Local data backups are still an essential element of an effective security program for many organizations, even in the age of Amazon Web Services, Google Cloud, and Microsoft Azure. We can attribute a significant percentage of security breaches to mishandled local data backups.
The process of replicating sensitive data isn’t the only thing that you need to keep your organization secure. What you do with the data backups after the fact can introduce an entirely different set of risks.
5 ways to help secure your local data backups:
- Update Your Security Policies: Set-up your security policies to include local backup related systems within their scope. Almost every type of security policy, including access controls and physical security, applies directly to local data backups.
- Plan for the Worst: Include your local backup systems in your disaster recovery and incident response plans. Local data backups can be breached, compromised, or destroyed. These events can affect your local backup systems and you need to have a plan outlining what you’re going to do if that time comes.
- Encrypt Your Backups: Encrypt your local backups if your software and/or hardware supports it. As with laptop computers and other mobile devices, local backup media needs to be encrypted with strong passphrases. You should consider properly implemented and managed encryption as your first line of defense. (You can use Bitlocker to encrypt a Windows 10 hard drive or set your MacOS to encrypt your hard drive.)
- Choose Your Storage Location: However you choose to store your local backups (tape, network-attached storage, or external drives) be sure to physically control access to backup storage locations. Handle your local backup media as you would any other critical hardware.
- Check Your Vendors: Research the security measures that your vendors for offsite storage, data center, and courier services have in place to ensure that your local backups remain safe in their hands. Service level agreements do offer fallback measures but they won’t keep sensitive data from being exposed. You want to know that vendors with access to your local backups are following reasonable and consistent security measures.
Know your vulnerabilities before your organization is impacted. Look at both your local data backup processes and systems to identify where the gaps are before it’s too late. When you need a local backup (if ever!), you’ll be grateful you took preventative steps to protect your business operations.