Information Security Risk Evaluation of Region IV- Arlington, TX
Report Information
Recommendations
Update the backup procedures for seat-managed servers to
(i) reflect the current Region IV seat-managed server infrastructure; (ii) document current backup procedures for seat-managed servers; (iii) document procedures for creating Ghost images, including where those images are stored; (iv) define the schedule for creating Ghost images; (v) correct references to current seat-management contractor; and (vi) correct any other sections impacted by the changes to the server infrastructure or the transition to the new seat-management contractor.
Develop documented backup procedures for NRC-managed servers. The procedures should include the same level of detail as the backup procedures for seat-managed servers.
Develop and implement procedures for sending backups of NRC-managed servers to an offsite storage location in accordance with NRC requirements.
Develop and implement procedures for sending backups of NRC-managed servers to an offsite storage location in accordance with NRC requirements.
Establish a general laptop system and complete the process described in the NRC Laptop Security Policy for authorization of the general laptop system.