Rule: EFS File Systems in Backup Plan
This rule emphasizes the importance of including EFS file systems in a backup plan.
| Rule | EFS file systems should be in a backup plan |
| Framework | NIST 800-53 Revision 4 |
| Severity | ✔ High |
EFS File Systems Backup Plan for NIST 800-53 Revision 4
Description:
This rule states that organizations must include their EFS (Encrypting File System) file systems in their backup plan to comply with the requirements outlined in the NIST (National Institute of Standards and Technology) Special Publication 800-53 Revision 4. The EFS is a feature in Microsoft Windows that provides filesystem-level encryption. By including EFS file systems in the backup plan, organizations can ensure the availability and integrity of their encrypted data in case of accidental deletion, hardware failure, or other data loss events.
Troubleshooting Steps:
- 1.Verify that EFS is properly enabled on the file system.
- 2.Check if the file system is correctly configured to be included in the backup plan.
- 3.Ensure that the backup solution being used supports EFS file system backups.
Necessary Codes:
No specific codes are required for this rule.
Step-by-Step Guide for Remediation:
Step 1: Enable EFS on the File System
- 1.Open Windows Explorer and navigate to the location of the file system you want to enable EFS for.
- 2.Right-click on the file or folder and select "Properties."
- 3.In the Properties window, click the "Advanced" button.
- 4.Check the "Encrypt contents to secure data" box and click "OK."
- 5.If prompted, choose whether to apply the encryption to the file or folder only or to also include all subfolders and files. Make your selection and click "OK."
Step 2: Include EFS File Systems in the Backup Plan
- 1.Review your existing backup plan or create a new one that includes EFS file systems.
- 2.Ensure that the backup solution you are using supports the backup of EFS file systems. If necessary, consider using a backup solution that specifically mentions EFS file system support.
- 3.Configure the backup software to include the EFS file systems in your regular backup schedule.
- 4.Verify that the EFS file systems are being successfully backed up by performing a test restore of a file or folder.
Step 3: Regularly Test and Monitor EFS Backups
- 1.Periodically test the restoration of backed-up EFS file systems to ensure that the backups are working correctly.
- 2.Review backup logs and monitoring systems to ensure that backups of EFS file systems are occurring as expected.
- 3.Implement regular checks to ensure that there are no errors or issues with the backup process.
- 4.Address any problems or errors encountered during the backup or restore process promptly.
Conclusion:
By following this rule, organizations can ensure the inclusion of EFS file systems in their backup plan as required by NIST 800-53 Revision 4. The step-by-step remediation guide provides a clear path to enable EFS, include it in the backup plan, and regularly test and monitor backups. This approach helps minimize the risk of data loss and ensures the availability and integrity of encrypted data stored in EFS file systems.