Data Backup and Restore
Does the backup and restore process should be encrypted?
I Mean the tapes itself.
Assign topic to the user
According to ISO 27001, the need for encryption of backup tapes will depend on the results of risk assessment and identified legal requirements.
If you do not have risks, or legal requirements, that justify the implementation of encryption, you do not need to implement it.
These articles will provide you a further explanation about controls selection:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- Backup policy – How to determine backup frequency https://advisera.com/27001academy/blog/2013/05/07/backup-policy-how-to-determine-backup-frequency/
Comment as guest or Sign in
Oct 06, 2021