YALE-MSS-1.5: Plan for data recovery requirements

Standards Group:
YALE-MSS-1: System Classification

Low Risk Endpoint Not Required Moderate Risk Endpoint Not Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Not Required Moderate Risk Mobile Device Not Required High Risk Mobile Device Not Required Low Risk Network Printer Not Required Moderate Risk Network Printer Not Required High Risk Network Printer Not Required

Details

Details and definitions

This standard ensures you have adequate backups of the data the IT System contains. This can include data the IT System accesses, creates, transmits, stores, or receives. To ensure you have adequate backups, you need to know how much data you can afford to lose.

Reason for the standard

Data recovery capabilities help protect the integrity and availability of the data. In the event of a security incident, such as ransomware, data recovery can help:

Restore lost data
Determine if data was tampered with or changed

Controls

YALE-MSS-1.5.1: Determine the maximum amount of data that can be lost during a disruption before incurring significant impact to operations

YALE-MSS-1.5: Plan for data recovery requirements

Standards Group:YALE-MSS-1: System Classification

Details

Controls

Standards Group:
YALE-MSS-1: System Classification