12 May,2021 by Rambler
In this age of Ransomware , backups and protection of backups is critical. One question asked in any review of database protection against attacks is whether the backups are immutable?
Definition of immutable backups: Immutable backups means that the backup is unchangeable , never deleted or can be changed.
This feature is very important against accidental or intentional deletion of backups. A related term is WORM - (Write once read many) - essentially locks backup data from random changes. If WORM enabled storage is also part of a least privilege security architecture - based on zero trust , than this adds extra protection.
Once you begin to delve into immutable backups you get into all sorts of questions - such as : You may have an immutable backup - but if your backup has been infected with malware and you restore back into the Production system - what will happen? So how does a DBA actually protect the systems from the backup architecture itself
Immutable backups themselves are very useful - but further questions need to be asked about processes around backups , which may be corrupted and mask other activity.:
1)Are the backups jobs being monitored? Not for backup failure but the deletion of the job.
2)How are notifications processed ?
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |