Overview
Procedures are in place assure the appropriate physical and technical protection of the backup and restoration hardware, firmware, and software, such as router tables, compilers, and other security-related system software.
Threat
If backup and restoration assets do not have appropriate physical and technical protections in place, there is a risk of mission essential information being accidentally or deliberately modified or destroyed. A protection strategy for all backup and restoration hardware, firmware, and software, such as router tables, compilers, and other security-related system software mitigates the modification or destruction of information.
Guidance
1. An inventory of all backup and restoration assets shall be documented in an organization or site backup plan.
2. Physical security controls, such as building/room access controls and fire rated safes shall be employed to protect backup and restoration assets.
3. Technical security controls, such as cryptographic key management and least-privilege access controls shall be implemented to protect backup and restoration assets.
DoD classifies this control in the subject area of “Continuity” with a impact of “High”.