YALE-MSS-7.1: Back up user-level and system-level data

Standards Group:
YALE-MSS-7: Data Protection

Low Risk Endpoint Not Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Not Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Not Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Not Required Moderate Risk Network Printer Not Required High Risk Network Printer Not Required

Details

Details and definitions

Back up data to another system or device. Backup systems must meet the MSS for the risk level of the source system.

Reason for the standard

Data recovery capabilities help protect the integrity and availability of the data. In the event of a security incident, such as ransomware, data recovery can help:

Restore lost data
Determine if data was tampered with or changed

Controls

YALE-MSS-7.1.1: Run a scheduled automated network backup based on data and system recovery requirements
YALE-MSS-7.1.2: Document and test the restore process annually
YALE-MSS-7.1.3: Ensure backups are encrypted in transit and at rest

YALE-MSS-7.1: Back up user-level and system-level data

Standards Group:YALE-MSS-7: Data Protection

Details

Controls

Standards Group:
YALE-MSS-7: Data Protection