Issue/Question
What is the USD security policy on Data Recovery
Environment
Cause
Protect against cybersecurity threats, establish cybersecurity norms, enhance cybersecurity maturity
Resolution
Data Recovery
Policy Statement: The University recognizes the importance of establishing robust data recovery measures to mitigate the impact of data breaches, system failures, and other disruptive events on its information systems and operations. This policy outlines guidelines for implementing data recovery processes to ensure the timely restoration of critical data and services following an incident.
Policy Implementation:
-
Data Backup Procedures:
- The University will establish regular backup procedures to create copies of critical data and system configurations stored on its information systems.
- Backup schedules, retention periods, and backup media rotation strategies will be defined based on the criticality of data, recovery objectives, and regulatory requirements.
- Design and deliver an air-gapped and immutable backup system that delivers on the 3-2-1-1 backup methodology.
-
Off-Site Storage:
- Backup copies of data will be stored in secure off-site locations to protect against data loss due to physical disasters, such as fire, flood, or theft, affecting the primary data center.
- Off-site storage facilities will be geographically dispersed and equipped with appropriate security measures to safeguard backup media from unauthorized access or damage.
-
Backup Testing and Verification:
- Regular testing and verification of backup systems and procedures will be conducted to ensure the integrity and reliability of backup data.
- Backup restoration tests will be performed periodically to validate the effectiveness of data recovery processes and identify any deficiencies or gaps in backup capabilities.
-
Disaster Recovery Planning:
- The University will develop and maintain comprehensive disaster recovery plans to guide the response and recovery efforts in the event of a disruptive incident.
- Disaster recovery plans will include procedures for initiating data recovery processes, coordinating recovery efforts, and restoring critical systems and services to minimize downtime and operational impact.
-
Incident Response Coordination:
- Data recovery processes will be integrated with the University's incident response procedures to facilitate a coordinated response to cybersecurity incidents and other disruptive events.
- Incident response teams will be trained and equipped to initiate data recovery activities promptly, preserve evidence, and restore normal operations while minimizing the impact on University operations.
Compliance and Enforcement: All members of the University community are responsible for adhering to this policy and actively participating in data recovery measures.
Policy Review: This policy will be reviewed annually to ensure alignment with emerging threats, changes in technology, and regulatory requirements. Updates will be made as necessary to maintain the effectiveness and relevance of data recovery processes.
This policy provides a framework for implementing CIS Control 11 within the University environment, focusing on establishing robust data recovery measures to ensure the timely restoration of critical data and services in the event of a disruptive incident.
Please contact the Service Desk if you need further assistance