Introduction
WebPeak recognizes the critical importance of protecting corporate data from loss, corruption or unavailability. To ensure business continuity and information protection, we have implemented a robust backup policy, which defines the guidelines and procedures for the secure backup of corporate data. This policy complies with international best practices and standards, including ISO 27001.
Objective
The aim of this policy is to ensure that all critical WebPeak data is regularly backed up, stored securely and can be restored effectively in the event of data loss, system failure or disaster. The policy aims to minimize the impact of adverse events and ensure the continuity of the company's operations.
Scope
This policy applies to all critical data generated, processed or stored by WebPeak, including but not limited to:
Backup guidelines
Backup frequency
Backups will be carried out in accordance with the following guidelines:
Types of Backup
WebPeak uses different types of backup to ensure comprehensive data protection:
Secure Backup Storage
Backups should be stored in secure locations to prevent loss or corruption. This includes:
Backup Encryption
All backup data must be encrypted, both at rest and in transit, to guarantee confidentiality and protect against unauthorized access.
Restoration tests
To ensure the integrity of backups and recoverability, WebPeak will carry out regular restore tests. These tests should take place quarterly and whenever there are significant changes to the systems or IT infrastructure.
Backup retention
Backups will be kept for specific periods according to the importance of the data and legal requirements:
Responsibilities
Monitoring and Reporting
The backup process will be continuously monitored to ensure its effectiveness. Backup reports will be generated regularly and analyzed to identify and correct possible failures or inconsistencies.
Training and Awareness
All WebPeak employees involved in the backup process will receive appropriate training to ensure that they understand the guidelines and procedures set out in this policy. Ongoing awareness will be promoted to maintain the high level of data protection.
Policy Review
This policy will be reviewed annually or when there are significant changes to the IT infrastructure or threat environment. Any revisions will be approved by senior management and communicated to all relevant employees.
Manufacturers
IPERIUS Backup
Manage Engine End Point Central
Sophos Endpoint
Approved by
Marcos Vinicius Custódio
Legal Responsible