Secure your recovery strategy

Make sure your backup and recovery setup is just as secure as your main environment, including security controls and frequency of backup.

You should always have a clean, safe version of your system ready to go in case something goes wrong. That way, you can switch over to a secure backup system and restore data without introducing any threats.

An ineffecient recovery process can slow down recovery, which can cause you to miss recovery targets. For example, a security problem like encrypted backup data that you can’t decipher or corrupted backup data might slow down recovery.

Contoso’s challenge

  • The system runs in active-active mode across regions, and the team has a disaster recovery plan to help restore operations in worst case scenarios.
  • Part of this plan involves sending backups to a third region in the United States.
  • During a recent drill, they found out those backups were being stored in a system that wasn’t checked often and didn’t have strong security.
  • All the backups have been infected with malware. If they had a real disaster at that time, they wouldn’t have been able to recover successfully.

Applying the approach and outcomes

  • The team invested time and effort to secure the backup location. They added stronger network and identity protections, and now backups are stored in a way that can’t be changed or tampered with.
  • After reviewing their security controls, the team finds that during the recovery process, the application runs without a WAF for a period of time. They change the order of operations to close that gap.
  • The team is confident that the backups and the recovery process are much more secure and not easy targets anymore.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *