CTPAT Breakdown: 4.12

Item 4.12

Data should be backed up once a week or as appropriate.
All sensitive and confidential data should be stored in an
encrypted format.

Implementation Guidelines

Data backups should take place as data loss may affect individuals within
an organization differently. Daily backups are also recommended in case
production or shared servers are compromised/lose data. Individual
systems may require less frequent backups, depending on what type of
information is involved.
Media used to store backups should preferably be stored at a facility
offsite. Devices used for backing up data should not be on the same
network as the one used for production work. Backing up data to a cloud
is acceptable as an “offsite” facility.

Ummm yeah, pretty obvious common sense things.

Bookmark the permalink.

Comments are closed.