How can the backup set be protected?

In most cases, the attacker will be in the organization's environment for a long time (on average 7 weeks) in order to find the set of backups and observe them.
While backup cannot be completely protected from all potential risks, there are steps that can be taken to minimize the risk of data loss and ensure the integrity of backups.

• Use immutibale storage: in order to block the possibility of changing the deletion range of data after it has been written. immutibale storage can help prevent data corruption or accidental deletion.
• Backup scanning: Regular scanning and monitoring of backups for malware can help detect and prevent malware infections.

Use access controls and encryption - Access controls and encryption can help protect backups from unauthorized access. such as:

✔️Authentication: requiring users to provide a username and password to access backups.
✔️ Authorization: granting access to backups only to authorized users or groups.
✔️Encryption: Encrypt the backups to protect them from unauthorized access

• Storing backups in multiple physical locations: Storing backups in multiple locations can minimize the risk of data loss due to physical damage or natural disaster.
• Choosing a backup software: using a recognized backup software and implementing it according to the best practice of that software. Building a backup procedure that will include periodic controls for the backup and recovery process.
• Disaster recovery plan: Having a disaster recovery plan can help minimize the impact of data loss and ensure business continuity.

  It is important to note that today there is no solution that guarantees 100% protection. Therefore, different strategies for protecting the information must be examined in order to minimize the risk of data loss.
  In addition, it is important to regularly review and update your backup and disaster recovery plan to ensure it remains effective.

Author: Zabri Idan, VP of expert services and information security at Genie