Salutations! If you are new to the series start with Day 1. If you are caught up, let’s get hunting. Today we continue on with the ultra-important topic of data backups and Digital Crisis Recovery.
Yesterday we worked to ensure we had backups for each of our critical digital assets and we checked that we could actually recover data from those backups. Today we will work to secure those backups so that the bad guys don’t use them against us. If attackers get access to your network they will immediately begin searching for your hot backups…these backups contain all of your most sensitive data so even if the criminal can’t get control of all your systems…if he can get your backups they will likely contain everything he needs to try to extort money from you or your clients or partners. On top of that, your backups contain passwords that will allow him to access all of your systems. To stop that from happening, encrypt your backups with a unique password and store the password some place secure like a digital secrets vault. If you use a backup provider ask:
- Are my backups encrypted?
- What encryption method is used?
- Does my encryption use a unique key or is it a shared key used by more than 1 of your clients?
- How was my key generated?
- Where is my key stored?
Chances are your backup provider’s point of contact may assume the backups are encrypted and say yes to question 1 but be unable to provide answers to 2-5…this may be because the backups aren’t really encrypted or they may need to get the technical Subject Matter Expert (SME) on the call because they don’t deal with the technical aspects. Ask them to arrange a discussion with the SME as needed to get solid answers to the 5 questions above. If the SME can’t answer these questions you can safely assume the backups are not encrypted.
If you have any questions, as always, please reach out to connect. Happy Hunting!!
CTO / Principal Engineer