|
|
|
|
|
|
by LinuxBender
1864 days ago
|
|
|
I would like to add a couple of ideas to the list. * Also ensure your Production and DR do not use the same automation, or that there is full segmentation in your automation so that if automation goes sideways, or is compromised, your Production and DR are not simultaneously blown away or encrypted. * If you can't keep backups offline, at least write them to a write-only destination and/or have an enforced vaulting policy that keeps {n} copies in multiple locations and can't even be deleted by super-users. Deletion must require multiple VP's using MFA to log into a thing and "turn a key" so to speak. |
|
|