The DBMS must be capable of backing up user-level information per a defined frequency.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32432 | SRG-APP-000145-DB-000095 | SV-42769r1_rule | Medium |
| Description |
|---|
| Information system backup is a critical step in maintaining data assurance and availability. User-level information is data generated by information system and/or application users. In order to assure availability of this data in the event of a system failure, DoD organizations are required to ensure user generated data is backed up at a defined frequency. This includes data stored on file systems, within databases or within any other storage media. Applications performing backups must be capable of backing up user-level information per the DoD defined frequency. Databases that do not backup information regularly risk the loss of that information in the event of a system failure. Most databases contain functionality to allow regular backups, it is important that this functionality is enabled and configured correctly to prevent data loss. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2012-07-02 |
Details
| Check Text ( C-40874r1_chk ) |
|---|
| Review DBMS documentation to determine whether DBMS is capable of backing up user level data and is capable of backing data up according to a defined frequency. If the DBMS product is not capable of backing up user level data according to a defined frequency, this is a finding. |
| Fix Text (F-36346r1_fix) |
|---|
| Utilize a DBMS product that is capable of backing up user-level data according to a defined frequency, or utilize a custom solution or third party product to meet the requirement. |