GeodSoft logo   GeodSoft

Ten Practical Security Steps

1. Good backups, periodically tested, with reasonable media rotation and offsite storage.

Backups are frequently not discussed when security lists are made. At most large organizations backups are totally routine and taken for granted. As organizations get smaller the importance of backups is more likely to be neglected. Even at large organizations the importance of testing backups is sometimes neglected. Machines that should be backed up may be missed, such as a desktop systems with valuable, unique data.

Testing backups may be the hardest and most neglected part, especially testing a full system recovery. The only safe way to do this is to a test system. I my experience this does not work with Windows unless an identical system is available. I hope this has changed with Windows but I'd be somewhat surprised if it has. Small to medium size businesses are very unlikely to have duplicates of any their production servers lying around unused and availble for testing. With Unix and Unix like systems you only need two things, hardware on which the same OS version as being tested can be installed and enough disk space to handle a full restore. You install a minimum OS and do a full restore over it. Normally any hardware differences will be detected. You will be prompted if you want to delete X video card and add Y video card, or whatever components may be different. Normally when this boot finishes, pretty much everything will work normally.

I strongly urge even partial restores be done to a test machine. For this all that is needed is a system that will handle the backup medium and format. I recommend a test machine because on the live machine it is just too easy to restore to the live location, which is the natural thing for a system operator to when performing a restore. I'd suggest copying the files to be restored to a test machine before any one starts working on them and do a complete comparison of all restored files.

How much testing is enough? I don't know. I know what the bare minimum is. Every new backup system needs at least one test that leaves those responsible that they are confident they can back any system they are responsible for with not more than one day's data from the time that the problem. This might best be done before a system is placed in a production environment; then all that is at stake is the system install and configuration. Some time after that at least one partial including important data should be done. Ideally partial restore tests should be done on a periodicy basis, perhaps 3 to 6 months.

Backups need to cover more than a few days so that older versions of files can be recovered and so there is a resonable chance of recovering from problems, especially intruder caused damage, that goes undetected for a significant time. This means a rotation system. I always used 3 daily rotations. When we used tape I kept weeklies for about 3 months, and monthlies for a couple years. If backup is to removable hard disks, this can get pretty expensive. A month of weeklies and year of mothlies will take 16 sets of backup media with the dailies. Some people will cut way back on the monthlies, but this means little or no protection for any kind of accidental or deliberate corruption that is not dected in timely manner. Without weeklies serious damage or loss of a file that is not realized or reported in a timely manner may have no solution. If backups are to backup servers, network storage or cloud storage, a lot of storage is needed to hold a significant number of rotations, but at least these large systems are much more efficient with their use of space than any removable devices. They also tend to be modular so disk space can be added as needed. If cloud storage is not an important part of your backup plan, then any business environment needs an offsite storage service.

With good backups that are adequately protected, there few situations from which recovery is not possible though the costs may be substantial. With good backups, the costs in other security failures are greatly reduced. Sooner or later, hardware failure will cause irretrievable data loss. As this is normally immediately apparent, there should be at most one day's data lost but repair and restore could easily take two days if you need parts that are not locally available. Recovering from a malicious intrusion will likely be much more difficult. It's rare that these are discovered in a timely manner. Identifying the extent of the damage is likely to be difficult. Even if you have backup rotations prior to the earliest intrusion, you cannot perform a normal restore.c

transparent spacer

Top of Page - Site Map

Copyright © 2000 - 2014 by George Shaffer. This material may be distributed only subject to the terms and conditions set forth in (or These terms are subject to change. Distribution is subject to the current terms, or at the choice of the distributor, those in an earlier, digitally signed electronic copy of (or cgi-bin/ from the time of the distribution. Distribution of substantively modified versions of GeodSoft content is prohibited without the explicit written permission of George Shaffer. Distribution of the work or derivatives of the work, in whole or in part, for commercial purposes is prohibited unless prior written permission is obtained from George Shaffer. Distribution in accordance with these terms, for unrestricted and uncompensated public access, non profit, or internal company use is allowed.

Home >
How-To >
10 Security Steps >

What's New
Email address

Copyright © 2000-2014, George Shaffer. Terms and Conditions of Use.