Tip

Secure remote backups

Backup is a pain, and we all know it. So many administrators have listened to the siren song of remote backup vendors. More use central backup from several corporate sites, to make things easier. While that advantage is a good one, transmitting data over the Internet or other medium to a central location means that data is more susceptible to intercept by nefarious persons, or corruption at the backup storage site. This tip, excerpted from

    Requires Free Membership to View

InformIT, offers some things to think about if you're doing remote backup.

Backup data is vulnerable to attack at several points. If you are backing up your data onto a physical device such as a Jaz drive, then you do not need to worry about somebody sniffing on the physical connection between your computer and the drive. However, most backup techniques today involve transferring data over a network. It doesn't make sense to use strong encryption in your backups and good key recovery mechanisms, if you transfer files to a remote backup server in the clear.

The right way to back up files remotely is to perform all of the compression and encryption (in that order!) locally, and then to transfer the backups to the remote site for storage. The reason to compress before encrypting is that encrypted data contains very little redundancy, and so compression of ciphertext is not very effective. Many remote storage facilities further encrypt the data. While the encryption of the data on your local machine protects you against network attacks and from the storage server, the further encryption at the remote server is intended to protect your data from compromise of the server in the case where you have a poorly chosen passphrase. The super-encryption (encrypting encrypted data) at the remote site is a great marketing gimmick by many of the backup storage vendors, but it doesn't really buy you much because you should protect it with good keys in the first place. Furthermore, you are now running the risk of not only the loss of your passphrase, but loss of the key used by the backup server.

Another issue in the remote backup process is user authentication. If you back up your files over a network to a centralized server, make sure that the server does proper user authentication. If it does not, then even though the information on that server is unreadable, assuming it is properly encrypted, there may be nothing preventing another [person] from corrupting or destroying your backups.

Many remote backup facilities allow for an automatic unattended backup to be scheduled. That means that users can tell the system to make a backup in the middle of the night of files that have changed. Of course, the whole purpose of this is to perform a backup while the user is sleeping. It is unlikely that the user will want to wake up each night and enter the passphrase to derive the key for the backup. So, these systems require that the key be available to the program whenever it needs it. To accomplish this, the key must be in memory on the computer. In practice, many vendors keep the user key on disk somewhere. In either case, the key is vulnerable. The most secure systems require a passphrase to be entered whenever a backup or restore is about to take place, and they erase the key from disk and memory as soon as the work is done. Unfortunately, this is rarely the way these products operate.


To read the entire article from which this tip comes, click over to InformIT. No registration required. Just good info.


This was first published in September 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.