
Consistent backup protocols are a hallmark of effective data security, but it may not be as simple as many organizations think. IT professional Brien Posey wrote on TechTarget that, although encryption is a good start for helping to make sure these backups are secure as possible, there needs to be more security of this information than simply that. One thing to look out for is the use of service accounts, he wrote, which is a user account used to provide security context under which a backup takes place. These must be guarded before they become what he call a "security black hole."
"Not every backup product uses service accounts, but there are some general best practices for those that do," he said. "First, avoid using a service account to run backup agents if at all possible (most modern backup agents do not require a service account). It's better to use the Local System account instead. If the backup server requires a service account to communicate with protected servers or backup targets, then it is best to use a dedicated service account with a very strong password."
These service accounts should be given inconspicuous names, Posey wrote, as too obvious a name will let any hacker who might be looking at the network get an easy lot of data to steal. After this, it is important for companies to be sure employees have clearly defined access privileges mapped to their unique job roles. No employee in a business needs access to the whole lot of data, so there must be logging in place to ensure only those who truly need it have access to high-value information.
Physical security is not to be overlooked either, Posey said, as this is one of the most important aspects of preserving backup integrity. This is especially true for companies that back up to on-site disk, but even in a cloud backup scenario, businesses must have certain assurances that the data is being kept physically safe.
Although the backup effort can be very difficult in many instances, PCWorld said there are ways to take the pain out transitioning to a new model. The website said companies can first decide what they want to backup, understand what environment the data exists in and find techniques that best lineup with how the business works. Protecting the most essential information will help the company get back up and running if an incident does occur. After this, organizations will need to make sure processes and procedures are in place to ensure backups are done properly and be sure copies can be successfully restored.
"Be sure that you have adequate time to back up all the data that's important to your business, and be sure to understand the time required to restore that data in case of loss or corruption," the website said. "You'll also need to regularly check and test your equipment, media, and processes."
Data Security News from SimplySecurity.com by Trend Micro