salkeiz
asked on
Company Data Storage Policy & Process
We are a K-12 school district and have a small data center where we store all user data. Currently we have 40,000 student and 5,000 staff saving data centrally and we are looking control this a bit more than we currently are.
Does anyone have an example of a data storage (or something similar) policy detailing how what should be stored here, who should access it, how long we will store it, what happens after a particular timeframe and so on?
We are just getting started on our data storage policy and any examples would be most appreciated.
Thank you,
Does anyone have an example of a data storage (or something similar) policy detailing how what should be stored here, who should access it, how long we will store it, what happens after a particular timeframe and so on?
We are just getting started on our data storage policy and any examples would be most appreciated.
Thank you,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I know it is "out" of the context but the content in the guidelines are applicable and generally acceptable since it is general protection of data for any hosting environment even for DC. You can catch below
"4.10 Summary of Recommendations" - summarizes those issues and related recommendations for organizations to follow when planning, reviewing, negotiating, or initiating a public cloud service outsourcing arrangement.
Include Governance, Compliance, Trust, Architecture, Identity and Access Management, Software Isolation, Data Protection, Availability, Incident Response. And specifically I summarise it as stated in their guidelines to look at
¿ Ownership rights over data
¿ Locus of organizational data within the cloud environment
¿ Security and privacy performance visibility
¿ Service availability and contingency options
¿ Data backup and recovery
¿ Incident response coordination and information sharing
¿ Disaster recovery.
it is good to engage other peer school to see if the Ministry or parent agencies can shed more assistance as coming up with policy is not an overnight and silo efforts. It need to align to the overall organisation and parent mission and goals.