Prevent permanent data loss from system administration activity
- Making an unintentional mistake
- Trying to accomplish needed tasks with workarounds; to make the system do something for which it was not designed
- Acting with the intention of causing harm
First line of defense: backup
A 30 day retention grantees file recovery.
Any unauthorized or accidental change or removal of data can be restored within this time frame.
Second line of defense: WORM
Data removal after 30 days can be recovered with the WORM solution. It is an isolated environment with:
- encrypted filesystem
- rsync data with Syncthing file versioning
- log and sent mail message of system activity to a list of administrators and application owners in real time
- lock out after failed login attempts
- custodian has read access to WORM to created temporal keys
- DI sysadmin needs temporal key for full control access