云安全数据备份

Today’s enterprises are heavily dependent on technology and data to facilitate routine operations. The loss of systems and data can cripple an organization for days and in the worst case, run it out of business. That’s why data backups are so essential. But not just any backup will do.

当今的企业在 很大程度上依赖于技术 和数据来促进常规操作。 系统和数据的丢失可能使组织瘫痪数日，在最坏的情况下，它会使企业瘫痪。 这就是为什么数据备份如此重要。 但是，并非任何备份都可以。

Many business leaders and IT executives believe that the very existence of a process for replicating and storing business data is more than enough to keep the organization’s data secure. As many businesses have learned albeit too late, that can be a catastrophic presumption.

许多业务负责人和IT管理人员认为，复制和存储业务数据的过程的存在足以确保组织数据的安全。 正如许多企业了解的那样，尽管为时已晚，但这可能是灾难性的假设。

Data backups must be properly secured if they are to live up to their purpose. The following are some of the ways you can protect your data backups.

为了实现其目的，必须正确保护数据备份。 以下是一些保护数据备份的方法。

Image Source

图片来源

相应地调整您的政策 (Align Your Policies Accordingly)

Make sure your enterprise-wide security policies and procedures take into account back-up related considerations. Backups are essentially a replication of production data and systems. Ergo, whether it’s physical security or system access control, every security policy that applies to the production environment must be similarly and consistently applied to data backups.

确保您的企业范围的安全策略和过程考虑到与备份相关的注意事项。 备份本质上是生产数据和系统的复制。 因此，无论是物理安全还是系统访问控制，应用于生产环境的每个安全策略都必须类似且一致地应用于数据备份。

If that doesn’t happen, hackers and other malicious persons could use your backup environment to gain access to information they’d otherwise be unable to retrieve on the production system.

如果这没有发生，那么黑客和其他恶意程序可能会使用您的备份环境来访问他们在生产系统上否则将无法检索的信息。

异地存储备份 (Store Backups Offsite)

The rationale of backups is to ensure that in the event of an incident that renders production data unusable, the business can retrieve an identical copy of such data to ensure continuity. For this disaster recovery process to work well, the backups must be stored offsite.

备份的基本原理是确保在发生使生产数据无法使用的事件时，企业可以检索此类数据的相同副本以确保连续性。 为了使此灾难恢复过程正常运行，必须将备份存储在异地。

At the minimum, backups should be in a separate building. The best case scenario though is to store them in a completely different location or in the cloud. Remember that major disasters such as floods, earthquakes and powerful winds can destroy entire buildings. If production data and backups are within the same premises, they’ll be taken out at one go.

备份至少应位于单独的建筑物中。 不过，最好的情况是将它们存储在完全不同的位置或云中。 请记住，洪水，地震和强风等重大灾害会 毁坏整个建筑物 。 如果生产数据和备份位于同一场所，则将一次性取出它们。

加密 (Encrypt)

Encrypt your data backups if the backup software you use supports it. In fact, the absence of encryption capability should be reason enough for you to switch to different server backup solutions for business.

如果您使用的备份软件支持，则对数据备份进行加密。 实际上，缺乏加密功能应该足以让您切换到 用于业务的 其他 服务器备份解决方案 。

Whether you physically move your backup media to a remote site or are transferring the data to a cloud-based backup platform, your backups won’t enjoy quite the same degree of physical control as your production data does. Encrypting your data serves as an additional layer of defense if someone does get past access controls.

无论您是将备份媒体物理上移动到远程站点，还是将数据传输到基于云的备份平台，备份都不会像生产数据那样享受完全相同的物理控制。 如果有人确实获得了访问控制权，则对数据进行加密可作为额外的防御层。

使用防火设备和设施 (Use Fireproof Equipment and Facility)

Whether you store your backups on tape, optical disks, magnetic drives or network-attached storage, make sure the media is kept in a fireproof safe and a facility that has robust fire suppression systems. Note that not any fireproof safe will do.

无论您将备份存储在磁带，光盘，磁盘驱动器还是通过网络连接的存储上，请确保将介质保存在防火保险箱中，并且该设备具有强大的灭火系统。 请注意，没有任何防火保险箱可以使用。

Many organizations make the mistake of storing their backup media in safes that are only fire-rated for paper storage. The assumption is that any safe that can protect something as fragile as paper should be good enough for any other media. This can be a costly miscalculation.

许多组织错误地将备份媒体存储在仅防火的纸质保险箱中。 假定任何能保护像纸一样脆弱的东西的保险箱都应该对任何其他介质都足够好。 这可能是代价高昂的错误计算。

Backup media such as magnetic drives, tapes and optical disks have a lower melting point than paper. A paper-rated safe would thus only provide a false sense of security that will unravel in the event of a fire.

备份介质(例如磁驱动器，磁带和光盘)的熔点低于纸张。 因此，纸质保险柜只会提供一种虚假的安全感，在发生火灾时会散开。

审核备份相关的服务供应商 (Audit Backup-Related Service Vendors)

The backup process will usually involve the participation of several third parties. These range from the backup software and servers, to the physical premises manager and freight service provider. No matter how good your internal backup policies and procedures are, they won’t be as effective as they should if participating vendors aren’t adhering to the same principles.

备份过程通常将涉及多个第三方的参与。 这些范围从备份软件和服务器，到物理场所经理和货运服务提供商。 无论您的内部备份策略和过程多么出色，如果参与的供应商不遵循相同的原则，它们的效果都不会达到应有的水平。

Your backup procedure should involve periodic audits (once a year or once every two years) where you confirm that vendors are taking reasonable security measures when handling your backup data. Contracts are good but hardly sufficient. Trust but verify. Audit vendors to confirm they are doing what they commit to do.

备份过程应包括定期审核(一年一次或每两年一次)，在此过程中，您确认供应商在处理备份数据时已采取了合理的安全措施。 合同是好的，但几乎不够。 信任但要验证。 审核供应商以确认他们正在做他们承诺做的事情。

测试您的备份 (Test Your Backups)

Few things are more disappointing as trying to restore your backups after a major disaster only to find out that they don’t work or the files are corrupted. Your backups are only as good as your ability to restore them.

几乎没有什么事情比在重大灾难后尝试还原备份时发现自己无法使用或文件已损坏更令人失望。 您的备份与恢复它们的能力一样好。

Test your backups regularly to ensure that you have the right data, that it isn’t corrupted and (for old backups) that it is compatible with existing systems.

定期测试备份，以确保您拥有正确的数据，未损坏的数据以及(对于旧备份)与现有系统兼容的数据。

Review your data backup procedures and use these tips to identify any gaps. Some loopholes may seem minor but they can make the difference between whether or not your business recovers from the loss of your production systems.

查看您的数据备份过程，并使用这些技巧来找出任何差距。 某些漏洞看似很小，但它们可以使您的企业是否从生产系统丢失中恢复过来。

Checkout Alpine Security for cybersecurity services and training.

Checkout Alpine Security提供网络安全服务和培训。

翻译自: https://www.thecrazyprogrammer.com/2018/10/6-tips-to-make-your-business-data-backups-secure.html

云安全数据备份