Configuration changes, no matter how small, must be logged.
Access to this log shall be restricted.
</p>
<p>
All physical visits will be logged and a report provided by the accessor.
</p>
<h3><aname="4.3">4.3. Backup </h3>
<p>
The procedure for all backups must be documented,
according to the following sub-headings.
</p>
<h4><aname="4.3.1">4.3.1. Type </h4>
<p>
Backups must be taken for operational
and for disaster recovery purposes ("offline").
Disaster recovery backups must be offline and remote.
Operational backups may be online and local.
</p>
<h4><aname="4.3.2">4.3.2. Frequency </h4>
<p>Document.</p>
<h4><aname="4.3.3">4.3.3. Storage </h4>
<p>
Backups must be protected to the same level as the critical systems themselves.
Offline backups should be distributed.
</p>
<h4><aname="4.3.4">4.3.4. Retention period and Re-use </h4>
<p>Document.</p>
<h4><aname="4.3.5">4.3.5. Encryption </h4>
<p>
Backups must be encrypted and must only be transmitted via secured channels.
Off-site backups must be dual-encrypted using divergent methods.
</p>
<h4><aname="4.3.6">4.3.6. Verifying Backups </h4>
<p>
Two CAcert system administrators must be
present for verification of a backup.
Four eyes principle must be maintained when the key and backup are together.
For any other purpose than verification of the success of the backup, see next.
</p>
<h4><aname="4.3.7">4.3.7. Key Management </h4>
<p>
The encryption keys must be stored securely by the
CAcert systems administrators.
Paper documentation must be stored with manual backups.
</p>
<h4><aname="4.3.8">4.3.8. Reading Backups </h4>
<p>
Conditions and procedures for examining the backups for purposes
other than for verification must be documented
and must be under Arbitrator control.
</p>
<h3><aname="4.4">4.4. Data retention </h3>
<h4><aname="4.4.1">4.4.1. User data </h4>
<p>
Termination of user data is under direction of the Arbitrator.
See CCA.
</p>
<h4><aname="4.4.2">4.4.2. System logs </h4>
<p>Document.</p>
<h4><aname="4.4.3">4.4.3. Incident reports </h4>
<p>
The systems administration team leader is to maintain incident reports securely.
Access to incident reports is restricted.
</p>
<h3><aname="4.5">4.5. Cycling </h3>
<p>Document.</p>
<hr>
<hr>
<ahref="http://validator.w3.org/check?uri=referer"><imgsrc="Images/valid-html401-blue.png"id="graphics2"alt="Valid HTML 4.01"align="right"border="0"height="33"width="90"></a>
<ahref="http://validator.w3.org/check?uri=referer"><imgsrc="Images/valid-html401-blue.png"id="graphics2"alt="Valid HTML 4.01"align="right"border="0"height="33"width="90"></a>