Managing data availability
Data availability is about the timeliness and reliability of access to and use of data. It includes data accessibility.
Availability has to do with the accessibility and continuity of information. Information with low availability concerns may be considered supplementary rather than necessary. Information with high availability concerns is considered critical and must be accessible in order to prevent negative impact on University activities.
Examples of data with high availability concerns include:
- website files, which must remain accessible to prevent site downtime and disruption of service.
- payroll and tuition data, which must remain accessible to facilitate business continuity.
Consider the following when managing data availability:
- Whether data needs to remain accessible
- Which storage methods and locations are suitably accessible
- Whether data is easily re-acquired or re-created if lost, stolen, or destroyed
Data integrity and data availability are both factors in data's criticality, or how essential that data is to the University's operations.
Guidelines for data availability
When managing data availability, follow these guidelines:
- Back up data.
Backup copies of data are essential in the event that data is lost or corrupted. If the data can't be restored—even partially—from a backup, then you may need to start from scratch! - Inventory data.
You can't protect what you don't know you have. By inventorying data, you become aware of the different kinds and amounts of data in your care and can make informed decisions about how best to manage it. In some cases, you may find data that you didn't even know you had! - Follow record retention policies and procedures.
When data is no longer relevant or useful, it should be securely disposed of or archived according to the University's needs. Record retention policies establish data management requirements, including how long data should be retained and how it should be stored. - Securely dispose of data, devices, and paper records.
When data is no longer necessary for University-related purposes, it must be disposed of appropriately.- Sensitive data, such as Social Security numbers, must be securely erased to ensure that it cannot be recovered and misused.
- Devices that were used for University-related purposes or that were otherwise used to store sensitive information should be destroyed or securely erased to ensure that their previous contents cannot be recovered and misused.
- Paper documents containing sensitive information should be shredded rather than dumped into trash or recycling bins.
- Use official University accounts and systems rather than personal ones.
The University provides computing accounts and systems in part to facilitate the management of University information. When data is stored in personal or external accounts, it becomes inaccessible to others who may depend on it and may also be inadequately protected.
