When considering security for information technology resources and systems, companies face many challenges. Not only must companies protect edge-facing (those that provide access to networks outside of an internal network) and core-facing infrastructure technologies, they must protect all data at all times, and in all locations. Now more so than ever, this includes backup data and systems located in disaster recovery (DR) facilities, as the hope is that these have not been properly safeguarded or maintained and are vulnerable to attack.
Why is the security of backups important?
Primarily, this is answered with the “CIA triangle” for security: Confidentiality, Integrity, and Availability.
Proprietary company data, and really all company internal data, should be kept confidential. Backups and disaster recovery instances are copies of production data and should be treated with the same stringency. In previous years, companies lost confidential data due to theft of a backup tape. While still possible today, most attacks target the data directly, given the large amount of personal information that exists in a digital state.
Just like the integrity of production data, backup data should be kept in a pristine state with the least level of permissions possible given to users, and administrative access should be limited and monitored. Backup data should not be modifiable once written, and it should be tested for integrity. When sending backup data offsite, be sure it is encrypted in flight and at rest.
Availability is the ability for users to access data and applications when they need them. Backups and disaster recovery exist with this in mind, so it is important to treat them as the only way to ensure availability for your organization. Bad actors and hackers know the importance of backed up data and will target backups and offsite locations in order to prevent restores to get around their malware and ransomware efforts. In addition, they will use ‘time bombs’ to sit quietly and hopefully infiltrate backup files without alarm until they are activated.
What can my company do to prepare?
The majority of a company’s security budget goes to hardware and software solutions that monitor and prevent external access to and from internal network(s). These solutions are usually expensive and complex, but a high-quality door and lock will go a long way in keeping out unwanted guests.
Internal policies and procedures must accompany the door and lock. In order to maintain the CIA triangle, internal data and systems must be safeguarded from insider threats, proliferation of malware, and accidental modifications or deletions. Ideally, networks should be segregated, with a separate network for backup traffic both for performance and security reasons.
The Global Data Vault Perspective
At Global Data Vault, our business is providing services specifically tied to customer data. We understand the importance of the CIA triangle and have built a reputation on delivering what our customers expect and more. To us, all customer data is secret and confidential. If we allowed the integrity of your data to come into question, we would not be performing adequately, and we will guarantee the availability of your data within all defined SLAs.
Most of our internal security framework is based on programs from the SANS Institute.
GDV partners with BitLyft, a cybersecurity company, to provide Security Ops Center-as-a-Service for our data centers, which we extend to our touchpoint into a customer environment. This provides automated incident response at an expert level and is attuned to our BaaS and DRaaS offerings.
We also continuously innovate and develop technology such as Enhanced Data Protection for our customers.
Security incidents can be stressful times. Global Data Vault is committed to take responsibility for assisting your company during any issue, and return you to operations as quickly and easily as possible.
Related Content: Watch the Cybersecurity Webinar to hear about real-life cyber-attack stories and how the companies recovered.