SQL Server software libraries must be periodically backed up.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-40925	SQL2-00-018300	SV-53279r2_rule		Medium

Description
SQL Server backups are a critical step in maintaining data assurance and availability. System-level information includes system-state information, operating system and application software, and licenses. Backups shall be consistent with organization-defined recovery time and recovery point objectives. SQL Server depends upon the availability and integrity of its software libraries. Without backups, compromise or loss of the software libraries can prevent a successful recovery of SQL Server operations. A mixture of full and incremental server-level backups by a third-party tool that backs up those software library directories would satisfy this requirement.

Description

SQL Server backups are a critical step in maintaining data assurance and availability. System-level information includes system-state information, operating system and application software, and licenses. Backups shall be consistent with organization-defined recovery time and recovery point objectives. SQL Server depends upon the availability and integrity of its software libraries. Without backups, compromise or loss of the software libraries can prevent a successful recovery of SQL Server operations. A mixture of full and incremental server-level backups by a third-party tool that backs up those software library directories would satisfy this requirement.

STIG	Date
Microsoft SQL Server 2012 Database Instance Security Technical Implementation Guide	2017-12-01

Details

Check Text ( C-47580r1_chk )
Review evidence of inclusion of SQL Server software libraries in current backup records. If the backup tool does not include SQL Server, this is a finding.

Fix Text (F-46207r1_fix)
Ensure inclusion of all SQL Server software libraries into the backup process.