Title

Backup / Disaster Recovery oriented applications must be capable of backing up user-level information per a defined frequency. (Cat II impact)

Discussion

Information system backup is a critical step in maintaining data assurance and availability. User-level information is data generated by information system and/or application users. In order to assure availability of this data in the event of a system failure, DoD organizations are required to ensure user generated data is backed up at a defined frequency. This includes data stored on file systems, within databases or within any other storage media. Applications performing backups must be capable of backing up user-level information per the DoD defined frequency. Rationale for non-applicability: Mobile OSs implement application sandboxing, which precludes the ability of a backup application to backup data from other applications. Some data in designated OS resources (e.g., the contact database) may be accessible to all applications, in which case there is no issue as to whether an application can back up the data on an organization-defined frequency.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-46684r1_rule

Vulnerability ID: V-35397

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.