The rising threat of ransomware and data-specific attacks is leading many organizations to adopt a new data backup and recovery model that incorporates cloud-based storage. While most established enterprises already have backup and replicated data in place for business continuity and disaster recovery purposes, the emergence of ransomware has prompted some organizations to consider isolated backups. These backups are not accessible from the core corporate environment without making infrastructure changes or requiring extensive administrative authentication.
To protect against ransomware attacks, organizations are employing various tactics for cloud backup ransomware protection. One approach involves creating a new network segment within the organization’s environment specifically for these backups. This segment is protected by a firewall with strict security rules, which are only relaxed when the data is needed or for replication purposes. Another strategy is to create an isolated cloud-based backup system that incorporates both on-premises and cloud-based network restrictions. This backup can be located in a secondary or backup data center. Additionally, multiple administrators are required to collaboratively enter credentials and provide multifactor authentication information for added security.
Developing a cloud backup strategy requires collaboration between different departments within an organization. IT operations teams should determine the types of data that need to be backed up and the length of time the data should be stored. BCDR planning teams should align the data with standard metrics such as mean time to recovery, recovery time objective, and recovery point objective. Information security teams should focus on the sensitivity of the data and evaluate the security controls available in the cloud to protect it. Legal and compliance teams should ensure that all storage and archival requirements meet industry and best practices.
To ensure the security of cloud storage, organizations should ask their providers a series of questions. These questions should cover topics such as data center security, storage architecture and network security, storage access and management security, and security processes. For data center security, organizations should inquire about the physical access restrictions in place and the security methods required for access. They should also ask about the monitoring and surveillance measures implemented and the background checks performed on data center employees. Additionally, organizations should inquire about intrusion alerts and the response plan in case of a breach.
Storage architecture and network security are also important considerations. Organizations should ask about the authentication methods required for users accessing storage components and whether secure configurations are mandated. They should also inquire about the security event monitoring and logging practices and the technologies used for multi-tenancy deployment and data segmentation. It is essential to determine whether network device user permissions and passwords are audited and if systems servicing each customer are segregated from other network zones.
When it comes to storage access and management security, organizations should assess the encryption methods used for storing user passwords and whether secure connectivity protocols are supported. They should also inquire about user session timeouts and the ability to define granular administrator roles and privileges. Finally, organizations should ask about the cloud storage provider’s software testing and development security practices, patching and vulnerability management processes, and incident response procedures.
Cloud-based storage complements existing data backup strategies employed by mature organizations. These strategies include on-premises backups using tape or disk, large-scale replication of virtual data contents, and secondary backups sent to an off-premises provider. In the face of ransomware concerns, short-term isolated backups for end-user content and critical assets in the core data center can be considered.
In conclusion, organizations are increasingly adopting cloud-based storage for data backup and recovery to protect against ransomware and data-specific attacks. By implementing isolated backups and incorporating stringent security measures, organizations can enhance their resilience to these threats. Collaboration between different departments is crucial for developing an effective cloud backup strategy, and organizations should thoroughly evaluate their cloud storage providers’ security practices to ensure the protection of their data.