Viewing entries in
Keeping your data safe

Archive, Backup, and Disaster Recovery

Archiving, Backup and Disaster Recovery.png

Backing up, archiving, and preparing for disaster recovery are obviously related. They overlap, but each one names a different purpose. Doing a good job at one of them doesn't mean they're all covered. Let's consider what each one involves.

Backup

The purpose of a backup is to restore files that are lost or damaged. Recovery needs may range from a single file to an entire drive. A backup volume can be local or remote. It can be quick to access for getting back single files, or intended mostly for bulk recovery. Its focus isn't long-term storage, though durability is a good quality.

Versioned backups provide extra safety. A file can be corrupted, without being noticed, for a long time. If only the current version is backedup, and it's corrupted too, that's not useful. A backup that includes older versions gives a better chance of recovery.

Many approaches are possible:

  • An attached drive. Software does frequent incremental backups automatically. It's convenient, and it's always up to date. The disadvantage is that malware or physical damage to the computer might affect the backup drive as well.

  • A shared storage system. Network attached storage (NAS) provides a large amount of backup space and keeps everyone's backups together. It simplifies backup management if there are a large number of users.

  • Tape backup. Tape is good for high-volume storage and allows saving multiple backups. It's good for recovering crashed drives, but not very convenient for restoring single files.

  • Offsite backup. Cloud storage is safer than any local backup from events that affect a whole office. It needs a fast enough Internet connection.

It's best to combine onsite and offsite backup. If one method fails, the other will usually keep working.

Archive

Long-term archival storage involves a different set of goals. It has several important criteria:

  • Selection. Not every file needs to go into an archive. Figuring out which ones are needed can be a complicated task. It's necessary to take business goals and regulatory requirements into account.

  • Durability. Unlike a backup, an archive needs to be kept intact for a long time, usually years. It needs to have its own backup. Storage media will eventually go bad, and old file formats may become difficult to process, so it can require periodic migration to new media and storage formats.

  • Identification. The information in an archive needs to make sense years after it's created. It needs to be well-organized, and it has to include enough metadata to reconstruct its context and purpose.

Maintaining an archive is a more complex task than keeping data backed up.

Disaster Recovery

Backup is a part of disaster recovery preparation, but it's not the whole story. If a catastrophic event takes out your business systems, you need a way of getting up and running again as quickly as possible. Being confident of that requires a recovery plan.

When disaster strikes, it's necessary to bring up an alternate system. Speed is essential; every minute that a company's systems are down means lost productivity and income. If systems are down too long, it affects the confidence of customers and partners. Bringing new machines onto the premises might not be feasible if the damage is severe, and getting them running is time-consuming.

The systems not only need to come back quickly, but with little or no data loss. If the recovery system has to roll back to the previous day's records, it will take a lot of work to bring them up to date. The backup needs to be ongoing to avoid losing business data.

Cloud-based disaster recovery as a service (DRaaS) lets your business operate with confidence that if serious damage happens, downtime will be short and data won't be lost. StorTrust gives you the highest confidence that your data is always backed up and that you're prepared for any disaster that may come.

Whatever your backup, archiving, and DR needs are, Abtech is ready to meet them.

Is Your Data Really Safe?

The key to understanding whether or not your data is safe lies in understanding the threats to it. Most attackers will attempt to come in by several very common avenues.

Every organization will face different threat levels. For example, if you're in finance or are a utility company, you're going to be facing more persistent and creative angles of attack than a small locally-focused shop will. That doesn't mean that there is any one type of business or set of circumstances where you can just forget about security, however. The internet is crawling with hackers and automated malware, and there's always some willing to grab up low-hanging fruit if the right door is left open.

Be sure to consider all of the following possibilities when reviewing your network security policies and procedures.

  • "Phishing" and Social Engineering Attacks

So-called "soft" attacks in which hackers attempt to exploit company employees have become much more common than attacks against the software or hardware of the network. That's because they're much easier to pull off and actually have a higher rate of success.

The main angle of attack is by email. Attackers can mass-mail to everyone in the company, but they may also do some homework and try to target specific entities by profiling them using publicly available information. Whatever the case, the endgame is the same; get the employee to either open a tainted email attachment, or to follow a link to an attack site that automatically installs malware.

The most common varieties of malware that will be installed are keyloggers or ransomware. A keylogger sits in the background and records keystrokes, possibly also taking periodic screenshots, and quietly forwards these to the hacker so that they can steal login information and private data. Ransomware encrypts vital files on the network, and the hackers then demand a payment (or two, or three) in return for the password to unencrypt them.

The biggest first step in defeating phishing attacks is to ensure that all email clients used on the network do not automatically download or run attachments! While mass-mail phishing attacks are usually easy to spot, a targeted attack may come from a "spoofed" email address that seems to be legitimate. Employees should be instructed to verify with the other party by phone or instant message if an unexpected attachment is sent or if they are asked to visit an external site out of the blue. As a safeguard against ransomware, you can also run automated "snapshot" systems that periodically send backups of network data to both the cloud and a local storage system.

 

  • Documented Software Exploits

While nearly every business has some data a hacker wouldn't mind having, some are much more interesting than others. For example, a company like Google or Goldman Sachs will regularly employ teams of hackers called "penetration testers" who try to find completely new and novel ways to break into their systems, ensuring they are on the cutting edge of security at all times.

A more "average" business doesn't face this kind of advanced threat. If the data they are guarding isn't particularly juicy, hackers will generally try known exploits against the software they are running and move along if none of them work. So how do you protect against these exploits? Primarily, it's by making sure you have the latest updated versions of each piece of software and app, as they receive continual security patches against newly discovered vulnerabilities. Old, discontinued software should also be replaced with something more modern, as new vulnerabilities will no longer be patched.

 

  • Discarded, Recycled and Lost Devices

Simply moving data to the recycling bin on the desktop doesn't make it disappear. If old electronics are to be sold or recycled and are still functional, they need to be cleaned with a good "hard disk wiping" program like DBAN that scours them to eliminate residual data. If you're simply disposing of an old drive, have it shredded. Don't forget that devices like copiers, printers, and old phones also have internal drives that store data!

Employees losing company phones or devices will happen from time to time, but you can secure against this mishap by mandating strong unique passwords for each device and two-step authentication for logins. It would also not hurt to encrypt data on devices that go out into the wild with a unique key that can be revoked later if they go missing.

 

  • Internal "Turncoat" Attacks

The toughest data security issue to deal with is the possibility of a trusted employee going rogue. Mitigation in this area primarily comes down to identifying privileged accounts and monitoring them appropriately, as well as removing credentials ASAP when such an employee leaves the company.