Protection
Data Protection
Physical protection
- Ensuring that servers and critical hardware are contained within a locked room.
Protection against accidental physical damage
- Ensure that hardware is protected against flooding, fires and acts of nature such as hurricanes
Security Policies
- Ensuring that staff are vetted as necessary
- Ensuring that security policies are properly communicated and enforced
Network policies
- Ensuring that network User Access Levels are in place so that people can only view/edit/delete files that they should have access to.
- Ensuring data is automatically backed up to onsite/offsite and online/offline locations as necessary.
- Ensuring that software systems are regularly updated with the most secure versions.
Backup Factors
Backup Factors to consider
It is important that organizations have a plan in place for if their data gets deleted.
When creating a backup plan there are a number of factor to consider:
Where is the data going to be backed up to?
- Are you going to back the data up onsite, offsite or in the cloud?
- Are you going to back up the data to multiple locations?
What medium(s) are you going to back up the data to?
- Are you going to back up to….?
- DVD – to post to an offsite location and to redistribute
- HDD – fast and reliable with a fairly high capacity
- SSD – very fast but low capacity
- Tape Drive – Very high capacity but very slow to backup / restore
- Cloud – Multiple locations makes it reliable but not as secure
When are you going to perform backups?
- The backup might tie up network bandwidth so may be best to do in the evening
- Is there a specific event that the data should be backed up before (such as server upgrades)
How often will the data be backed up?
- Higher frequency means the backups are more current but it also increases storage requirements and network traffic usage
What data are you going to backup?
- Does all the data need backed up or are there certain files that are more important than others?
How is the backup going to happen?
- Is the process going to manual, semi automated or fully automated?
- How will you check if the backup is successful?
Who is responsible?
- Who is responsible for making sure the backups happen / are successful?
What is the procedure?
- What is the backup procedure?
- Where is it written down?
- What happens if somebody leaves the organization or is ill?
Backup Types
Backup Types – Full, Incremental & Differential
Full Backups
A full backup is where all the data contained on a drive / location is backed up every single time. This has the advantage that if there is a problem then any of the backup images can be used to restore the lost data. If there was a hack within the last few days then an older backup image can be used that is hack-free.
A big disadvantage of full backups are the storage size of the backups, which will increase in size by the entire contents of the drive every single time you do a backup. Also if the data is being backed up off-site then the backup will be a huge drain on network resources.
Incremental Backups
Full backups are quite wasteful, especially if most of the data doesn’t change on a daily basis (as is the case with most websites or office server data)
A more sensible solution is to perform a full backup on a monthly basis and then in between each full backup perform an incremental backup daily. An incremental backup only backs up data that has either been added or changed since the last full backup. This compromise allows the advantages of daily backups but without the massive storage requirements issue.
RAID
RAID Types
Onsite/Offsite
Onsite vs Offsite Backups
Onsite Backup
This is where the backups are stored in the same building as the source storage device, but on a separate storage device
- Easy, quick and cheap to restore if you have a hardware fault
- Vulnerable to physical attacks and natural disasters
Offsite Backup
This is where the backup data is stored in a different geographical location to the original data. This could be in a different location owned by the organisation or hosted and managed by a third party backup specialist.
- Reduced vulnerability to physical security issues.
- Slower to restore than an onsite backup
- Can be more expensive
- Increased vulnerability to online security issues due to the increased number of attack vectors.
Online/Offline
Online vs Offline Backups
Online backups
- Quick and easy to backup, manage and restore
- Vulnerable to web-based attacks and accidently deletion
Offline backups
- slower to backup and restore
- less vulnerable to remote attacks and accidental deletion
Cloud
Cloud Backups
Cloud storage is a type of offsite storage. Data is stored and duplicated across multiple servers world-wide, which in theory adds a significant amount of redundancy.
- Data can be accessed quickly and easily from multiple locations world-wide.
- Cloud storage is usually cheaper (especially in terms of up-front costs)
- The client doesn’t know where or how their data is stored
- Highly vulnerable to online attack, due to the large number of attack vectors.