Overview:
Title: The DBMS must be capable of backing up user-level information per a defined frequency.
Vulnerability ID: V-32432
STIG ID:
IA Controls: None
Severity: medium
Description: Information system backup is a critical step in maintaining data assurance and availability.
User-level information is data generated by information system and/or application users. In order to assure availability of this data in the event of a system failure, DoD organizations are required to ensure user generated data is backed up at a defined frequency. This includes data stored on file systems, within databases or within any other storage media.
Applications performing backups must be capable of backing up user-level information per the DoD defined frequency.
Databases that do not backup information regularly risk the loss of that information in the event of a system failure. Most databases contain functionality to allow regular backups, it is important that this functionality is enabled and configured correctly to prevent data loss.
Check Text: Review DBMS documentation to determine whether DBMS is capable of backing up user level data and is capable of backing data up according to a defined frequency. If the DBMS product is not capable of backing up user level data according to a defined frequency, this is a finding.
Fix Text: Utilize a DBMS product that is capable of backing up user-level data according to a defined frequency, or utilize a custom solution or third party product to meet the requirement.
Interpreting V-32432:
Coming Soon!
Return to the DoD STIGs – Database Security Requirements Guide