February 12 2024

A backup that can be deleted is not a secure backup.

Strengthening Backup Security: Effective Strategies to Protect Corporate Data from Deletion and Malicious Alteration

In an era where digitalization has reached unprecedented levels, cybersecurity has become a top priority for companies of all sizes. One of the most critical aspects of this security is backup management. Many focus on creating redundant and resilient backup systems, but few stop to think about one crucial aspect: what would happen if an attacker managed to gain administrative control of the system on which the backup resides?

The Ignored Risk

Let's imagine a scenario in which the site “pippo.it”, which uses WordPress, is compromised through a vulnerability in one of its plugins. This breach allows an attacker to exploit a flaw, perhaps in the kernel, gaining root privileges on the system. At this point, the attacker could decide to delete the website and, having access to the root user's RSA key, use it to access the backup system and delete all traces of existing backups.

Another scenario could see the attacker use the backup system itself to launch a command that deletes all backups from the last 60 days, completely emptying the repository and leaving the company without the website and without any possibility of recovery.

These scenarios, unfortunately realistic, highlight an inconvenient truth: a backup system that allows the deletion of data, even if managed through procedures that seem legitimate, cannot be considered safe.

Security in Backup Systems

When talking about data security, the focus should not be limited to the redundancy or resilience of backup systems, but extend to their impenetrability and absolute integrity. The true security measure in a backup system lies in its ability to make data immune from any attempt at unauthorized access or alteration. In this context, implementing immutable backups emerges as a key strategy. These backups, once written, cannot be modified or deleted, even by the user with the highest access credentials. This feature ensures that regardless of threats, your data remains intact and secure.

To achieve such a high level of security, it is crucial to adopt the principle of least privilege, limiting access to backup systems only to strictly necessary personnel and constantly monitoring all activities. Authentication protocols must be robust, moving beyond simple RSA key-based authentication to include more sophisticated methods such as multifactor authentication, which adds an additional layer of protection.

Furthermore, designing a secure backup system requires an architecture that categorically excludes direct SSH access to backup servers, thus preventing any attempts to manipulate data remotely. This also implies a strict command management policy, which should never allow backups to be deleted, even if apparently authorized by a backup client. Creating an environment in which backups are immutable and inaccessible to deletion, whether intentional or otherwise, provides the foundation for iron-clad data security.

Immutable backups act as a bulwark against a wide range of threats, including ransomware attacks that aim to encrypt or delete data for ransom. With backups made unalterable, companies can quickly restore their systems without giving in to attackers' demands, thus ensuring operational continuity and protection of critical data.

Open Source Security: Borg and Restic

Fortunately, there are open source tools that can offer adequate levels of security for managing backups. Deposit e Restic, eg, offer so-called “Append Only” operating modes, which prevent the deletion of backups by attackers who manage to obtain elevated privileges on the system. This feature is particularly important not only to protect data from external attacks, but also to prevent malicious actions by disloyal employees.

Implementing an Append Only mode means that even if an attacker or employee with access to backup keys decides to delete the data, the system simply won't let them. This type of protection adds a critical layer of security, ensuring that backups remain intact and available even in the face of sabotage attempts.

Conclusion: True Backup Security

The security of a backup system is not only measured by its ability to resist hardware failures or human errors, but also and above all by its resilience against targeted cyber attacks. A backup that can be deleted, no matter how technically advanced, does not offer the security guarantee that businesses desperately need in the digital age.

Solutions exist and are within reach. Tools like Borg and Restic, with their Append Only modes, offer a concrete example of how it is possible to build backup systems that not only safeguard data but also ensure that it remains safe from anyone who intends to delete it. Ultimately, backup security is a critical pillar of a company's overall cybersecurity, and as such, deserves proper consideration and effort.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.

0256569681

Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.

INFORMATION

Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

Back to top