live cycle from creation over retrieval to eventual deletion is managed .
One of the main reasons to invest in onpremises backups is to speed up recovery . Cloud and offsite backups will almost always be slower . In some cases , cloud backup providers may have mechanisms to accelerate the recovery of large amounts of data by shipping hard drives instead of using slower internet connections .
Recovery speeds should be tested ahead of time to better estimate how long it will take to retrieve large amounts of data . This
When exploited , backup software vulnerabilities can also compound into giving attackers direct access to live system environments . provides an accurate barometer of how long it will take to recover sensitive files in the wake of a breach when extended downtime durations can translate to millions in financial losses .
Any data leaving the direct control of an organisation , whether it is physical backup files being shipped offsite or online backups migrating to the cloud , must always be encrypted before exiting the environment .
Encrypting backups adds an additional layer of security by converting sensitive information into an unreadable format , if attackers intercept data while in transit , they still couldn ’ t access it without a decryption key . Beyond transit data should also be encrypted while at rest at the secondary backup location as well .
In addition , organisations should allocate equal prioritisation to the three foundational components of effective data management :
Data protection
Actively protect both primary and secondary data backups from loss , theft , compromise , and corruption with the ability to rapidly restore data after an incident .
Coined the 3-2-1 rule , this approach combines cloud , on-premises , offline-remote copies to ensure data can be preserved even if an online backup is disrupted .
Data storage
Create a well-defined security architecture that promotes the safe storage of data backups both on-premises and in the cloud .
Data compliance
Ensure all backup systems and network users continuously follow access policies that are compliant with federal and industry compliance regulations .
It is still important to understand that primary and secondary backup systems were not initially designed to defend against cybercrime , especially not from expert threat actors who leverage encrypted malware , double extortion , and phishing campaigns , among others , as core competencies of their TTP framework .
At their inception , backups were made to preserve data in cases of file corruption or accidental removals , not ransomware . However , as cyber threats targeting data assets have intensified , they have emerged as a must-have tool within the enterprise data security arsenal . By implementing effective backup practices at scale , organisations can take proactive steps to strengthen their data security posture and safeguard sensitive files . •
40 www . intelligenttechchannels . com