ISO/IEC 27001 Control 8.13: Information backup
Control
Backup copies of information, software and systems should be maintained and regularly tested in accordance with the agreed topic-specific policy on backup.
Necessity of MidPoint
MidPoint is necessary to implement this control properly.
MidPoint features and capabilities are essential for efficient implementation of this control. While it is theoretically possible to implement this control without a comprehensive IGA platform in place, the implementation is likely to be inefficient, costly, slow and unreliable in the long run. MidPoint can make implementation of this control efficient and reliable.
Implementation Overview
MidPoint contains up-to-date access control information which is essential for reliable restore procedures.
Implementation Details
MidPoint identity repository contains user database, access control information and policies. This information is always maintained fresh through a synchronization process and automated policy processing. Such information is essential for reliable restoration of data of any failed application or system. MidPoint can use data in its identity repository to correct any discrepancies in user databases and access control information of restored systems. As midPoint data are always fresh, it can effectively re-play the changes that happened between taking a back-up image and failure of the system, which are missing in the restored data set. MidPoint can use orphan detection mechanism to de-activate any accounts that should not be active any more. Synchronization reactions can be used to re-create any new accounts. MidPoint can also correct access privileges that have changed in the period which is not recorded in back-up image. Simulations can be used to preview changes that midPoint would do to the restored system, which can be precious indication about freshness and validity of restored data, before putting restored system into production. MidPoint can be instrumental in testing restoration procedures, automatically validating that user databases and access control data were correctly restored.
Rationale
System back-up images usually cannot be completely fresh, the images are created at regular interval. When a system is restored, some data are inevitably missing. This includes access control data as well. Outdated access control data are a major security risk, especially shortly after security incidents, at which time it is likely that data restoration procedures will be needed. MidPoint is a necessary tool to quickly update user databases, privileges and access control data of restored systems, to make sure they are secure.