CIS Logo
tagline: Confidence in the Connected World

Data Recovery Capability

CIS Control 10This is a foundational Control

The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.

CIS RAM is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls. Download CIS RAM

Why is this CIS Control critical?

When attackers compromise machines, they often make significant changes to configurations and software. Sometimes attackers also make subtle alterations of data stored on compromised machines, potentially jeopardizing organizational effectiveness with polluted information. When the attackers are discovered, it can be extremely difficult for organizations without a trustworthy data recovery capability to remove all aspects of the attacker’s presence on the machine.

Main Points:
  • Ensure that all system data is automatically backed up on regular basis.
  • Ensure that each of the organization's key systems are backed up as a complete system, through processes such as imaging, to enable the quick recovery of an entire system.
Want to implement this foundational Control?

Download the CIS Controls for more details on implementing this and the other 19 Controls.

Download all
CIS Controls (PDF)

Already downloaded the CIS Controls?

We have several resources to help you implement: