US-CERT states that all computer users, from home users to professional information security officers, should back up the critical data they have on their desktops, laptops, servers, and even mobile devices to protect it from loss or corruption. Saving just one backup file may not be enough to safeguard your information. To increase your chances of recovering lost or corrupted data, follow the 3-2-1 rule:
3 – Keep 3 copies of any important file: 1 primary and 2 backups.
2 – Keep the files on 2 different media types to protect against different types of hazards.
1 – Store 1 copy offsite (e.g., outside your home or business facility).
(Source)
This link from DataONE provides a list of data backup best practices. This link provides best practices for creating and documenting a backup policy. This blog post discusses disaster recovery testing of data backups. This provides a response to an FAQ regarding protection of CUI at rest through physical and logical protections other than encryption. Gartner product listing and reviews of data backup and recovery solutions Vendor resource that provides recommendations on how to protect your backup. If you want to back up the data on your PC, here are five ways you can do so. Each method has its pros and cons. This NIST Special Publication defines a seven-step contingency planning process that an organization may apply. NIST resource that defines requirements for system backup activities. NIST resource that define requirements for proper protection of information at rest (e.g, encryption, off-line storage, physical protection) This SANS whitepaper discusses issues that need to be addressed when considering an online backup platform and if it is worth the risk to the user. This article describes the importance of backup identification and proper testing of those backups to ensure successful recovery in the event of an incident This blog post discusses need to test backups and how to effectively do so. This disaster recovery checklist will help you implement your plan in an easy-to-follow format. This article discusses why testing backups is critical. This article examines the ten most important steps for testing data backups. This article defines Disaster Recovery as a Service (DRaaS) which may provide a viable option to organizations that are resource constrained to perform complete, comprehensive and resilient data backups. This example standard describes and defines data backups in the context of disaster recovery planning. This example policy documents data backup and recovery procedures, protocols, and standards. It covers the data backup schedule, backup protocols, backup retention, and data recovery. This paper summarizes the pros, cons, and security considerations of backup options for critical personal and business data.
This document provides assessment guidance for Level 1 of the Cybersecurity Maturity This document provides assessment guidance for conducting Cybersecurity Maturity Model This Handbook provides a step-by-step guide to assessing a small manufacturer’s information systems against the security requirements in NIST SP 800-171 rev 1. The purpose of this publication is to provide procedures for assessing the CUI requirements in NIST Special Publication 800-171. This NIST Special Publication helps organizations in designing, developing, conducting, and evaluating test, training, and exercise events.
Model Certification (CMMC).
Certification (CMMC) assessments for Level 3 and Level 2.