Photographee.eu - Fotolia
Ransomware is one of the major cybersecurity challenges affecting data backup administrators. In general, backup admins are charged with ensuring that data is backed up and secured successfully, while ensuring backup images aren't compromised. With the increasing use of public cloud as a backup target, protecting and securing data is becoming more of a challenge.
Here are three more cybersecurity challenges data backup administrators might end up facing.
Encryption key management. With on-premises backup software, data is typically encrypted by the backup software for tape-based targets or is not encrypted at all for disk-based targets. Only data moving off site is classified as needing encryption.
With the move to public cloud as a backup target, data has to be encrypted, while remaining accessible for restore in a range of situations. This means encryption key management has to be thought through in more detail. It's possible to use a cloud provider's keys, a providers' key management system or user-supplied keys. In all of these instances, how data is protected has to be determined by how those backups will be used in the future.
Credentials management. While backup and restore was previously managed through backup software, the capability of the public cloud to expose data to multiple platforms and users means a review of user access profiles is required.
In the past, a backup administrator would control all backup and restore tasks and perhaps expose some functionality for user-based restores. Now, data stored in the public cloud can be accessed for other purposes, such as seeding test/dev and search/analytics.
Determining access to data is more complex and requires a new level of thinking and integration with existing directory management offerings.
Auditing and compliance. As a complement to the above points, tracking usage becomes more imperative when facing cybersecurity challenges. At the basic level, being able to tell which users have accessed backup data is the first step in ensuring accurate audit information that can be used for compliance purposes. However, if compromised, data access is a risk for any organization. Even more than before, access to backups needs to be logged and tracked.
As with any production data, backups fall under the same regime for data protection when using the public cloud or other service provider platforms. Backup data should be treated just like production data when dealing with different cybersecurity challenges, as the contents are still a key corporate asset.
Improve your cloud-to-cloud backup security
The dos and don'ts of backups and ransomware
Is coming back from a ransomware attack possible?
Dig Deeper on Data backup security
Related Q&A from Chris Evans
Agentless data backups offer some major advantages over agent-based backups. The technology should be used wherever possible, and it can be ... Continue Reading
Using Oracle Recovery Manager for database backup and restore? Explore the Oracle backup script and command process, with options for specific ... Continue Reading
A layered protection strategy works best against ransomware. Organizations must be diligent about backing up data, monitoring suspicious activity and... Continue Reading