Behind the Firewall ft. John Burkhart

by Morgan Prost / May 21st, 2026

Audits aren’t just about ticking a checkbox; it’s about building operational resilience. 

During a recent SOC 2 gap assessment, Information Security Auditor, John Burkhart identified a major risk: the client lacked a formalized data backup and restoration process. 

Backups to the cloud occurred sporadically, with no consistent schedule or oversight.

Compounding the issue, restoration of these backups had never been tested, leaving significant uncertainty about their reliability in the event of a disruption.

John noted that the backups were stored in a single geographic region, creating additional risk in the event of a regional outage or disaster.
 “These gaps represented a meaningful vulnerability to the organization’s ability to ensure data availability and recoverability.”

He provided best practices guidance, emphasizing the importance of routine, verified backups across multiple regions. 

The client was encouraged to develop documented backup policies that included scheduled testing of restoration procedures.

John highlighted that such practices would not only strengthen resilience but also align with SOC 2 principles of availability and integrity.

To guide the client forward, references were provided to NIST and the SANS Institute, which offer comprehensive materials on cloud backup and restoration protocols. 

Thanks to John’s guidance, the organization is on a path toward building a structured, reliable, and compliant data management process.

Recent Editions:

Behind the Firewall ft. Jeneil Russell

May 22nd, 2026

Read More

Behind the Firewall ft. Shannon Lane

May 22nd, 2026

Read More

Behind the Firewall ft. Kyle Pardue

May 22nd, 2026

Read More

Behind the Firewall ft. Randy Bartels

May 22nd, 2026

Read More

Behind the Firewall ft. Suzette Corley

May 22nd, 2026

Read More