The ICS must be configured to support organizational requirements to conduct weekly backups of information system documentation, including security-related documentation.
An XCCDF Rule
Description
<VulnDiscussion>Information system backup is a critical step in maintaining data assurance and availability. Information system and security-related documentation contains information pertaining to system configuration and security settings. If this information were not backed up, and a system failure were to occur, the security settings would be difficult to reconfigure quickly and accurately. Maintaining a backup of information system and security-related documentation provides for a quicker recovery time when system outages occur. This control requires the network device to support the organizational central backup process for user account information associated with the network device. This function may be provided by the network device itself; however, the preferred best practice is a centralized backup rather than each network device performing discrete backups.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-258612r930524_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
In the ICS Web UI, navigate to Maintenance >> Archiving >> Archive Servers.
1. Click "SCP" if using an SFTP/SCP server; other mechanisms may not be allowed due to local security policy. NOTE: Check with the ISSM before configuring anything other than SCP.
2. Under "Archive Server" type the hostname or IPv4/IPv6 address.
3. In "Destination Directory" type the path of the backup (e.g., "/backupfolder/ics/").
4. In the "Username" field, type the username with SCP/SFTP permissions on the backup server.
5. In the "Password" field, type the password.