What do you do when your site is attacked or your system fails? Backup, Avi Rubin argues, is the most reliable way to ensure that what you've lost can be recovered. Here he takes a look at protecting your backup and recommends some products that can help. . . .
What do you do when your site is attacked or your system fails? Backup, Avi Rubin argues, is the most reliable way to ensure that what you've lost can be recovered. Here he takes a look at protecting your backup and recommends some products that can help.

Backup is one of the most overlooked processes in Web security, but it is crucial for recovering from loss due to accidental or malicious failure. You would be hard pressed to find a person or organization that hasn't had to restore a backup at some point. When faced with data loss or corruption, the backup archive is one of the most appreciated and loved objects in the entire universe.

Even though backup tapes contain data that is just as sensitive as the data being backed up, they rarely receive the same protection as the original data itself. Why is that? The purpose of backup is to recover after some kind of problem, so if encrypted data is backed up in its encrypted form, what happens if the unfortunate event that led to the data loss also results in lost keys? Encrypted backups without the keys are about as useful as a wad of cash on a desert island. It seems they should be worth something, but trying to use them proves futile.

The link for this article located at SunWorld is no longer available.