PR.DS-11.234

Does your organization implement a tiered backup strategy with near-real-time backups for critical data and scheduled backups for other data?

Explanation

A tiered backup strategy ensures different types of data are backed up according to their importance and recovery requirements. Critical data should be backed up continuously or in near-real-time to minimize potential data loss in case of an incident, while less critical data can follow regular backup schedules (daily, weekly, etc.) based on business needs and recovery objectives. Evidence could include a documented backup policy that defines critical vs. non-critical data, backup schedules for different data types, and reports from backup systems showing successful execution of the defined backup schedules. Screenshots of backup system configurations showing real-time replication for critical systems and scheduled jobs for other systems would also serve as appropriate evidence.

Implementation Example

Continuously back up critical data in near-real-time, and back up other data frequently at agreed-upon schedules

ID: PR.DS-11.234

Context

Function: PR: PROTECT
Category: PR.DS: Data Security
Sub-Category: Backups of data are created, protected, maintained, and tested

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub