{"id":5614,"date":"2023-06-16T14:36:14","date_gmt":"2023-06-16T18:36:14","guid":{"rendered":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/?p=5614"},"modified":"2023-08-11T10:41:01","modified_gmt":"2023-08-11T14:41:01","slug":"the-critical-role-of-safe-and-secure-backup-system-storage","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/","title":{"rendered":"The Critical Role of Safe and Secure Backup System Storage"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-5629\" src=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg\" alt=\"The Critical Role of Safe and Secure Backup System Storage\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg 800w, https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage-300x150.jpg 300w, https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage-768x384.jpg 768w, https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage-540x270.jpg 540w, https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage-162x81.jpg 162w, https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify;\"><i><strong>Solutions Review\u2019s Premium Content Series is a collection of contributed articles written by industry experts in enterprise software categories. In this feature, <a href=\"https:\/\/www.sans.org\/\" target=\"_blank\" rel=\"noopener\">SANS Institute<\/a> Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage.<\/strong><\/i><\/p>\n<p style=\"text-align: justify;\">It\u2019s no secret that backup systems are critical to preserving sensitive data files from ransomware, theft, sabotage, and accidental loss. However, it\u2019s important to remember that merely leveraging backups isn\u2019t the end-all-be-all solution to a challenge riddled with complexity. Just because organizations have backup systems in place does not always mean their data is fully protected in the wake of a loss-causing event. And amid sharp rises in the volume and velocity of attacks, the consequences of poor data backups are too severe to overlook. For example, IBM\u2019s <a href=\"https:\/\/www.ibm.com\/reports\/data-breach\" target=\"_blank\" rel=\"noopener\">2022 Cost of a Data Breach Report<\/a> found:<\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"speedbump-1\" href=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/get-a-free-backup-and-disaster-recovery-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"Data Protection Vendor Map\" src=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2021\/05\/21_BUDR_SB_BG_Blue_800.gif\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n<h2 style=\"text-align: justify;\"><strong>Secure Backup System Storage<\/strong><\/h2>\n<ul>\n<li>Globally, the average total cost of a data breach increased by 13 percent YoY to a record-high $4.3 million in losses. U.S. organizations were most impacted, with an average loss of $9.4 million per breach.<\/li>\n<li>The average duration of identifying and containing a data breach lasted more than 275 days \u2013 equivalent to over nine months of downtime.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">As attackers have grown more skilled and sophisticated, they are now leveraging hard-to-detect tactics, techniques, and procedures (TTPs) that capitalize on backup system vulnerabilities to either steal data or disrupt recovery operations. Remote access backups, for instance, are often reliant on password protections. Due to poor password hygiene or the absence of two-factor authentication, these backup systems can be easy targets for threat actors to utilize as attack vectors against protected systems.<\/p>\n<p style=\"text-align: justify;\">When exploited, backup software vulnerabilities can also compound into giving attackers direct access to live system environments. Take the <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2023\/02\/27\/cisa-adds-one-known-exploited-vulnerability-catalog\" target=\"_blank\" rel=\"noopener\">CVE-2022-36537 vulnerability<\/a> that was <a href=\"https:\/\/www.thestack.technology\/r1soft-server-backup-manager-software-vulnerability-exploited-cve-2022-36537\/\" target=\"_blank\" rel=\"noopener\">publicized in early 2023<\/a> for example. Threat actors used it to access additional servers that were backed up on the same system, essentially \u201csurfing backward\u201d into live environments to exfiltrate data and distribute malware. That very same scenario is impacting organizations of all sizes or sectors, heightening the criticality of effectively implementing safe and secure backup system storage to maximize protection and agility.<\/p>\n<h3><strong>The 3-2-1 Rule<\/strong><\/h3>\n<p style=\"text-align: justify;\">Organizations should consider data assets at risk if they are not backed up in at least three different locations. Coined the 3-2-1 rule, this approach combines a diverse mix of cloud, on-premises, and offline\/remote copies to ensure data can be preserved even if an online backup is disrupted. Among all forms of backup systems, cloud-based backups are often most vulnerable. In turn, organizations should be leveraging an on-premises backup that can drive rapid restoration at scale, especially in cases where there\u2019s a high volume of critical data to recover.<\/p>\n<p style=\"text-align: justify;\">Always be cognizant of testing recovery speed ahead of time. This provides an accurate barometer of how long it will take to recover sensitive files in the wake of a breach when extended downtime durations can translate to millions in financial losses. It took the City of Atlanta\u2019s municipal department <a href=\"https:\/\/www.ajc.com\/news\/cost-city-atlanta-cyber-attack-million-and-rising\/nABZ3K1AXQYvY0vxqfO1FI\/\" target=\"_blank\" rel=\"noopener\">seven full days to restore services<\/a> from a ransomware event, and in a similar attack against Baltimore\u2019s city municipal department, the recovery timeline <a href=\"https:\/\/statescoop.com\/baltimore-ransomware-crowdstrike-extortion\/#:~:text=The%20May%202019%20ransomware%20attack,by%20threatening%20to%20publish%20stolen\" target=\"_blank\" rel=\"noopener\">lasted more than six weeks<\/a>. Both city governments ultimately suffered a combined $20-plus million in losses largely due to operational downtime.<\/p>\n<p style=\"text-align: justify;\">When designing a cloud-based solution architecture, focus on access controls, authentication requests, and how the backup lifecycle \u2013 spanning from creation over retrieval to eventual deletion &#8212; is managed.<\/p>\n<h3><strong>Best Practices to Consider<\/strong><\/h3>\n<p style=\"text-align: justify;\">Any data leaving the direct control of an organization, whether it\u2019s physical backup files being shipped offsite or online backups migrating to the cloud, must always be encrypted before exiting the environment.<\/p>\n<p style=\"text-align: justify;\">Encrypting backups adds an additional layer of security by converting sensitive information into an unreadable format \u2013 if attackers intercept data while in transit, they still couldn\u2019t access it without a decryption key. Beyond transit data should also be encrypted while at rest at the secondary backup location as well. In addition, organizations should allocate equal prioritization to the three foundational components of effective data management:<\/p>\n<ul>\n<li style=\"text-align: justify;\">Data Protection: Actively protect both primary and secondary data backups from loss, theft, compromise, and corruption with the ability to rapidly restore data after an incident.<\/li>\n<li style=\"text-align: justify;\">Data Storage: Create a well-defined security architecture that promotes the safe storage of data backups both on-premises and in the cloud.<\/li>\n<li style=\"text-align: justify;\">Data Compliance: Ensure all backup systems and network users continuously follow access policies that are compliant with federal and industry compliance regulations.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">It\u2019s still important to understand that primary and secondary backup systems weren\u2019t initially designed to defend against cybercrime, especially not from expert threat actors who leverage encrypted malware, double extortion, and phishing campaigns, among others, as core competencies of their TTP framework.<\/p>\n<p style=\"text-align: justify;\">At their inception, backups were made to preserve data in cases of file corruption or accidental removals \u2013 not ransomware. However, as cyber threats targeting data assets have intensified, they have emerged as a must-have tool within the enterprise data security arsenal. By implementing effective backup practices at scale, organizations can take proactive steps to strengthen their data security posture and safeguard sensitive files.<\/p>\n<p><span style=\"font-weight: 400;\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"speedbump-2\" href=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/data-protection-vendor-map\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-2786 size-full\" src=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2020\/02\/DP_VM_SB_800.jpg\" alt=\"Download link to Data Protection Vendor Map\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Solutions Review\u2019s Premium Content Series is a collection of contributed articles written by industry experts in enterprise software categories. In this feature, SANS Institute Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage. It\u2019s no secret that backup systems are critical to preserving sensitive data files from [&hellip;]<\/p>\n","protected":false},"author":715,"featured_media":5629,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[1285,1284],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Critical Role of Safe and Secure Backup System Storage<\/title>\n<meta name=\"description\" content=\"SANS Institute Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dr. Johannes Ullrich\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/\",\"name\":\"The Critical Role of Safe and Secure Backup System Storage\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg\",\"datePublished\":\"2023-06-16T18:36:14+00:00\",\"dateModified\":\"2023-08-11T14:41:01+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/c71084d684e50cbb59376ff8bd78b96b\"},\"description\":\"SANS Institute Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg\",\"width\":800,\"height\":400,\"caption\":\"The Critical Role of Safe and Secure Backup System Storage\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Critical Role of Safe and Secure Backup System Storage\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/\",\"name\":\"Best Backup and Disaster Recovery Tools, Software, Solutions &amp; Vendors\",\"description\":\"Solutions Review\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/c71084d684e50cbb59376ff8bd78b96b\",\"name\":\"Dr. Johannes Ullrich\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/50eb460929e37c3a3e7acdd87fb775cc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/50eb460929e37c3a3e7acdd87fb775cc?s=96&d=mm&r=g\",\"caption\":\"Dr. Johannes Ullrich\"},\"description\":\"Dr. Johannes Ullrich is the Dean of Research for SANS Technology Institute, a SANS Faculty Fellow, and founder of the Internet Storm Center. He is also the host of the SANS Internet Storm Center Daily Stormcast, a daily podcast that provides a brief 5-minute summary of current network security related events.\",\"url\":\"https:\/\/solutionsreview.com\/backup-disaster-recovery\/author\/jullrich\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Critical Role of Safe and Secure Backup System Storage","description":"SANS Institute Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/","twitter_misc":{"Written by":"Dr. Johannes Ullrich","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/","name":"The Critical Role of Safe and Secure Backup System Storage","isPartOf":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg","datePublished":"2023-06-16T18:36:14+00:00","dateModified":"2023-08-11T14:41:01+00:00","author":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/c71084d684e50cbb59376ff8bd78b96b"},"description":"SANS Institute Dean of Research Dr. Johannes Ullrich explains the critical role of safe and secure backup system storage.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#primaryimage","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg","contentUrl":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/files\/2023\/06\/Safe-Secure-Backup-System-Storage.jpg","width":800,"height":400,"caption":"The Critical Role of Safe and Secure Backup System Storage"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/the-critical-role-of-safe-and-secure-backup-system-storage\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/"},{"@type":"ListItem","position":2,"name":"The Critical Role of Safe and Secure Backup System Storage"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#website","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/","name":"Best Backup and Disaster Recovery Tools, Software, Solutions &amp; Vendors","description":"Solutions Review","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/c71084d684e50cbb59376ff8bd78b96b","name":"Dr. Johannes Ullrich","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/50eb460929e37c3a3e7acdd87fb775cc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/50eb460929e37c3a3e7acdd87fb775cc?s=96&d=mm&r=g","caption":"Dr. Johannes Ullrich"},"description":"Dr. Johannes Ullrich is the Dean of Research for SANS Technology Institute, a SANS Faculty Fellow, and founder of the Internet Storm Center. He is also the host of the SANS Internet Storm Center Daily Stormcast, a daily podcast that provides a brief 5-minute summary of current network security related events.","url":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/author\/jullrich\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/posts\/5614"}],"collection":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/users\/715"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/comments?post=5614"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/posts\/5614\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/media\/5629"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/media?parent=5614"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/categories?post=5614"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/backup-disaster-recovery\/wp-json\/wp\/v2\/tags?post=5614"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}