SDL Episode52

From Paul's Security Weekly
Jump to: navigation, search

Secure Digital Life #52

Recorded on February 13, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Coming soon!


  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Russell Beauchemin
    Cybersecurity & Network Security Program Advisor and Director of Instructional Support & Learning Innovation at Roger Williams University.
  • Topic: Backup Strategies

    The Importance of Being Backed Up

    You do backup your system right?

    The rise of ransomware -- Story about 24 files being shredded each day until you pay

    - Understanding the nature of backups

    • Full backup -- This is a backup you can literally take and copy to another drive and be up and running. This would have all your files, operating system, etc.
    • File backup -- these are just copies of your files, you would have to reinstall the operating system
    • Mirrors -- This is a live copy that is identical to the running copy
    • Differential backups -- another live backup technique that is used to just update the mirror or backup archive
    • Cloud based -- these come in a wide variety and offer the ability to upload differentials or other approaches to the cloud in the background

    - The horizon:

    - Before you develop a backup strategy, you need to develop an understanding of your "cycle". Ask yourself these questions:

    • What can I never live without?
    • If I lost everything, how far back could I recreate from other records
    • How long can I be down without consequence?

    - What can you not live without?

    • Well, if you are a business, you may be required to maintain some things
    • If you are person, these may be your personal records, photos, I don't know, that video of your kid being born, that kind of thing.

    - How far back can you recreate?

    • Do you need tax records? Do you have printed copies?
    • Do you need bank records? Do you have printed copies?
    • So, that term paper you are writing, if it fails right now, can you recreate it?

    - How long can you live without your technology?

    • Well, how long? and by this I mean the things on a specific device. If all your contacts are on your iphone and you lose it, how long?

    These answers are different for enterprise and individuals but the idea is the exact same thing!

    So, now ask yourself this: Right now, while you are watching this, every thing on your hard drive just vanished. Everything. Start thinking about what you would do? Then, start trying to do it. It's very easy to say: "I have a backup". It's another thing to actually restore a backup entirely. Ever done that?

    Things to do:

    • You really need to know your time horizon, day, week, month? Probably day.
    • You must establish an OUT OF BAND failsafe location. MUST!
    • You need a real time backup for hardware failure.
    • You must decide what really matters and how long you can take to restore.
    • You MUST try and do this in the real world (restore) or it's all a waste of time and money

    Explaining out of band:

    • This has to be a safe place.
    • It can't be connected (airgapped or at least credentialed)
    • It has to be doable on a regular basis and out band cannot be automated or it can be compromised

    Bad assumptions:

    • Cloud drives are safe from ransomware
    • I made a backup copy, so I am good.
    • I made a windows restore, so I am good.

    Understanding RAID:

    • RAID is NOT a backup plan
    • RAID is a protection from hardware failure
    • RAID 0 is for performance enhancement, not backup or protection from HF
    • RAID 1 is for performance and will NOT protect you from ransomeware/hacks/mistakes

    Next time: Doug and RUSS evaluate some backup products.