White Papers

1. Data Security

1.1 Introduction

Data security refers to the protective measures employed to secure data against unapproved access and to preserve confidentiality, integrity, and availability.

For the majority of our customers, axis diplomat lies at the heart of their business and any “down-time” during working hours or loss of data is a business critical issue.

This document discusses mitigations against data loss or downtime from causes outside of the control of axis first.

The causes for these incidents include

Inadequate backup frequency.
Insufficient backup copies (e.g. inadequate retension policy).
Failing to check backup logs (and finding out too late that errors have been occurring).
Using backup software which is either not up to the job, badly installed or incorrectly configured.
Infection by malicious software (malware) or attack by hacker / 'bad actor'.
Bugs in third party products.

1.2 axis diplomat Data Protection & Backup

1.2.1 Multiple & Automatic Checkpoints

The Data Protection facilities within axis diplomat (also referred to as “checkpointing”) should be your first line of defence in data protection. Using the standard facilities for multiple and automatic checkpoints, data loss in a disaster recovery situation can be minimised to a few minutes.

axis diplomat automatically attempts to take a checkpoint whenever data has been entered. In the event of a system failure a checkpoint represents a “clean” point to which the system can be recovered. Where the system is not at a clean point (for example because another operator is in the middle of filing a batch of data), and a checkpoint cannot be taken, the system simply continues. The next time an operator completes an update, the system will try again, and so on. Manual checkpoints can also be taken by a user to mark a known point to which the user may wish to recover.

axis diplomat holds many checkpoints (typically hundreds), allowing the user to select the point to which to recover (usually, but not necessarily, the most recent).

1.2.2 axis diplomat Backup Facilities

axis diplomat has built-in backup facilities which offer the following features:

Multiple backups can be stored on your system. Specific backups (such as month end backups for example) can be flagged as being retained indefinitely, other backups are cleared automatically after a user defined retention period (typically 7 days).
Backups are compressed. Compression technology means that the disk space required for an axis diplomat backup is minimised.
Backups can also be archived to another storage destination, this allows you to utilise or other storage on your network (e.g. another Windows server or NAS), cloud storage (accessible via a UNC path), or removable media (such as external disk drives or memory sticks) .
Backups can be automated. You can schedule a backup to happen automatically at a given time. For example, you could schedule an automatic backup to happen at 23:00 Monday to Saturday.
Backups can include all the parameter and miscellaneous files associated with your axis diplomat system, not just the transactional database. This means that your system can be rebuilt precisely as it was before with just the backup file and the most recent axis diplomat release software.
The backup facilities work in conjunction with the axis diplomat SoS service (Safe off-site Storage) to automatically backup your axis diplomat system to our web servers providing further peace of mind that your day’s data is protected and providing an important element in your business’ disaster recovery plan.
Backups can be transmitted via the internet to axisfirst ad-hoc. This allows our support team to investigate any support query “off-line” without affecting the operation of your live system.
axis diplomat backups utilise Windows VSS (Volume Shaddow copy Service) to snapshot the axis diplomat data meaning that backups can be taken whilst axis diplomat is in use.
If Windows VSS is not available (i.e. it is in a failed state), a two-phase backup process reduces the time during which users are unable to access the system. During the first phase, the data is copied and, as soon as that has been done, users are allowed to continue updating the system. The backup function is then able to compress the copied data without time constraints (by being able to spend more time on the compression phase, the resultant backup file can be as small as possible). This achieves the best of both worlds where, as far as the users on the system are concerned, the backup happens very quickly but also the backup file is extremely compact.
“Waiting for Supervisor Mode” operation waits for other operators to exit the system whilst preventing new users signing on until the backup has been completed

You should schedule an axis diplomat backup overnight prior to the Windows system backup – the system backup then includes the axis diplomat backup file in addition to all of the files associated with axis diplomat – this makes it much easier to restore a system since you can reload that one backup file in the event of a failure.

axis diplomat backups can also be archived to any location accessible via a UNC path (e.g. another server, a NAS device or cloud storage service).

1.2.3 Safe Off-site Storage (SOS)

SOS is a subscription-based service whereby the axis diplomat backup function can automatically transfer the backup to axisfirst’s servers. The three most recent backups are retained on those servers. Software running on those servers monitors arrivals of backups from each subscriber and raises an alert if backups are not received, or are incomplete. Regardless of whether your axis system runs on premise or in the cloud, storing your most recent axis diplomat backups at a secondary location provides you with the best security for that data since, even if your systems are compromised or destroyed, your data also resides elsewhere.

1.2.4 Windows system backups

None of axis diplomat's data protection facilities should be considered as a replacement for operating system level backups to a remote device on-site or cloud (or both). We recomend that all systems are backed up at the system level on a daily basis (normally automated overnight). These backups are your main defence against system or data loss.

Your backup software should include the following facilities:

Disaster Recovery (DR) – without Disaster Recovery (or “bare metal” disaster recovery) in order to restore a backup, it is necessary to rebuild a complete server first, then install the backup software to read the backup – this could, in extreme cases, involve several days of work for a systems technician, before being able to restore!
Open File Backups – on Windows systems, and servers in particular, many of the Windows system files are open all of the time and, without a mechanism for backing up those open files, you cannot restore a complete system, only the parts of the system that were not open at the time (and an incomplete backup can be as bad as no backup at all!).

If you are using removeable media as a backup solution, you should also endeavour to store your backups off-site and that media is brought back in before being next required in the rotation. When not off-site, media should be stored in a secure location, such as a fireproof safe.

1.3 File Security

Most server-based operating system environments (such as Microsoft Windows Server) provide the ability to restrict access to files according to the current logged-in user.

axis diplomat utilises the security access rights assigned to Windows (Active Directory) user accounts and user groups to restrict access to the axis diplomat files (both programs and data). This can significantly limit the damage that malicious software (malware) can do to your axis diplomat system in the event of an infection by restricting or preventing access to key axis diplomat files.

If you are running your axis diplomat system on a server that supports security (e.g. Microsoft Windows Server) you should install axis diplomat using the secure option within SETUP.

1.4 Conclusion

Whilst there may, on the surface, seem a thin line between Data Security Best Practice and paranoia, you should consider your procedures carefully. Data is virtually uninsurable and a significant loss of data often results in a business failure.