Cloud Backup

We`re just sending through your details

Please give us a few moments whilst we get your account ready.


Top 9 Cloud Backup Data Security Threats

Top 9 Cloud Backup Data Security Threats

posted in Product ● 11 Feb 2016

Today’s forecast for data backups: mostly cloudy with a chance of being hacked; scattered malware infections; but later becoming more secure after taking better precautions. And there’s your trouble… not enough of the right precautions.

Fortunately, the Cloud Security Alliance (CSA) are on top of this. They’re ‘the world’s leading organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.’ Here’s a summary of what they reckon you should be addressing first (read here for the full report) – it’s known as the Notorious Nine:

1. Data loss

It’s certainly the greatest threat to data security. Since your backup data is in the hands of the cloud service provider, a lot of trust is placed in that relationship.

The agreement with both your cloud service provider and your backup service provider needs to ensure that measures to protect against accidental deletion and unauthorised access are in place and that some form of redundancy exists to protect against data loss.

2. Data breaches

Your company’s confidential information can accidentally or deliberately be read by an unauthorised third party. When your cloud backup server is on a shared platform, without being designed for multi-tenancy, it could result in other tenants gaining access to your databases.

The easiest way to mitigate this is by encrypting your cloud backups on transfer through the network and also during storage on the backup server database.

3. Account or service traffic hijacking

When someone hijacks your accounts it’s because they got hold of your credentials, either through phishing, cross-site scripting, or social engineering techniques. Once this has happened, who knows what the perpetrators will get up to?

Take control of your backup accounts by not sharing accounts between employees, not re-using credentials across accounts, and also by implementing two-factor authentication as part of the log-on/sign-in process.

4. Unsecured interfaces and API’s

APIs provide greater flexibility in implementing a backup solution and also allow greater automation capabilities. However, with a solution that is so integrated with third parties, some control is inadvertently relinquished. This can make the data being transferred vulnerable to network eavesdropping and manipulation.

Here, the CSA recommends, ‘…it is critical for consumers of those services to understand the security implications associated with the usage, management, orchestration and monitoring of cloud services.’

5. Denial of Service

Denial-of-service or more commonly known as DDoS (distributed denial-of-service) attacks are nothing new and you’ll know you’re being targeted when your IT systems seem to come to a grinding halt. Since the reason for this degradation in performance is because the attacker is consuming as much computing resources as are available, this can leave you unable to access valuable backups or you might get billed by your cloud service provider for processing you never intended.

The Cloud Controls Matrix (CCM) has four controls to help mitigate this threat: IS-04, OP-03, RS-07 and SA-04 and has to do with resource planning and application security.

6. Malicious insiders

These include current as well as former employees, or any other business partner with confidential knowledge of your business. A malicious insider can leave your business especially vulnerable since they usually know which data security measures to circumvent.
Better IT policies around credential and role management will help prevent unauthorised access to your backup data.

7. Abuse of cloud services

Since your cloud backups make use of services that give you access to vast amounts of computing power, this power can be abused if it falls into the wrong hands, such as constructing a denial-of-service attack or trying to brute-force crack an encryption key.

Remedial recommendations can be found under CCM controls IS-24 and IS-26 which help define the legal parameters of the abuse and also describe an ‘acceptable use’ policy.

8. Insufficient due diligence

Cloud services are inherently complex in their hardware and software configurations. Additional factors come into play with distributed environments where legalities exist around data ownership across borders.

Before adopting full-scale cloud backups, your cloud service provider should be scrutinised for compliance to legislation such as the ‘Safe Harbour‘ agreement and other data protection regulations relevant to your region.

9. Shared technology vulnerabilities

Virtual machines and containers (like Docker) aim to provide isolated computing environments but sometimes data security vulnerabilities exist that can leave gaps in the boundaries between environments. These software vulnerabilities on cloud backup servers could render any number of customers vulnerable to data loss.

By tightening IT policies around better encryption, user access management, early software patching, and proper testing will help prevent loopholes from being exploited.

How third-party backup for OneNote and Class Notebooks avoids falling into non-compliance trap

If you use OneNote and Class Notebooks regularly, the prospect of waking up one day and finding that your notes have gone, is the stuff of nightmares.

Continue reading

5 ways to add real value to customers’ digital transformation initiatives by providing Kubernetes backup

Here we outline the five key elements CSPs and Azure consultancies need from a Kubernetes backup solution to add real value to customers’ digital transformation initiatives.

Continue reading

Microsoft 365 Security – An overview of best practices

The rise in home working, increase in laptops and wide-scale adoption of OneDrive, SharePoint , and OneNote has only served to intensify issues around data security and access.

Continue reading