Reading Time: 3 minutes

In the event of a ransomware attack, the backup data is crucial for recovery. Therefore, the security of the backup environment requires special care. Last year’s events have shown that backup servers and their data storage can be attacked in a systematic approach and thus become inoperable. Once the backup data and/or metadata are encrypted, it is no longer possible to restore the production environment.

The following points will help you to quickly evaluate existing backup environments for possible risks. The primary aim is to increase the security of the system through configurations and processes. An investment in additional storage or other hardware is not the focus here.

What can be checked in the short term?

  • The backup server and repositories should not be in the same domain
  • Check backup admin roles and permissions (do not manage everything via one account)
  • Backup service accounts should only have the essential permissions
  • Check the password strength
  • Is the backup data stored in a third copy (3-2-1 rule) on secure storage (tape, object storage)?
  • Store the third copy on S3 storage in the cloud (public/private)
  • Review and assess the protection of the backup metadata and perform a backup test if necessary

Further steps should then be considered in detail, depending on the backup software used. The manufacturers offer different options for further securing the backup environments. This also includes evaluating the storage systems you are using (block, file, object, tape). The SVA Software, Inc. specialists can assist you effectively in these areas.

The original version of this article by Michael Todt (SVA System Vertrieb Alexander GmbH) can be found at https://focus.sva.de/ransomware-protection-quick-check-der-backupumgebungen/.

SVA Software, Inc.

provides solutions to secure, monitor, improve and troubleshoot the data and performance of your IT infrastructure, get in contact with us for more information.

  • General IT infrastructure automated monitoring: check out more about BVQ which provides transparency on the status and communication of your entire infrastructure from the compute to the Storage and SAN layers. (link)
  • Mainframe performance optimization: visit our Mainframe Service platform that provides solutions from reporting up to automated dynamic capping and maintenance. (link)
  • Ensuring data quality of your backup & archive data on tape media: visit our Tape Audit Tool solution which provides automated auditing on the quality of your backup data and ensure the data can be read when needed. (link)
  • Disaster Recovery: visit our IDR solution which provides a stand-alone application that makes it easy to be Disaster Ready. (link)
  • VMware License Management: visit our GetVMware solution which helps you manage and decrease the licensing cost of your VMware infrastructure using different dashboards and tables in Splunk. (link)