CIS Control 10: Data Recovery Capabilities

The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.

Why is this CIS Control Critical?

When attackers compromise machines, they often make significant changes to configurations and software. Sometimes attackers also make subtle alterations of data stored on compromised machines, potentially jeopardizing organizational effectiveness with polluted information. When the attackers are discovered, it can be extremely difficult for organizations without a trustworthy data recovery capability to remove all aspects of the attacker’s presence on the machine.

• 10.1: Ensure Regular Automated Backups
• 10.2: Perform Complete System Backups
• 10.3: Test Data on Backup Media
• 10.4: Protect Backups
• 10.5: Ensure All Backups Have at Least One Offline Backup Destination