Backup Security Measures

Backup and recovery policies are essential for most of operating systems. Many system managers use a layered backup schedule. Written procedures and rules are required elements of system management. Backing up files is an important system administrator task. The backup files are used for restoring system to previous state whenever system fails. Backup encryption is one of many activities that contributes to a comprehensive security strategy.

Types of Backup :

1. Full Backup –
   A full backup is a backup where every single file (including system and user files) is written to backup media. Full backup does not check if a file has changed since last backup it just blindly writes everything to the backup media.

2. Incremental Backup –
   It checks file modification time. If modification time is recent than its last backup time, then it takes a backup otherwise not. Incremental backup is also used with a full backup. It is faster than a full backup. A major disadvantage with incremental backup is that it takes a longer time for restoration. Incremental backups pose threat of operator error.
3. Differential Backup –
   It contains all files modified since last full backup, making it possible to perform a complete restoration with only last full backup and last differential backup.

4. Network Backup –
   It backing up a file system from one machine onto a backup device connected to another machine. It is referred to as a remote or network backup.

Data is life-blood of business and must be guarded against malicious intent while in active state on production servers or preserved state on tape.

Backup security measures are as follows :

• Assign accountability, responsibility, and authority –
  Storage security function should be included in company’s security policy. Some companies create a storage team for taking backup. Even after creating a separate team, company still must integrate any storage and backup security measures with those that secure rest of infrastructure It provides defense-in-depth protection. If data is highly sensitive, then duties are divided into a number of working members.

• Assess storage risk as it pertains to information security –
  Risk assessment is a structured and systematic procedure, which is dependent upon correct identification of hazards. Managers must examine each step of their backup methodology looking for
  security vulnerabilities. lt is necessary to perform a risk analysis of entire backup process. Many times data is duplicated throughout environment. It is important to have policies and procedures that provide a good understanding of where data lives at any point in time.

• Develop an information protection program –
  Multilayer data protection system is used for providing security to storage network. Authentication, authorization, encryption, and auditing are examples of multilayer protection system. Encrypt data as it’s stored to hard disk preventing even other people with access to that system to access those files.

• Communicate processes around information protection and security –
  Its time to define process to ensure that sensitive data is properly protected and handled. It is important to ensure that people responsible for carrying out their security are informed and trained. Security policies are most important aspect of assigning accountability, responsibility, and authority.