Back to All Checks
Medium Neptune Regional

Neptune DB clusters should have automated backups enabled

NIST 800-53HIPAA

Description

This control checks whether a Neptune DB cluster has automated backups enabled, and a backup retention period greater than or equal to the specified time frame. The control fails if backups aren't enabled for the Neptune DB cluster, or if the retention period is less than the specified time frame. Unless you provide a custom parameter value for the backup retention period, Security Hub uses a default value of 7 days. Backups help you recover more quickly from a security incident and strengthen the resilience of your systems. By automating backups for Neptune DB clusters, you can ensure data is protected and can be restored when needed.

Remediation

To remediate Neptune DB clusters without automated backups enabled, you need to enable automated backups and set an appropriate retention period.

Steps

  1. Navigate to the Amazon Neptune console
  2. Select the DB cluster that needs remediation
  3. Click on 'Modify' to edit the cluster configuration
  4. In the 'Backup' section, ensure 'Automated backups' is enabled
  5. Set the 'Backup retention period' to at least 7 days (or your organization's required minimum)
  6. Configure the backup window if needed
  7. Review the backup configuration settings
  8. Apply the changes during the next maintenance window or immediately
  9. Verify that automated backups are enabled and retention period is set
  10. Test backup functionality to ensure it's working properly

Compliance

NIST 800-53HIPAA
Start Your Free Security Check