Backup system (security)
The backup copy which is stored separately survives even then when all hard drives were intentionally formatted. And it is already possible to call backup one of means of protecting from the potential attacks from the outside or from within. Hold old archive copies on an equal basis with fresh — one more benefit of backup and an irreplaceable method to escape in a situation when lost some important data, but missed very at a distant day.
The directory of solutions and projects of backup is available on TAdviser.
Content |
Direction of the attack
- Attack on an account. It is aggravated also with the fact that blocking of an account after unsuccessful attempts of an input is inadmissible as it is integrated to a possibility of the attack on failure in service.
- The attacks through the file system (character links and various reysa, attacks on possible overrun errors of the buffer, format lines, access to files of archives, etc.).
- Attacks on network components — perhaps, the most serious of threats. By our time disappeared it is known of one commercial backup system of enterprise scales in which would not detect vulnerability of network components. Let's not forget also that agents of backup are established not on the backup-server, and in storage locations of data. So the problem acquires new dangers!
- Attacks on vulnerabilities in interaction with other components. For example, in the file system intentionally place a virus that the antivirus stopped process of backup on file access.
Threats and risks
Physical threats
Here backup out of competition: it is easy to make it on the machine which is in rather remote premises. The backup copy on the external carrier, for example on a tape, it is easy to put in a safety-deposit box where she will escape even from serious cataclysms. Any server premises are always the premises with the increased danger. The fire can happen even under water. Can flood with water even if there is no fire. All similar "catastrophic" situations seem improbable only until you face them. And the big company with territorially scattered branches surely will suffer sooner or later from cataclysms.
Risks at implementation
Any profitable technology surely has also the back. The losses connected with the cost of the equipment, the software and the human resources necessary on implementation and maintenance of backup — there is more to come. Backup has rather serious risks connected with data security.
Risks at storage
It is often much more difficult to ensure safety to removable media, than save whole and safe, for example, a file server. Backup procedure and further storage, accounting and control of the copy should be organized so that to exclude its carrying out or even short-term access for strangers to the backup copy.
Risks of process of copying
As a rule, backup is automatic. For data access the increased privileges usually are required. So the process providing backup is started from under an account with the increased privileges — here and a certain risk creeps in.
Advantages of "clouds" in data protection
Emergence of a possibility of data backup online became one of the most considerable news in information security field in Russia.
This function became possible because of use of special technologies thanks to which a system will recognize changes in files at the level of small data packets. Thus on the server only the changed fragments of files get that many times increases speed of backup of documents. This technology allows to prevent risk of loss of information as a result of accidental or deliberate removal of information as backup is performed on the set diagram. Data go to the server, an access to which the staff of the organization has. The server can be owned, management and operation by both the organization, and the third party, and physically it can be as inside, and out of the owner's jurisdiction.
Use of this system is relevant and gains popularity as a trend of the last years is the organization of electronic archive of documents and transition of the companies to the "paperless" workflow system. The trend came to the Russian market from the beginning of use of "cloud" technologies in the middle of the first decade of 21 centuries.
Cloud computing (engl. cloud computing, is also used the term Cloud (scattered) data processing) is technologies of data processing in which computer resources and capacities are provided to the user as Internet service. The user has access to own data, but should not care for infrastructure, the operating system and actually the software with which it works. Their use means itself lack of the physical medium in which data register.
Document storage on the server is also effective due to the lack of risk factors of mechanical damage of the magnetic tape as a result of accident. It is essential plus which is noted by many experts of the industry. Plus to everything a system is constructed in such a way that data cannot be deleted intentionally. It protects the organization from attempts of industrial espionage that is especially valuable in the companies with the high cost of information.
Find Nvozmozhno a field of activity in which information technologies are not used. Having analyzed a situation, we with confidence can tell that about a half of the market of this area is directed to provision of services on preserving of confidentiality and data protection. In spite of the fact that some organizations still use magnetic carriers, in the Russian market the trend of transition to "cloud" technologies firmly was fixed.
See Also