Backup Data

Description

This asset represents the backup data generated to ensure recovery of critical systems and information within the Scheol Lab.

It includes copies of:

• infrastructure configurations
• repositories
• documentation
• system states

Backups are essential to ensure resilience against data loss, system failure, or security incidents.

---

Asset Identification

Attribute	Value
Asset ID	DAT-BCK-01
CI Type	Information
Asset Name	Backups
Asset Category	Data Backups
Owner	Operations Role (Ops)
Status	Planned
Location	Backup Storage
Primary Function	Data recovery and resilience

---

Asset Dependencies

Dependency Type	Asset	Status
Storage	Backup Storage	Planned
Source Systems	Infrastructure & Platforms	Active

---

Relationships

Relationship	Target CI
Stored in	Backup Storage
Protects	Infrastructure & Information Assets

---

Asset Classification

Criteria	Level
Confidentiality	🟥 High
Integrity	🟥 High
Availability	🟥 High

Criticality score: 🟥 High

Rationale:

• Backups may contain sensitive data.
• Integrity is critical to ensure reliable recovery.
• Availability is essential in case of incident.

---

Responsibilities

Role	Responsibility
Operations Role (Ops)	Backup execution and monitoring
Security Role (Sec)	Backup policy and protection

---

Security Controls (High-Level)

• Access Control - restricted access to backup data
• Encryption - protection of backup confidentiality
• Integrity Verification - validation of backup consistency
• Retention Policy - defined backup lifecycle
• Recovery Testing - regular restore tests

---

Security Considerations

Potential risks include:

• unauthorized access to backups
• corrupted or unusable backups
• absence of backups during incident

Controls may include:

• encryption
• access restrictions
• monitoring and alerting
• regular recovery testing

Methodological References:

• ISO 27001 - Control 8.13 Information backup.
• NIST CSF - PR.DS, PR.IP categories.
• EBIOS RM - Critical information assets supporting resilience.