files

• Access control lists (ACLs) for the routers, firewalls and other protection tools

• Application files

• Security tools and data used for integrity control, and detecting traces of attacks

• Organizational data and records which can disrupt business activity or inflict severe damage on the company if lost or compromised (for example, financial reports, information on employees, marketing plans, and so on)

• User data

• Public information (for example, Web pages)

Protection and Integrity Control of the Inventory, Network Map, and Authoritative Links

These requirements are quite similar to the requirements that must be met for the protection of log files. Therefore, we will not repeat them here.