Backup Policy

Policy date:  
9/8/2024

Introduction  

WebPeak recognizes the critical importance of protecting corporate data from loss, corruption or unavailability. To ensure business continuity and information protection, we have implemented a robust backup policy, which defines the guidelines and procedures for the secure backup of corporate data. This policy complies with international best practices and standards, including ISO 27001.

Objective  

The aim of this policy is to ensure that all critical WebPeak data is regularly backed up, stored securely and can be restored effectively in the event of data loss, system failure or disaster. The policy aims to minimize the impact of adverse events and ensure the continuity of the company's operations.

Scope  

This policy applies to all critical data generated, processed or stored by WebPeak, including but not limited to:

  • Corporate data on servers and storage systems.
  • Data on network devices and workstations.
  • System and application configurations.
  • Customer, partner and supplier data.
  • Data stored in cloud services managed by WebPeak.

 

Backup guidelines  

Backup frequency  

Backups will be carried out in accordance with the following guidelines:

  • Daily backup: Critical data, including databases and production systems, should be backed up daily.
  • Weekly backup: A complete backup of all systems should be carried out on a weekly basis.
  • Monthly backup: A long-term backup should be performed at the end of each month and kept for a period of time determined by the retention strategy.

Types of Backup  

WebPeak uses different types of backup to ensure comprehensive data protection:

  • Full backup: A complete copy of all data, performed weekly and monthly.
  • Incremental backup: Only data that has changed since the last backup is copied. This type of backup is performed daily.
  • Differential backup: Copy of data changed since the last full backup, performed as necessary.

Secure Backup Storage  

Backups should be stored in secure locations to prevent loss or corruption. This includes:

  • Local storage: Daily and incremental backups will be stored on secure local servers with access control.
  • Off-site storage: Weekly and monthly backups should be stored in a secure off-site location or in a cloud storage service with advanced encryption.
  • Real-time replication: For high-availability critical data, real-time replication to a secondary site will be used.

Backup Encryption  

All backup data must be encrypted, both at rest and in transit, to guarantee confidentiality and protect against unauthorized access.

Restoration tests  

To ensure the integrity of backups and recoverability, WebPeak will carry out regular restore tests. These tests should take place quarterly and whenever there are significant changes to the systems or IT infrastructure.

Backup retention  

Backups will be kept for specific periods according to the importance of the data and legal requirements:

  • Daily backups: 7-day retention.
  • Weekly backups: 4-week retention.
  • Monthly backups: Retention of 12 months or as required by specific regulations.

Responsibilities  

  • IT team: Responsible for executing and monitoring backups, ensuring compliance with this policy.
  • Data owners: Responsible for ensuring that the data in their custody is included in the backup procedures.
  • Information Security Management: Responsible for auditing the effectiveness of the backup process and carrying out regular restoration tests.

Monitoring and Reporting  

The backup process will be continuously monitored to ensure its effectiveness. Backup reports will be generated regularly and analyzed to identify and correct possible failures or inconsistencies.

Training and Awareness  

All WebPeak employees involved in the backup process will receive appropriate training to ensure that they understand the guidelines and procedures set out in this policy. Ongoing awareness will be promoted to maintain the high level of data protection.

Policy Review  

This policy will be reviewed annually or when there are significant changes to the IT infrastructure or threat environment. Any revisions will be approved by senior management and communicated to all relevant employees.

Manufacturers

IPERIUS Backup
Manage Engine End Point Central
Sophos Endpoint

Approved by  

Marcos Vinicius Custódio
Legal Responsible

webpeak - zoho partner
contato@webpeak.com.br
+55 11 3645-3623
São Paulo, SP
Florianópolis, SC
Talk to sales
Institutional
HomeAbout UsCasesAppsConsulting
Industries
Services
Retail
Finance
Services
NOC
Architecture
Web and Mobile
Digital Experience
AI, BI and RPA
Cloud Computing
Zoho
Partners
Zoho Corporation
Webflow
VTEX
Net2Phone
Manage Engine
MTCaptcha
Google
Cool
Service level agreement
Anti-corruption policy
PLD-FT policy
Privacy Policy
Terms and conditions of use
Security
Information Security Policy
Information Classification Policy
Encryption Key Management Policy
Backup Policy
Access Management Policy
Developed by the Webpeak Team, powered by Webflow
Sitemap
webpeak - zoho partnerwebpeak - zoho partnerwebpeak - zoho partnerwebpeak - zoho partner