Backups, the Original Cyber Security No-Brainer

Information Technologies | Caleb Hill | Tuesday, February 27, 2024

Overview

Overview In the article "Backups, the Original Cyber Security No-Brainer," the author emphasizes the crucial role of offsite backups in bolstering cyber security. Despite having comprehensive security measures in place, vulnerabilities can still persist, highlighting offsite backups as a fundamental layer of defense for IT professionals. The article illustrates that while the concept of backups might seem straightforward, executing them effectively involves overcoming certain challenges, including ensuring the security of the backups and the data they protect. Offsite backups are portrayed not merely as a redundancy measure but as an indispensable safeguard against the consequences of cyber attacks, hardware failures, and natural disasters. The author strongly advocates for the deployment and routine verification of offsite backup strategies, preferably via cloud services, to guarantee business resilience and ongoing operational continuity in the face of diverse threats.

 

cybersecurity awarenessFor many people outside the cyber security industry, security signifies peace of mind. For those inside the industry, it often represents the exact opposite. Protecting information technology assets is a balancing act of vulnerabilities, threats, mitigations, security controls, and (as always) how much you can convince your company to pay for. Cyber security is always acutely and often painfully aware of how much residual risk still exists, even for relatively well-protected systems.

However, there is one cyber security measure that can make system administrators and cyber security professionals feel almost like home security gurus, smiling contentedly at their exhaustively tweaked network of outdoor and indoor cameras whose only blind spots are not only well-documented but also well-booby-trapped. In other words, one cyber security measure gives IT professionals peace of mind: offsite backups.

There are many risks that still wait in the wings despite and sometimes because of backup systems. Backups themselves must be protected and the mechanism that performs each backup must be secure: having copies of your data is not good if those copies are being served to bad actors on a silver platter.

These concerns, though, do little to outweigh the centrality of backing up company data intelligently and regularly. I used to think any redundancy was terrible: it was a waste of breath to say anything twice, and having three of something when you only needed one was nearly an unpardonable crime. The naïveté of my young mind was enamored with precision: I did not realize that reality rarely shoots straight, everything is a moving target, and not every target has a bullseye. 

With that in mind, my paradigm (at least for information technology) has shifted dramatically. Having two where one will do is mere prudence: having four or five begins to approach sainthood. IT deals with machines whose only language is written in black and white, zeroes and ones. These systems ought to be straightforward, but their sheer complexity lends them an element of chaos that leads those who work with them daily to assign their setups a certain level of mystery. It is our job and our pleasure to unravel these mysteries, but in the meantime, having copies of our systems, configurations, and information stored in multiple places allows us the freedom to experiment and test creatively. Anything that we inadvertently destroy can be restored with the click of a few buttons.

At an even more basic level than allowing IT technicians to build, rebuild, and troubleshoot systems safely, backups provide more than just insurance against disaster: they provide assurance. Suppose the server containing your company’s files has all its data encrypted for ransom by hackers, deleted by a disgruntled employee, erased by catastrophic hard drive failure, or otherwise destroyed by flood, fire, or a zombie apocalypse. In that case, you have the same information available elsewhere. Like Galaxar’s clones from DreamWorks’ Megamind, your server can get knocked down on Monday, possessed on Tuesday, and burned at the stake on Wednesday: your proprietary business information is still intact, provided it is stored in a separate location.

The distinction between offsite and on-site backups is key for disaster recovery. If you are trying to defend against a failing hard drive in your server, backing up to an external drive or local network, QNAP is fine. However, if you must fend off a flock of the undead hungry for hard drives, they will likely devour your whole network closet. More realistically, neither fires nor floods take prisoners. Burst pipes or busted roofs are not gentle on electronics of any kind, so any backups located in the same building as the server they are backing up will probably be equally affected. 

Backup Basics

laptop running a backup

In theory, we’ve established that backups are a wonderful idea: they are central to the integrity and availability of business information and are vital to the long-term operations of any information system. But how are these systems implemented in practice? The idea of something does little good if its proper implementation is neglected.

For example, East Buffalo Township recently experienced a catastrophic hard drive failure on its main server. Their Lewisburg-based IT provider, Computition, was selling them backups at the going rate of $150 a month, which East Buffalo learned (to their chagrin) was not worth the money: the server had never actually been backed up, and East Buffalo was left high and dry, with only paper records to use in the meantime.

Regarding data loss horror stories, East Buffalo’s is relatively mild. However, even mild horror stories are severely undesirable. Being chased by a clown down a dark alley is much better than being chased by the Predator but much less comfortable than strolling unhurriedly down the sunny side of the street. Well-implemented backups, my friends, are the sunny side of the broad street of data security.

How, then, are backups properly implemented, more specifically, offsite backups? As a refresher, offsite backups are simply when your systems are backed up to a location that is geographically distant from the location of the data being backed up. The standard way to perform offsite backups in modern-day IT infrastructure is to back systems up to the cloud (I proposed a system of SSDs carried by a trained network of carrier pigeons, but the idea somehow never caught on).

The cloud is a punchy two syllables that have become a catch-all for the netherspace of Internet storage. Strictly speaking, the cloud is a collection of servers designed to host software and infrastructure and store data. They take the form of large, humming data centers where racks upon racks of boxes blink in a collective fever dream of zeroes and ones. Poetic descriptions aside, cloud data centers sport constant uptime paired with and augmented by high levels of redundancy. Thus, the cloud has become the ultimate destination for offsite backups.

Cove, Veeam, and Acronis Cyber Protect are all backup solutions with cloud storage and automated backup capabilities. The essential advantage of using one of these backup services is the ability to specify backup types and times. Creating a backup schedule handled by the software helps ensure that data is being constantly archived in the proper fashion.

This is important because large backups can be resource-intensive and thus take a while; if they are not timed correctly, they can interfere with normal business operations. Unlike humans (who generally don’t enjoy waking up at 1 am to monitor backup jobs), automated processes don’t mind working odd hours of the night. 

Additionally, backup services can perform different types of backups, which facilitate data integrity and help save space in offsite storage. The primary type of backup is called a full backup, which is exactly what it sounds like: a carbon copy of every bit and byte of information at the target location shifted to storage in the cloud. Full backups are the brute squad of successful backup configurations: they are big, dumb, and effective.

The real finesse comes with adding incremental and/or differential backups. These backup strategies are almost always used in conjunction with full backups. Incremental backups backup only the information that has changed since the last full or incremental backup. For example, Monday backs up what’s changed since Sunday’s full backup, while Tuesday backs up what’s changed since Monday’s incremental backup. Differential backups compare each day back to Sunday’s full backup. Monday and Tuesday’s differential backups back up what has changed since Sunday’s full backup. 

The advantage of differential and incremental backups is that they take up far less space than full backups, with incremental backups taking the least space. In contrast, differential backups take a little more. The trade-off when choosing a backup strategy is between storage space usage and recovery speed. 

If you do a full backup every day, you must restore the latest full backup in case of disaster. On the other hand, if you are performing a differential backup, you need the last full backup plus the most recent differential backup, which takes slightly more time to process. On a hypothetical third hand, incremental backups require the last full backup plus every incremental backup since then, which takes more time to process. 

The speed of the data restoration process is inversely proportional to the speed of the backup operation. Thus, though incremental backups take the longest to restore from, they also run the fastest. Conversely, full backups take much longer to run but much less time to restore from.

The cost difference, on the other hand, relates directly to how much storage space the backup strategy uses. Like everything in IT, the actual cost of a solution is a sneaky blighter: you might run incremental backups for years and save money on storage but then lose it all because of downtime when restoring from a backup during disaster recovery.

Last but not Least

You may use differential or incremental strategies to augment your full backups. You may do a full backup every three hours (if so, you probably work for the government). But no matter what backup strategy combination your organization implements, the important thing is that these backups are implemented, tested, and stored somewhere offsite. 

I often find one more word to put in a list of things so that I can use an Oxford comma (my way of sticking it to the establishment). That one more word can be something unnecessary, redundant, or superfluous (irony intended). However, the middle word at the end of the last paragraph is not just filler: testing backups is an incredibly important part of a workable backup system.

You may have a very nice set of differentially incremented backups lined up across each day of the current week, punctuated by the comfortingly solid silhouette of a full backup; these backups may be stored in three different cloud providers, overflowing with redundancy that is anything but superfluous. And yet, when it comes time to use those backups, you may find they need to restore correctly. It might not be a total failure, but a restore operation that should have been the click of a button becomes hours of troubleshooting, stress, and costly downtime.

Many companies utilize separate servers or virtual machines to test backups. One can schedule a restore process to point to the virtual machine or server rather than to the original location of the files, thus allowing data integrity and recovery speed to be sandboxed without interfering with the production environment.

All in all, implementing a system of offsite backups (probably stored in the cloud) utilizing backup software to create a schedule for backups and script backup restore tests will go a long way towards providing your company’s information with real resilience and vital redundancy. If disaster strikes an office location or server room, these tried and tested backup systems will serve as the lifeblood of your company, reanimating operations as you rebuild.

 

Cybersecurity Awareness Poster cybersecurity awareness

Caleb Hill - Head Shot

ABOUT THE AUTHOR

Caleb Hill recently joined Intrada full-time, as a Cybersecurity Technician, after working for over a year on a part-time basis. During that time, he was working on finishing his bachelor’s degree in information assurance & cybersecurity from the Pennsylvania College of Technology. He graduated and received his degree in May 2023.

Learn More

Share this article:

Intrada Attends ShmooCon 2024

Shmoocon Staff badge. The conference badges are used in the annual cryptography challenge. This year's theme was time travel. Three team members from Intrada Technologies recently had the privilege of attending ShmooCon, an esteemed three-day cybersecurity conference in the heart of Washing...

The Cost of Clicking: Understanding Phishing ...

In today's digital age, email scams and phishing attacks are unfortunately a common threat to both individuals and organizations. Phishing, a cybercrime in which targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providin...

Our website uses cookies and analytics to enhance our clients browsing experience. Learn More /