2.1.6 Disaster Recovery (DR) Plan

Information

A disaster recovery plan should be created.

MySQL Cluster, MySQL Replica Sets (asynchronous replication) or both may be used.

A slave in a different data center and offsite backups may be used. There should be information regarding the Recovery Time Objective (RTO), i.e., how long recovery will take, and if the recovery site has the same capacity. Additionally, delayed replicas can be a valuable part of a DR plan. Network (default) and at rest encryption should be used to protect data.

Rationale:

A disaster recovery strategy should be planned and formalized. Without a well tested disaster recovery plan it might not be possible to recover in time.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Create a disaster recovery plan.

See Also

https://workbench.cisecurity.org/files/3859

Item Details

Category: CONTINGENCY PLANNING

References: 800-53|CP-2, 800-53|CP-10, CSCv7|10

Plugin: Unix

Control ID: 0e8b24d3f6ee75780593924297c73b0eb349de5b672db17236c73190bc907fb3