No one doubts that security measures are a critical part of any information system. therefore should be well planned to meet the needs of small businesses and reduce the impact of potential security incidents, are the backup and restoration. The RLOPD define the backup as a copy of the data in a computer file on a support that enable its recovery. In addition to documenting procedures required to perform both backup and recovery of data files and automatic processing to ensure its reconstruction. A backup procedure should be in writing, be accessible and made known to all those who may be affected stock, if necessary, a copy outside the premises where the systems. Such procedures could include information about: Responsible for the backup: Person in charge of making backups (if done manually) and according to the planning review established. This task could be outsourced to a third party (eg computer services company). Be appointed a delegate that will handle the backup in the absence of the person (holidays, leave, etc). Both the charge as the delegate should be clearly identified and traceable in case of incident emergency outside office hours (eg mobile phone).

Training: Training Plan for the manager to delegate so that they are familiar with the procedures. Classification of information. For example, in terms of their importance (critical, important or low), depending on the sensitivity of personal data processed (high, medium, low), etc. This allows us to consider whether the copies must be compressed, password protected or even encrypted.