Backup
MedStack Confidential
Metadata
- responsible officer: CTO
- approved by: CTO
- date
- effective: 2018-06-20
- revised: 2020-11-23
- reviewed: 2022-08-31
Create and maintain integrous backups
- Why
- Protect data against accidental or malicious deletion and media and access failure.
- Provide a basis for restoration in case of system failure.
- Make complete, exact copies
- Dump entire database servers using official tools.
- Encrypt and sign backup archives.
- Restrict the ability to modify backup files (for example, use write-only access for servers creating backups).
- Maintain confidentiality in backups
- Restrict access to backup files to superadmins and customer administrators.
- Ensure that temporary files are on encrypted drives.
- Maximize availability, durability and retrievabilty
- Protect backups against media failure, power spikes or outages, fire, flood, or other natural disaster, viruses, hackers, and improper acts by employees and others.
- Store backups in a separate physical environment to mitigate loss of an environment.
- Make redundant copies of backups to mitigate the loss of physical media.
Automatically create point-in-time backups
- For virtual machines
- hourly (expires after one day)
- daily (expires after one week)
- weekly (expires after 4 weeks)
- monthly (never expires)
- After a backup expires, permanently delete it.
- For managed databases
- based on the schedule and retention time provided by the cloud service provider
Automatically validate backup management
- Monitor the backup lifecycle automatically.
- Test backup restoration.
- Log all backup activity.
Restrict access to backups
- Our employees
- superadmins
- Customers
- The customer is responsible for restricting the access of their personnel and systems to the backups and keys.
Enforcement
- Responsible party: All information technology managers and supervisors
- sanctions: standard
References
| Code | Section | Title |
|---|---|---|
| ISO | A.12.3 | Backup |
| ISO | A.12.3.1 | Information backup |
| CHI | SR29 | Securely Backing Up Data |
| HIPAA | 164.308(a)(7)(ii)(A) | Data backup plan (Required) |
| HIPAA | 164.308(a)(7)(ii)(B) | Disaster recovery plan (Required) |
| HIPAA | 164.310(d)(2)(iv) | Data backup and storage (Addressable) |
| HIPAA | 164.312(c)(1) | Standard: Integrity |
| HIPAA | 164.312(c)(2) | Implementation specification: Mechanism to authenticate electronic protected health information (Addressable) |
| SOC2 | A1.2 | The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives. |
| SOC2 | A1.2 | The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives. |
| SOC2 | A1.3 | The entity tests recovery plan procedures supporting system recovery to meet its objectives. |
| SOC2 | PI1.5 | The entity implements policies and procedures to store inputs, items in processing, and outputs completely, accurately, and timely in accordance with system specifications to meet the entity’s objectives. |