Data Backup

From attackics
Revision as of 14:18, 10 April 2021 by Oalexander (talk | contribs) (Oalexander moved page Data Backup to Data Backup)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Data Backup
Mitigation
ID M0953
NIST SP 800-53 Rev. 4 CP-9
IEC 62443-3-3:2013 SR 7.3
IEC 62443-4-2:2019 CR 7.3

Description

Take and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise.

Maintain and exercise incident response plans 1, including the management of 'gold-copy' back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.


Techniques Addressed by Mitigation

NameUse
Data DestructionUtilize central storage servers for critical operations where possible (e.g., historians) and keep remote backups. For outstations, use local redundant storage for event recorders. Have backup control system platforms, preferably as hot-standbys to respond immediately to data destruction events.2
Denial of ControlTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Denial of ViewTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Loss of AvailabilityTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Loss of ControlTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Loss of Productivity and RevenueTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Loss of ViewTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Manipulation of ControlTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.
Manipulation of ViewTake and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise. Maintain and exercise incident response plans 1, including the management of "gold-copy" back-up images and configurations for key systems to enable quick recovery and response from adversarial activities that impact control, view, or availability.