Backup security

3 times when a solid backup saved the day

Though it happened in 1998, the lessons learned from the accidental erasure of Pixar’s now-classic “Toy Story 2” still resonate today. IT personnel must constantly work to improve recovery rates after inevitable data loss and damage. The number one lesson:  Backup security is a high priority. Use routine backup procedures, and then back up your backups.

Learn from these Backup Successes and Failures

Toy Story 2” was almost lost (or would have been twice as expensive to make) due to wide-open access opportunities and a series of backup failures. If you’re concerned about losing your critical corporate data, read on to find out why that fear is justified now more than ever.

The Near-death and Rebirth of “Toy Story 2”

The sequel to “Toy Story” reunites Woody with his buddies, but it almost disappeared forever because of technical glitches and operator errors:

  • A programming error accidentally commanded the master machine to delete all files below the movie’s root level, which comprised 90% of the movie.
  • Pixar’s film-making process gave virtually all 400 employees open access to the master machine. Any of them could have entered the erroneous directive.
  • The “backup” tape–which was an actual “tape”–had a capacity of 4 gigabytes. Once it was full, it would continue to add new data by “pushing off” older data. Even its error log had its contents erased to make room for subsequent “backups.”

Pixar eventually restored the film, but they scrapped it and spent nine months remaking it.

Backups Matter

The Pixar example underscores the value of having a backup system to ensure that critical work is either usable or restorable after a disaster or breach. Today, backups are more important than ever, as cyber thieves are now targeting backups and main drives:

  • Last year’s WannaCry and NotPetya ransomware attacks caused millions of dollars in losses. Those losses were magnified because the targeted organizations couldn’t access valuable backup files while they addressed the consequences of the attacks.
  • More recently, hackers have begun targeting backups. A new variant of CryptoLocker (a 2013 ransomware bug) is now targeting the shadow copies created by Window’s OS and has been aiming at the automated backup process on the Mac OS X since 2015.

Securing the Backup

IT security professionals are expanding their warnings about managing backups to retain capacities during targeted attacks:

Include visibility in your backup process

You might trust that your backup system is in working order – until it’s not. Monitoring the system on a daily basis should reveal where data is inappropriately encrypted, flagging the concern sooner rather than later.

Add an additional layer of backup capacity over network file servers and online sharing services

Yes, these options provide convenient and easy-to-access services, but many attract and are vulnerable to security breaches. You’ll do better by backing up your data to a separate system. With regular testing, you can ensure it can restore function when needed.

Test recovery functions frequently

You won’t know that your system has failed if you don’t test it regularly. Some entities lost data because their backup systems collected the wrong data. Others had issues within the backup systems that weren’t revealed until the ransomware attacks.

Maintaining business continuity after a cyberattack is critical to saving the future of every company. Keep your backup efforts up-to-date against today’s increasingly threatening cyberattacks.