DoD STIGs – V-32432

Overview:

Title: The DBMS must be capable of backing up user-level information per a defined frequency.

Vulnerability ID: V-32432

STIG ID:

IA Controls: None

Severity: medium

Description: Information system backup is a critical step in maintaining data assurance and availability.

User-level information is data generated by information system and/or application users. In order to assure availability of this data in the event of a system failure, DoD organizations are required to ensure user generated data is backed up at a defined frequency. This includes data stored on file systems, within databases or within any other storage media.

Applications performing backups must be capable of backing up user-level information per the DoD defined frequency.

Databases that do not backup information regularly risk the loss of that information in the event of a system failure. Most databases contain functionality to allow regular backups, it is important that this functionality is enabled and configured correctly to prevent data loss.

Check Text: Review DBMS documentation to determine whether DBMS is capable of backing up user level data and is capable of backing data up according to a defined frequency. If the DBMS product is not capable of backing up user level data according to a defined frequency, this is a finding.

Fix Text: Utilize a DBMS product that is capable of backing up user-level data according to a defined frequency, or utilize a custom solution or third party product to meet the requirement.

[divider]

Interpreting V-32432:

Coming Soon!

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.