Data Recovery Capability
CIS Control 10This is a foundational Control
The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.
Why is this CIS Control critical?
When attackers compromise machines, they often make significant changes to configurations and software. Sometimes attackers also make subtle alterations of data stored on compromised machines, potentially jeopardizing organizational effectiveness with polluted information. When the attackers are discovered, it can be extremely difficult for organizations without a trustworthy data recovery capability to remove all aspects of the attacker’s presence on the machine.
- Ensure that all system data is automatically backed up on regular basis.
- Ensure that each of the organization's key systems are backed up as a complete system, through processes such as imaging, to enable the quick recovery of an entire system.
Want to implement this foundational Control?
Information Hub : CIS Controls
Media mention • 20 Aug 2019
Blog post • 20 Aug 2019
Press-release • 19 Aug 2019
Blog post • 15 Aug 2019