Network and mobile data breaches get much of the publicity today, but there’s another less publicized avenue susceptible to both insider and outsider attacks: backup. In early April, for example, Emory Healthcare in Atlanta lost the personal information of 315,000 patients when it discovered that 10 backup discs were missing.
Threats to backups come from external hackers, company insiders, loss or theft of backup data and media in transit, and the employees of services you entrust your backup data and media to. Threats are not just about data theft, but inattention to proper procedures, and intentional destruction of backup media and data that suddenly become critical in the event of a disaster. Threats can also come from unregulated personal backups, including the use of personal file storage services.
That’s why your organization should make sure that its security professionals, not just the storage folks, are involved in crafting and monitoring backup strategies and procedures. For the storage folks, the focus is likely to be on convenience and speedy recovery, perhaps sometimes at the expense of security. Here are some important security best practices to consider when crafting a backup strategy.
- Perform a security risk assessment of your entire backup process. Examine every step for vulnerabilities and remedies.
- Run a comprehensive risk analysis of the data you back up regularly to determine its sensitivity and appropriate measures to protect it. Some data might need a lot of protection and have compliance implications while other data is public anyway and doesn’t need much security.
- Make sure you set up your backup software so the backup client and server authenticate each other before a backup is performed. You don’t want a thief setting up a rogue backup server and initiating his or her own backup. The same goes for recovery.
- Encrypt sensitive backup data in transit and at rest to prevent prying eyes in the event of man in the middle attacks or media theft. Encryption can affect performance and backup volume, which is why you want to encrypt only the data that needs it and why it’s important to perform Step 2.
- Make sure your backup software offers lots of granularity in assigning administrator roles, so one administrator does not have access to all your data. Ensure that sensitive data can only be accessed by those who absolutely need it, and that they have the trust and authority to do so. Make sure backup configuration files are only accessible to authorized users.
- Keep track of known backup software security flaws and updates.
- Make more than one copy of your backup data and assign different staff to perform and manage each backup.
- Institute a tracking and chain of custody system for backup media to ensure you’re always aware of its location and any media that should be destroyed
- Evaluate and track security aspects of any off site location or service used to store backups. Make sure physical access is carefully regulated and facilities are secured appropriately. Verify that your contract allows you to perform security audits and perform them periodically
- Make sure the service and any transport service you use conducts stringent background checks on all staff. Have procedures in place to identify positively anyone who picks up your backup media for transit. All media should be transported in locked containers. If you can back up to an offsite location within your organization, do so.
- Destroy obsolete media in a secure, timely fashion in accordance with your risk assessment in step 2.
- Educate your business staff on backup security issues and their importance. Evaluate and create policies addressing personal online and cloud backup and storage services.
- Back up mobile devices centrally over secure VPN’s.
- Make sure all backup operations are logged so incidents can be traced to their source.
- Test the process periodically to ensure that it remains secure.