Moonrise2473 ( @Moonrise2473@feddit.it ) 79•10 months agoWhat’s the point of primary and secondary backups if they can be accessed with the same credentials on the same network
CrateDane ( @CrateDane@feddit.dk ) 11•10 months agoThey weren’t normally on the same network, but were accidentally put on the same network during migration.
snaptastic ( @snaptastic@beehaw.org ) English8•10 months agoWhat’s the correct way to implement it so that it can still be automated? Credentials that can write new backups but not delete existing ones?
Haui ( @Haui@discuss.tchncs.de ) English30•10 months agoI don’t know if it is the „correct“ way but I do it the other way around. I have a server and a backup server. Server user can‘t even see backup server but packs a backup, backup server pulls the data with read only access, main server deletes backup, done.
VerifiablyMrWonka ( @VerifiablyMrWonka@kbin.social ) 14•10 months agoFor an organisation hosting as many companies data as this one I’d expect automated tape at a minimum. Of course, if the attacker had the time to start messing with the tape that’s lost as well but it’s unlikely.
Moonrise2473 ( @Moonrise2473@feddit.it ) 3•10 months agoIt depends what’s the pricing. For example ovh didn’t keep any extra backup when their datacenter took fire. But if a customer paid for backup, it was kept off-site and was recovered
It might be even pretending to be a big hosting company when they’re actually renting a dozen deds from a big player, much cheaper than maintaining a data center with 99.999% uptime
rentar42 ( @rentar42@kbin.social ) 7•10 months agoFundamentally there’s no need for the user/account that saves the backup somewhere to be able to read let alone change/delete it.
So ideally you have “write-only” credentials that can only append/add new files.
How exactly that is implemented depends on the tech. S3 and S3 compatible systems can often be configured that data straight up can’t be deleted from a bucket at all.
IWantToFuckSpez ( @IWantToFuckSpez@kbin.social ) 6•10 months agoA tape library that uses a robot arm https://youtu.be/sYgnCWOVysY?t=30s
Backups that are not connected to any device are not susceptible to being overwritten and encrypted by malware.
reflex ( @reflex@kbin.social ) 3•10 months agoA tape library that uses a robot arm
https://youtu.be/sYgnCWOVysY?t=30sOr like that vault in Rogue One?
Moonrise2473 ( @Moonrise2473@feddit.it ) 1•10 months agoi use immutable objects on backblaze b2
from command line using their tool is something like
b2 sync SOURCE BUCKET
and from the bucket setting disable object deletion
also borgbase allows this, backups can be created but deletions/overwrites are not permanent (unless you enabled them)
hunt4peas ( @hunt4peas@lemmy.ml ) 42•10 months agoTime and time again, data hosting providers are proving that local backups not connected to the internet are way better than storing in the cloud.
hardypart ( @hardypart@feddit.de ) 24•10 months agoThe 3-2-1 backup strategy: “Three copies are made of the data to be protected, the copies are stored on two different types of storage media and one copy of the data is sent off site.”
theshatterstone54 ( @theshatterstone54@feddit.uk ) 6•10 months agoHow would that work in practice? 1 medium offsite, and 2 mediums on-premises?
hardypart ( @hardypart@feddit.de ) 3•10 months agoExactly.
IWantToFuckSpez ( @IWantToFuckSpez@kbin.social ) 10•10 months agoAny redundant backup strategy uses both. They both have inherent data loss risks. Local backups are great, but unless you store them in a bunker they are still at risk to fire, theft, vandalism and natural disasters. A good backup strategy stores copies in at least three locations. Local, off-site and the cloud. Off-site backups are backups you can physically retrieve. Like tapes stored in a vault in another city.
Max_Power ( @MaxPower@feddit.de ) English26•10 months agoNow that you mention fucking incompetence, I need to verify my 3-2-1 backup strategy is correctly implemented. Thanks for the reminder, CloudNordic and AzeroCloud!
Ecstatic_equilibrium ( @Ecstatic_equilibrium@kbin.social ) 18•10 months agoThey had one job
Hamartiogonic ( @Hamartiogonic@sopuli.xyz ) 10•10 months agoPeople literally pay these guys to not screw up this one thing.
digdilem ( @digdilem@lemmy.ml ) 10•10 months agoI feel really bad for everyone involved - customers and staff. The human cost in this is huge.
Yes, there’s a lot of criticism of backup strategies here, but I bet most of us who deal with this professionally have knowledge of systems that would also be vulnerable to malicious attack, and that’s only the shortcomings we know about. Audits and pentesting are great, but not infallable and one tiny mistake can expose everything. If we were all as good as we think we are, ransomware wouldn’t be a thing.
Treczoks ( @Treczoks@kbin.social ) 7•10 months agoPut all the data in the cloud, they said. It will all be save and handled by professionals!
chris ( @chris@l.roofo.cc ) English6•10 months agoThat’s what you call an epic blunder.
President_Pyrus ( @President_Pyrus@feddit.dk ) 5•10 months agoIt is a company destroying blunder.
exu ( @exu@feditown.com ) English4•10 months agoI think they’re aware of that
Martin Haslund Johansson, the director of Azerocloud and CloudNordic, stated that he does not expect customers to be left with them when the recovery is finally completed.
Moonrise2473 ( @Moonrise2473@feddit.it ) 7•10 months agoThe customers are already lost:
-
pay the expensive ransom, if the bad actor gives them the decryption key, customers are relieved but still pissed, will take the data and move to somewhere else with a big FO. Go out of business.
-
don’t pay the ransom, customers are pissed and move to somewhere else with a big FO. Go out of business.
-
Fizz ( @Fizz@lemmy.nz ) 6•10 months agoIf you fuck up that badly you shouldn’t be allowed to operate in that industry.
papalonian ( @papalonian@kbin.social ) 8•10 months agoProblem is that you have to work in the industry to fuck up that badly.
CrateDane ( @CrateDane@feddit.dk ) 5•10 months agoThey’re a small company, they’ll probably just go bankrupt.
DeprecatedCompatV2 ( @DeprecatedCompatV2@programming.dev ) 1•9 months agoI wonder why they can’t/won’t pay.