|
Questions are coming to me with regard to a backup policy for our ex-employees. We are a public company and we have to follow the Sarbanes-Oxley (SOX) Act. Is there a standard policy with regard to SOX for security, retrieval, backup and storage, and retention of data from Exchange mailboxes, PCs, home drives, thumb drives of ex-employees?
(comments are locked)
|
|
Policies are defined by individual organizations. There is no standard policy available. But guidelines are available at the SOX website. The important areas are to classify data, how long data is to be kept, and how it matches with existing policies on backup and recovery. As long as you have some definitions, you are complying with standards. The policies will be analyzed from time to time and from these analyses, make the necessary changes.
(comments are locked)
|
