Implement secure backups
All information and examples presented in this article are only implementation recommendations aimed at ensuring secure backups, in accordance with Stoïk's policies.
It is important to note that this article and the guides cited are not contractually binding.
Every company is exposed to serious consequences in the event of a cyberattack, such as loss of business data and loss of availability, thereby impacting business continuity. When such situations arise, restoring the information system becomes a major challenge for the resumption of business activities. The success of this restoration depends mainly on the quality and frequency of backups performed on the information system.
What are the conditions for benefiting from Stoik cyber insurance?
Examples of offline backup solutions
Example of Unsecured Backups in the event of compromise
What are the conditions for benefiting from Stoik cyber insurance?
Stoik cyber insurance imposes strict requirements for backup policies during the customised underwriting process, which is defined by the company's activity, turnover or risk exposure. We require that at least one weekly backup be
stored offline
or on an immutable storage device
⇒ with a minimum retention period of two weeks.
If backups cannot be offline or immutable, another option—less recommended—is possible: "secure backup". The backup remains physically connected, but must meet the following requirements:
Backup system outside the AD domain
Backup system separated from the rest of the network by a firewall
Deletion/modification of backups is only possible via a web interface secured by MFA.
In other words, even with an administrator account on your network, you should not be able to delete backups. During ransomware incidents, attackers will most likely compromise Active Directory domain administrator accounts and your cloud administration accounts. This is why it is essential that even with such permissions, backups cannot be deleted.
Types of backups
Offline backups
External hard drives, USB keys, NAS disconnected from the network, magnetic tapes (LTO, DLT)
Highest level of security against an attacker who has compromised the IS, as backups are not accessible over the network.
✅
Immutable online backups (Cloud)
Cloud services with immutability features (AWS S3 Object Lock, Azure Blob Storage with WORM locking)
Although backups are accessible online, immutability features prevent unauthorised modifications and offer robust protection.
✅
Online backups (On-Premise or Data Centre)
Remote backup servers with strictly controlled and limited network access
Less secure than offline backups, but offers reasonable protection against attacks if network access is isolated from the company. E.g.: Specific VLAN, separate from Active Directory, access to the environment limited to an administrator with MFA)
✅ / ⛔
Non-immutable online backups (Cloud)
Cloud services such as Dropbox, Google Drive, Microsoft OneDrive without WORM locking
Although easy to use, backups are accessible online and potentially vulnerable to attacks.
⛔
Local backups
Internal or connected hard drives, incremental backup on local server, RAID mirroring
Least secure solution against an attacker who has compromised the IS, as backups are stored locally and can be easily compromised.
⛔
Secured*: This term refers to securing backups in the event of a standard ransomware attack aimed at deleting all of the company's data.
Examples of offline backup solutions
Magnetic tapes (LTO, DLT)
Rotate between at least two tapes so that one tape is always disconnected from the information system.
NAS disconnected
Periodically connect a NAS to the network to perform the backup, then disconnect it. Alternate between multiple NAS devices to ensure that each device captures the latest changes. When NAS devices are not being used for backups, disconnect them from the network.
External hard drives or USB flash drives
Periodically connect the external device to the backup server to perform the backup, then disconnect it. Alternate between multiple devices to ensure that each device captures the latest changes. When the devices are not being used for backups, disconnect them and store them in a secure location.
Examples of Immutable Backup
Examples of immutable backup solutions/services with cloud hosting
Acronis Cyber Protect Cloud
Cloud Storage version >= 4.7.1 Agent version >= 21.12 Immutability is not supported prior to these versions.
Examples of Immutable Backup solutions/services with local hosting
Veeam Linux Hardened Repository
Veeam version >= 11 Immutability is not supported prior to version 11. Security hardening must be performed around the storage server (see documentation).
Synology
Example of Unsecured Backups in the event of compromise
Dropbox
Deleted files are sent to the recycle bin where they can be restored, but these restore points can also be deleted.
Sharepoint
Onedrive
Google Drive
Immutable NAS
The immutability of the NAS is provided by a software layer installed on the operating system: destruction of the disks by the system or of the system itself remains possible.
Outsourced data centre with permanent network connection
This type of outsourcing is similar to having a local file server: in the event of a ransomware attack, data destruction will also be carried out within the data centre via the network link that has been set up.
Non-immutable cloud storage
If access to the administrator account on the cloud is compromised, the attacker can simply delete the storage and backups.
Last updated
Was this helpful?