Email critical software copies must be stored off-site in a fire-rated container.

Part of EMG3-010 Software Critical Copies

Associated with IA controls: COSW-1

SV-20681r3_rule Email critical software copies must be stored off-site in a fire-rated container.

Vulnerability discussion

There is always potential that accidental loss can cause system loss and that restoration will be needed. In the event that the installation site is compromised, damaged or destroyed copies of critical software media may be needed to recover the systems and become operational. Copies of the operating system (OS) and other critical software, such as email services applications must be created and stored off-site in a fire-rated container. If a site experiences loss or compromise of the installed software libraries, available copies can reduce the risk and shorten the time period for a successful email services recovery.

Check content

Access the EDSP and review the email application software offline storage plan. Examine artifacts showing that copies exist and are stored off-site in fire-rated containers. If an email software copy exists and is stored off-site in a fire-rated container, this is not a finding.

Fix text

Create email software copies for use in recovering systems, and store them off-site and in fire-rated containers. Document the off-site storage details in the EDSP.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.