Renew Here
Request Demo

Products
Free Tool
Solutions
Resources
- Resources
- Events
More from Idera
Buy Now
Free Trial

Monitor & Protect

Idera SQL

SQL Server monitoring, backups, and performance tools.

Webyog

MySQL database management with real-time monitoring tools.

Data Modeling & Management

Aqua Data Studio

Multifunction Enterprise IDE- Code, Model, BI, AI Assist.

ER/Studio

Enterprise data modeling, metadata and governance tools.

WhereScape

Data automation tools to build and manage warehouses.

Migration & Intelligence

BitTitan

Simplify Microsoft & Google migrations with MigrationWiz.

Perspectium

ServiceNow data replication, integration, archiving and backups.

Yellowfin

Embedded analytics and dashboards to drive insight.

Free Trial

Explore all the products and find the right solution for your business

Start Now

Resources

Resource Center
Blog
News
Partners

Support

Support Plans
Product Support
Product Documentation
Trial Support
Legal
Download Latest Version

Events

All Events >>
Newsletter Signup

Contact Sales

Get the right solution to keep your database running at peak performance.

Customers

All of the support you need at your convenience.

Free Trial

Explore all the products and find the right solution for your business

Start Now

Enterprises

Database Monitoring
Diagnostics Solutions
Security Solutions
Data Governance
Compliance
IT Performance

Database

SQL Server
Oracle
Sybase
DB2
MySQL
Multi Platforms

Cloud Services

Cloud
Amazon RDS & S3
Azure SQL Database &Blog Storage
Google Database Service
Oracle MySQL Cloud Service
Snowflake

Applications

Application Performance
.NET (including SharePoint)
PeopleSoft

Free Trial

Explore all the products and find the right solution for your business

Start Now

SQL Diagnostic Manager

Proactively manage server performance on-prem or in the cloud with timely alerts and analytics

SQL Compliance Manager

Fast configuration of regulatory and audit compliance settings with proactive monitoring, alerts, and reporting

SQL Secure

Automated database security, monitoring and management for MS SQL, Azure and Amazon RDS for SQL Server

SQL Safe Backup

Backup and instant recovery for SQL Server, Azure Blob Storage and Amazon S3

SQL Inventory Manager

Discover, track and manage database inventory across the entire environment

SQL Admin Toolset

24 Essential tools to simplify daily server administration

DB PowerStudio

Rapid SQL
DBArtisan

Free Tools

SQL PowerShell Plus
SQL Check
SQL Permissions Extractor

See all Design, Monitor and Protect solutions

See all free tools

Backup Compliance

THE INTERSECTION OF COMPLIANCE AND DIGITAL DATA

Organizations of all sizes and shapes must comply with government and industry regulations. Some regulations are limited to public companies, while others are relevant only to certain verticals. Many regulations cut across type, size, and industry in their impact. In addition to legally mandated requirements, many organizations voluntarily adopt quality and process standards (such as Six Sigma or ITIL) or establish performance guidelines that impact employees and customer agreements. Adhering to these standards brings with it additional (and not always overlapping) sets of rules. In compliance with these standards, regulations, and rules - or just to maintain best practices - most organizations are implementing some degree of business continuity or disaster recovery plan.

Database Compliance

While most information can (at least in theory) be recorded on paper, virtually all organizations now keep personnel, customer, financial, transactional, and other records in digital format. Indeed, in this day and age, most organizations operate at the intersection of compliance and digital data. After all, compliance and digital data have become inextricably intermingled. Compliance is only manageable when information is digitized, and the proliferation of digital data makes compliance more essential. Organizations need to be following a set of rules about how to manage the growing stores of digital information they are accruing.

The bottom line: Whether legal requirements are in place, whether the rules and regulations are self-imposed, or whether there is a combination of factors in play, prudent business practice calls for backing up and securely housing digital data.

Sarbanes-Oxley Act (SOX)
Gramm-Leach-Bliley Act (GLBA)
Financial Services Modernization Act Payment Card Industry Data Security Standard (PCI DSS)
Health Insurance Portability and Accountability Act (HIPAA)
Health Information Technology for Economic and Clinical Health Act (HITECH Act)
U.S. Securities and Exchange Commission (SEC)
Basel II
Red Flags Rule
Statement on Standards for Attestation Engagements (SSAE) 16

Enterprise Data Compliance

Compliance-related requirements need to drive the backup strategy, which needs to support whatever compliance-related requirements an organization has in place.

IT Disaster Recovery Plan

What does having and enforcing a backup strategy accomplish for an organization? For one, it demonstrates to regulators and auditors the capability of protecting and restoring critical data. It can also get databases quickly back in business after a disaster occurs - whether from a terrorist attack or hacker intrusion, hurricanes or a burst pipe, or just plain human error. Further, it can help protect and defend organizations when litigation arises from employees, customers, competitors, or regulators.

Database Backup Best Practices

It is not just a matter of backing up. It is also important how databases are backed up. There is a set of technical requirements that must be satisfied to use a backup solution for compliance purposes:

Encryption in transit
Encryption at rest
Access controls
Audit trails
Where backed-up data is kept (for example, off-premises, in-country)
The ability to determine what types of data get backed up
The ability to set the frequency of backup
The ability to satisfy the restoration time requirement

Data Security and Compliance

Any company that maintains personally identifiable information on employees (for example, Social Security numbers and proof of citizenship) has obligations attached to the maintenance of this data. The same holds true for organizations holding confidential customer information (for example, credit card numbers and banking information). These obligations revolve around keeping information private and confidential, keeping information secure from unauthorized access, and just plain keeping information for whatever the requisite retention period is.

There is no need to delve into much (if any) detail on why these requirements make the list. They are all more or less self-explanatory. Two not-so-self-evident issues are worth pointing out here:

Tape-based backup, which requires manual intervention, is an inherently insecure process and will fail to meet the compliance threshold for regulations regarding data privacy. Tape-based backup may further fail the test when it comes to satisfying time-to-restoration requirements.
All automated software backup solutions are not created equal. When choosing a solution, do so with full awareness of what the compliance needs are of an organization.

SQL SAFE BACKUP

IDERA Safe Backup is well-suited to meet the compliance needs of so many organizations.

Regulatory Compliance

SOX financial reporting data
Basel II financial reporting data
GLBA nonpublic personal information
PCI personal account number

SQL Safe Backup does not look at any data within the database. Instead, it asks SQL Server to perform backup and restore operations. Consequently, SQL Server is the only application that interacts with the data.

Sensitive Data Encryption

SOX financial reporting data
Basel II financial reporting data
GLBA nonpublic personal information
PCI personal account number

With SQL Safe Backup, encrypt using AES 256 encryption the data as it is written to disk.

Audit Trails

HIPAA for information systems containing protected health information
SOX
PCI

With SQL Safe Backup, each time a task (backup, restore, or merge) is performed, Iog information on (for example) what database and database files were involved, and where data was backed up or restored to.

Backup Compliance Requirements

SOX financial reporting data
HIPAA electronic protected health information

With SQL Safe Backup, select any combination of files and folders to be excluded from the continuous data protection policy and add advanced rules using patterns to exclude only certain file types.

Backup Frequency and Retention

SOX sets minimum number of periods for retaining data and audit trails
HIPAA sets varying length requirements for the health records of adults and children

With SQL Safe Backup, schedule server backups as frequently as every 15 minutes and set how many recovery points to retain. Also, configure how much history to retain in the repository database. Moreover, configure the frequency at which backups created through policies are kept on disk (that is, automatically purge backup files).

Restoration Time Requirements

• Regulations vary broadly by industry and individual, organizational needs.

With SQL Safe Backup perform restores as fast as possible, and faster than virtually any competitive offering.

There is a final way in which IDERA Safe Backup is compliance-ready. The best-intentioned compliance and backup strategy will live only on paper if it is difficult to implement and time-consuming to deploy on a regular basis. Unlike solutions that may take hours to install and configure, IDERA Safe Backup is built for download and go, with no professional services required. Once IDERA Safe Backup is up and running, tasks are automated, saving administrative time, eliminating the possibility of forgetting about it, and decreasing the likelihood of human error.

Given the simultaneous explosion of digital information and compliance requirements, having a sound, workable backup and restore policy is essential. So is the ability to carry through on that policy. IDERA Safe Backup stands at the intersection of compliance and backup with a solution that lets organizations of all shapes and sizes put compliance into practice, cost efficiently and time effectively.