Last time, I described the first two backup/recovery best practices. Here are the next three:

#3 Make sure your backup/recovery strategy adheres to all governance and compliance rules that apply to your organization.

Rules abound about data privacy, security, retention — and vary by industry and region.

Look for a reputable advisor who has the experience needed to understand your compliance environment and who successfully completes SAS-70 Type II audits.

#4 Encrypt your backup data.

Opt for a backup solution that encrypts data both during transmission and storage — and conduct a search for any ‘back doors’ that might allow unauthorized viewing of your data.

#5 Employ a reliable, trusted remote backup service, so your data is housed in a secure remote location.

A couple of approaches are worth noting:

Backup in the cloud. Look for a provider who will support a local cache or can put copies of your servers’ backed-up data on an appliance in addition to the cloud; this will speed up restores, notably database restores.

Data replication and vaulting. Mirroring your data at high LAN/WAN speeds to one or more electronic vault environments keeps your data continually updated in a secure remote location — and enables quick recovery. You’ll want a service provider able to replicate, vault, and restore both your mission-critical data and the applications.

Next time: Backup/recovery best practices #6, #7, #8, and #9