Rule: Backup Recovery Points Manual Deletion Disabled
This rule ensures that manual deletion of backup recovery points is disabled to prevent data loss.
| Rule | Backup recovery points manual deletion should be disabled |
| Framework | CISA-cyber-essentials |
| Severity | ✔ Medium |
Rule Description
The rule is designed to disable the ability to manually delete backup recovery points for CISA Cyber Essentials compliance. This ensures that critical data backups are preserved and cannot be easily tampered with or deleted by unauthorized individuals. Disabling this feature helps to prevent data loss and aids in maintaining the integrity of the backup and recovery process.
Troubleshooting Steps (if applicable)
If the manual deletion of backup recovery points is not disabled or if there are issues related to this rule, the following troubleshooting steps can be followed:
- 1.
Verify Policy Configuration: Double-check the policy settings to ensure that the rule to disable manual deletion of backup recovery points is correctly configured.
- 2.
Review User Permissions: Ensure that the users or roles attempting to delete backup recovery points do not have permissions to modify or delete backups.
- 3.
Check Audit Logs: Review the audit logs for any relevant events related to manual deletion of backup recovery points. Analyze the logs to identify any potential issues or unauthorized access.
Necessary Codes (if applicable)
There may be certain configurations or codes required to implement the rule. However, since the question does not specify any specific codes, we cannot provide them at this moment. Please provide further details if specific codes are needed.
Step-by-step Remediation Guide
To disable manual deletion of backup recovery points for CISA Cyber Essentials compliance, follow these step-by-step instructions. Please note that the exact steps may vary depending on the backup and recovery solution being used:
- 1.
Access Backup and Recovery Solution: Log in to the backup and recovery solution management console or interface using appropriate administrative credentials.
- 2.
Locate Backup Policy or Configuration: Navigate to the area within the backup solution where the backup policy or configuration settings are managed.
- 3.
Disable Manual Deletion Option: Look for an option or setting related to manual deletion of backup recovery points. Disable or uncheck this option to prevent users from deleting recovery points manually.
- 4.
Apply Changes: Save the updated configuration or policy changes to ensure that the manual deletion of backup recovery points is disabled.
- 5.
Test Configuration: Verify the changes by attempting to delete a backup recovery point manually. It should now be restricted or disabled based on the applied configuration.
- 6.
Monitor Compliance: Regularly review logs and reports to ensure compliance with the policy and monitor any potential violations or unauthorized access attempts.
It is recommended to consult the documentation or manuals provided by the specific backup and recovery solution being used for detailed instructions that are applicable to the solution in question.