Rule: EFS File Systems Protected by Backup Plan

Ensure EFS file systems are safeguarded by a reliable backup plan.

Rule	EFS file systems should be protected by backup plan
Framework	CISA-cyber-essentials
Severity	✔ High

Rule Description:

EFS (Elastic File System) file systems should be protected by a backup plan to ensure data availability and prevent loss in case of any unforeseen circumstances or failures. This rule is in line with the CISA (Cybersecurity and Infrastructure Security Agency) Cyber Essentials guidelines.

Troubleshooting Steps:

1.
Check if an EFS backup plan is already in place.

2.
Verify that the scheduled backups are being performed as expected.

3.
Ensure that the backup files are being stored securely and can be easily accessed when needed.

4.
Review any error messages or warnings related to backups and take appropriate action to resolve them.

Necessary Codes:

There are no specific codes required for this rule implementation. However, you may need to utilize AWS CLI (Command Line Interface) commands for managing EFS backups if manual intervention is needed.

Step-by-Step Guide for Remediation:

1.

Login to the AWS Management Console.

2.

Navigate to the Amazon EFS service.

3.

Identify the EFS file system(s) that need to be protected by a backup plan.

4.

Choose the appropriate backup solution based on your requirements. AWS provides different backup options such as Amazon EFS Backup, AWS DataSync, or third-party backup solutions.

5.

For using Amazon EFS Backup, follow these steps: a. Click on the "Backups" tab in the Amazon EFS console. b. Click on "Create backup plan". c. Provide a meaningful name for the backup plan and select the EFS file system(s) to include. d. Configure the backup frequency, retention period, and any lifecycle settings as per your backup strategy. e. Choose the destination for storing the backup files, either on Amazon S3 or NFS (Network File System) servers. f. Review and confirm the backup plan settings. g. Click "Create Backup Plan" to initiate the backup process.

6.

For using AWS DataSync or third-party backup solutions, refer to their respective documentation for setting up and configuring backups for EFS file systems.

7.

Monitor the backup activities and verify that the backups are being created successfully as per the defined plan.

8.

Periodically test the restore process to ensure that the backups are valid and can be restored if required.

9.

Review and update the backup plan periodically to align with any changes in the EFS file system or data retention policies.

10.

Document the backup plan and associated procedures for future reference and audit purposes.

Conclusion:

Following this rule will help protect your EFS file systems and ensure the availability of data in case of accidental deletion, hardware failures, or other data loss events. Regularly monitoring and testing the backup system will ensure its effectiveness and provide peace of mind.

Rule: EFS File Systems Protected by Backup Plan

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Troubleshooting Steps:

Necessary Codes:

Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities?
Find Out Now