{"id":13439,"date":"2019-11-30T08:00:06","date_gmt":"2019-11-30T02:30:06","guid":{"rendered":"https:\/\/www.the-next-tech.com\/?p=13439"},"modified":"2020-01-22T13:23:20","modified_gmt":"2020-01-22T07:53:20","slug":"how-to-secure-backups-in-automated-data-protection-systems","status":"publish","type":"post","link":"https:\/\/www.the-next-tech.com\/security\/how-to-secure-backups-in-automated-data-protection-systems\/","title":{"rendered":"How to Secure backups in Automated Data Protection Systems?"},"content":{"rendered":"

Amidst the ever-evolving threats facing enterprises today- the task of completely securing an organization from a multitude of external and internal threats becomes increasingly tedious with each passing day. Not only do enterprises have to worry about malicious third-party agents wreaking havoc by stealing sensitive information, or by launching\u00a0 different\u00a0 attacks- an insecure business can also lead to the loss of valued customers. The crucial tie that cybersecurity<\/a> shares with the financial well-being of a company is further validated by the fact that a staggering 60% of small businesses close down <\/a>in the aftermath of a data breach.<\/p>\n

Taking the dire need for better cybersecurity into account- the first step that organizations can take to foster security against external and internal threat agents is to simply educate themselves. This also includes training on security awareness and its importance<\/a>. Unfortunately, however- a majority of cybersecurity teams employed by enterprises fail to hit the mark, and prefer to stay in the dark about the potential loopholes in their cybersecurity infrastructure.<\/p>\n

One such overlooked aspect of an organization\u2019s security infrastructure is backup security- which is a key element of securing an enterprise in the present age of rampant ransomware, malware and data breaches.<\/p>\n

What is backup security and why does it matter? <\/strong><\/h2>\n

As mentioned above, an often overlooked part of an enterprise\u2019s security structure is backup security. As more and more organizations ride the wave of digitalization and increase their reliance on technologies such as cloud computing<\/a>– backup security becomes necessary for organizations to exercise, since backups contain highly sensitive and confidential data, which could have disastrous consequences if breached.<\/p>\n

Furthermore, with the looming danger of ransomware attacks hanging over enterprises, investing in backup security becomes a necessity, rather than a \u201cmiscellaneous IT expense.\u201d Once an organization realizes that it is under a ransomware attack; having a backup of all the data encrypted by the ransomware<\/a> comes in handy- and prevents an enterprise from having to pay a hefty ransom to the cybercriminals.<\/p>\n

However, the increasing sophistication of ransomware attacks, combined with the ever-evolving threat landscape of today\u2019s cybersecurity world leaves a lot of room for ransomware attackers to encrypt the backup files as well- which is where the road to achieving cybersecurity splits in two impossible choices for enterprises to select. The first choice requires the organization to pay a large ransom for the decryption key, while the second choice entails that an enterprise makes peace with the digital destruction and exploitation of highly confidential information.<\/p>\n

If your enterprise decides to go for the first option, hoping that you\u2019ll gain access to all of the compromised data immediately- you\u2019re just setting yourself up for disappointment. There have been multiple instances when an enterprise didn\u2019t receive all of their data back, with some estimates suggesting that complete data recovery could take up to a month or longer.<\/p>\n

In addition to the prominence of the dire threat posed by ransomware attacks<\/a>, a fundamental and general disregard for cybersecurity, as demonstrated by the fact that more than two-thirds<\/a> of businesses don\u2019t invest in cybersecurity insurance coverage, which amps up the damages caused from disastrous to absolutely catastrophic.<\/p>\n

Taking all of this information into account, the need for improved backup security becomes apparent- even more so, when we factor in the potential damage that malware can cause as well. Usually, modern cybercriminals employ malware to silently target a network over a longer course of time, and once the malware has entered every device on the network- the ransomware is activated- the consequences of which we\u2019ve already discussed above.<\/p>\n

Related:<\/strong> –\u00a0How Artificial Intelligence is Changing the World<\/a><\/p>\n

What are the problems encountered in securing backups in automated services? <\/strong><\/p>\n

Up till this point, we\u2019ve made it seem like cybersecurity experts are recusing on a private ranch somewhere, while the cybersecurity world burns in flames around them. Despite the bad rep that they\u2019ve garnered, cybersecurity experts try their best to combat the threats posed to backup files- it\u2019s just that sometimes the situation gets out of their control.<\/p>\n

One such security strategy formulated for the purpose of protecting backup files against ransomware attacks is the \u201cair gap\u201d strategy. Widely considered to be the most effective way to protect backups- the air gap approach to protecting backup dictates that all backup files are physically detached from the network. Usually, the files are removed from the recording device and are stored offsite.<\/p>\n

In the instance of a data breach, or a ransomware attack- the backup files need to be physically relocated and transferred for the IT team to restore the data set. Although creating an air gap works perfectly in most cases, there are several problems that arise with the continued reliance on air gaps, particularly in automated services.<\/p>\n