UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

E-mail critical software copies must be stored offsite in a fire rated container.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18884 EMG3-010 EMail SV-20681r1_rule COSW-1 Medium
Description
There is always potential that accidental loss can cause system loss and that restoration will be needed. In the event that the installation site is compromised, damaged or destroyed, copies of critical software media may be needed to recover the systems and become operational. Copies of the operating system (OS) and other critical software such as E-mail services applications must be created and stored off site in a fire rated container. If a site experiences loss or compromise of the installed software libraries, available copies can reduce the risk and shorten the time period for a successful E-mail services recovery.
STIG Date
Email Services Policy 2012-01-31

Details

Check Text ( C-22538r1_chk )
Interview the E-Mail Administrator or IAO. Reference a copy of the System Security Plan.

Procedure: Review the application software baseline procedures and implementation evidence.
Review the list of files and directories included in the baseline procedure for completeness.

Criteria: If E-mail software copy exists to serve as a baseline and is available for comparison during scanning efforts, this is not a finding.
Fix Text (F-19497r1_fix)
Procedure: Create E-mail Software Copies for use in recovering systems, should they be needed. Ensure that the copies are stored off site and that details are documented in the system security plan.