#AIR GAPPED BACKUPS WINDOWS#
Different OS – Use a backup server or service that runs on an OS other than Windows can go a long way. That’s another way to prevent compromised on-prem servers from attacking your backups. Different environment – Use a backup system that isn’t directly reachable via your LAN. An attack designed for one will probably not work on another. Consider doing as many of the following as you can:ĭifferent storage – Use a different storage type than what you use for your primary storage. The current best answer is to separate these two copies in as many ways as possible.
#AIR GAPPED BACKUPS HOW TO#
The question is how to make sure a hacker can’t access the primary and the secondary via an electronic hack. They might use it only for long-term storage if they use it at all. Most hackers don’t resort to physical attacks because they are just too risky, so air-gapping backups greatly reduces the risk that they will be compromised.Ī true air gap is to put backups on removable media such as tape and then physically separate them from the primary but many companies have moved on from tape as a protection mechanism. You might think that tapes stored in an off-site storage facility would be impervious to a physical attack via social engineering but that is definitely not the case. For hackers to attack your secondary copy, they needed to resort to a physical attack via social engineering.
That is not to say it was impossible it just made it harder. It was close to impossible for a hacker to attack both the primary and the backup. Instantly, there was a gap of air between your primary and your backup. You made a backup copy of your data and put it in a box, then you handed it to an Iron Mountain driver. It's still not impossible, just harder.Įveryone wants an air gap, but how to accomplish an air gap without using tapes? Back in the days of tape backup, it was easy to provide an air gap. By separating the backup from the primary via an air gap, you make it harder for a hacker to pull that off. If all backups are accessible via the same computers that might be attacked, it is possible that a hacker could use a compromised server to attack your backup server. This air gap accomplishes more than simple disaster recovery it is also very useful for protecting against hackers. It literally means there is a gap of air between the primary and the backup. Air Gap is a way of securing a copy of data by placing it on a machine on a network that is physically separate from the data it is backing up.
0 kommentar(er)
