There is a great deal that can go wrong with your data. Your servers can be damaged by faulty equipment, a natural disaster, or general wear and tear. A bad update can wipe out critical files in swathes, as can user error. And all of this does not even account for cybercrime, which is a constant, pressing issue for all businesses. You therefore have every reason to maintain backups of critical systems and data - and no reason not to. Presumably, you already know this. But did you know that your backups themselves represent yet another attack surface for your organization? Ransomware, for example, is becoming more targeted - and in some cases, criminals are aiming it at backup systems rather than primary ones. “Cyber extortionists know that backups are their number one enemy, and are adapting their ransomware to look for them,” writes CSO Online’s Maria Korolov. “Any file system that’s attached to an infected machine is potentially vulnerable, as well as attached external hard drives and plugged-in USB sticks...If malware gets into a system and encrypts all the files, the encryption will be mirrored to the backup system as well.” You need to protect your backups from these criminals, and from all the other myriad things that might go wrong with it. To that end, there are a few steps you should take:
- Brainstorm security policies for your backup and disaster recovery systems. Who needs to have access to these systems, and how can you ensure they are the only ones that do? How will you monitor these systems for suspicious activity, and how will you protect the physical disks?
- As I have mentioned in my previous piece, store your backups offsite, and strictly control physical access to the location. Consolidating all your critical infrastructure to a single location means that you are dead in the water if that location is brought down.
- Password-protect and encrypt your backups. If a hacker catches wind that your backup systems are unencrypted, why should they bother stealing data directly from your servers? They can just crack the backups instead.
- Be aware that your disaster recovery plan should also include considerations for your backup systems. A backup can be subjected to all the same threats as any other system. What will you do if your backups end up compromised or destroyed?