Data Retention & Disposition Policy¶
Data retention describes what data must be stored and for how long. This data is commonly used for disaster recovery, network forensics, network analytics, and cybersecurity investigations. Proper data retention standards minimize the company’s attack surface and prevent the accumulation of unnecessary data and the resulting costs.
This policy letter establishes the data retention policy for all production information stored on cloud infrastructure owned or operated by Second Front (2F). The scope of this policy includes all AWS regions and any other providers that host infrastructure managed by 2F for the Game Warden Platform as a Service (PaaS).
1. Data categorization & retention periods¶
This section defines types of data and how long each category must be retained. Retention periods are based on security, operational, and compliance requirements.
Access, authentication, and administrative auditable events¶
Retention period: 1 year
Audit scope includes:
- Successful and unsuccessful login attempts
- Privileged or system-level activity
- Session start and end times
- Concurrent logins from different workstations
- Access to protected objects or resources
- Program initiations and direct system access
- Account creation, modification, disabling, and termination
- Kernel module loads, unloads, and restarts
Backup requirement:
- Audit records must be backed up at least weekly to a separate system from the source.
Network activity logs¶
Retention period: 1 year
Includes:
- All inbound and outbound network traffic
- All internal traffic within the environment
Mission-critical backups¶
Retention period: 3 months
Includes:
- Backups and snapshots of systems, applications, and data that are critical to organizational survival
2. Superseding procedures¶
Retention periods explicitly stated in local network or system operating procedures may supersede this document if they extend the retention timelines defined above. This policy establishes the minimum baseline for how long data should be retained in cloud environments.
3. Superseded policies¶
This policy supersedes the Second Front (2F) Data Retention Policy dated 20 August 2021.
4. Reference documents¶
This section lists the authoritative documents and government directives that inform this policy.
| Publication | Title | Date |
|---|---|---|
| Directive-type Memorandum (DTM) 22-001 | DoD Standards for Records Management Capabilities in Programs Including Information Technology | 02 June 2023 |
| DoDD 5400.07 | DoD Freedom of Information Act (FOIA) Program | 05 April 2019 |
| DoD Instruction 5015.02 | DoD Records Management Program | 24 February 2015 |
| NARA Pubs | National Archives and Records Administration General Records Schedule | Latest |