Backup and restore networks are critical for business continuity. Enterprises must ensure that its backup and restore environments are secured. During the last few months there have been several data thefts. To name a few: Loss of a 30GB drive belonging to one of Canada's largest insurance companies, intruders stealing 8 million Visa, MasterCard, American Express and Discover credit card numbers from an Omaha-based company and loss of personal information of 55,000 students from the University of Texas last March.
There are two parts to securing the backup environment:
The data in transit to the backup storage should be secured or securing "data in flight."
| Dr. Vijay Ahuja
Founder and President, Cipher Solutions Inc.
| Dr. Vijay Ahuja is the president and founder of Cipher Solutions Inc., a professional services company that assists its clients in implementing storage security and offers customized seminars on storage and network security issues. Dr. Ahuja has been an industry leader in network security and more recently in storage security.
The data residing in the backup storage should be secured, or securing "data in store."
To secure data in flight, typically, an IPSec-based solution may be deployed. This is because backup networks are often built around IP networks. By implementing IPSec devices at the two ends of the backup network, the data traffic can be secured over the IP network. Some of the storage backup vendors provide this facility. Alternatively, some of the high-speed VPN appliances in the market may be deployed.
Protecting data in backup store is, in some ways, more critical to secure than data in flight. Here, the data is residing in the backup store for an indefinite period. The attacker has almost an unlimited time period to attempt various penetration attacks. The enterprise has the following choices:
Secure the data by implementing technologies in the backup storage devices. This requires the backup storage vendor to offer ways to secure the data.
Implement an appliance that can encrypt data at some point in the storage network. The enterprise may implement security just before data is sent for backup; or better still, at the place where data is generated. Some of the backup vendors offer encrypting data. However, the customer must maintain the custody of the encryption keys. There are also some standalone storage security appliance vendors that offer support for securing data as it is sent to tape storage.
Finally, the enterprise may want to secure only the sensitive information. Such an approach is both prudent and efficient. This may lead to including security at the application layer-- another way to address the security for data in backup store. It can reduce the amount of data to be encrypted and managed in the backup. Instead of implementing one of the above, an enterprise may choose to simply define and enforce certain best practices for securing the backup environment. Implementing best security policies and practices may address many, but not all, of the vulnerabilities to stored data. The option of not doing any of the above can only lead to a painful recovery after a disaster or an unscheduled failure. Remember that backing up data is necessary, but it is not sufficient as long as the backup environment is not secured.
This was last published in October 2003
Dig Deeper on Campus area network