SolarWinds MSP is becoming N-able

Read more

What Are the Security Advantages and Disadvantages of Cloud Backup?

When it comes to backing data up to the cloud, security should be a primary consideration. Although cloud services have long been marketed as a sort of panacea for IT, there are both advantages and disadvantages to backing data up to the cloud, especially when it comes to cloud security.

Backup isolation

securebackup1.jpgOne of the primary advantages of backing up data to the cloud is doing so creates a backup that is geographically isolated from your data center. This helps to ensure the survivability of your data in the event of a fire, flood, or other disaster. Also, because the backup does not reside on-premises, a disgruntled employee would not be able to steal the backup media.

Internet traversal

One of the disadvantages of backup cloud security is that it usually means your sensitive data will have to traverse the internet. Granted, this data should be encrypted and will usually be confined to a VPN. Even so, there is no way to guarantee the security of data passing through a public medium with absolute certainty. It is worth noting that some public cloud providers do offer the option of leasing a dedicated connection between your data center and the cloud, which can mitigate the risks associated with transmitting sensitive data over the internet.

Access to the data

Another risk associated with backing up data to the cloud is it’s possible the cloud provider’s employees could have access to your data. Even if you are not concerned about the possibility of the provider’s employees snooping through your data, backing data up to the public cloud carries with it a very real risk of that data being exposed to the government. That’s why you should hold the encryption key—not your cloud vendor.

A couple of years ago, Microsoft engaged in a legal battle with the US government over its practice of issuing blind subpoenas. A blind subpoena is one in which the government subpoenas a cloud provider for a tenant’s data without the tenant ever being informed that its data has been surrendered.

Account hijacking

cloudbackup.jpgYet another risk to backing up data to the cloud is that of account hijacking. This occurs when a hacker manages to crack or guess a tenant’s cloud password, and then logs in as the tenant, and changes the account’s password, effectively locking the tenant out of their own data. While it is true that account hijacking can occur on-premises, on-premises systems containing highly sensitive data might not be as readily exposed to the internet as those systems residing in a public cloud.

Physical security

Even though there are many backup cloud security risks, there is at least one major advantage to backing data up to the cloud. Public cloud providers (like AWS and Azure) know that public clouds are a favorite target of hackers, so they work diligently to make sure the cloud is as secure as possible. To put it another way, big cloud providers make big targets, so they are secure because they have to be.

Public cloud providers are known for exercising top-notch physical security. In fact, I had the opportunity to visit the Microsoft data center a few years ago, and while I cannot go into specifics, I can honestly tell you that I have visited military facilities not nearly as secure.

This means backing your data up to the cloud may in fact deliver a level of security that simply cannot be achieved on-premises. Major cloud providers have entire teams dedicated to security, and so there is a very good chance your backups will be more secure in the cloud than they ever would be in your own data center.

 

Additional Reading:

Brien Posey is a 13-time Microsoft MVP with over two decades of IT experience. Prior to going freelance, Posey was a CIO for a national chain of hospitals and healthcare facilities and has served as a network engineer for the United States Department of Defense at Fort Knox. Posey has also worked as a network administrator for some of the largest insurance companies in America.

You can follow Brien on Twitter at @BrienPosey

 

The above is based on using public cloud providers like AWS and Azure. For those wanting the benefit of cloud without some of the security downsides of being on a public network, you can use a purpose-built private cloud, like SolarWinds® Backup uses, where IT services are provisioned over private IT infrastructure for the dedicated use of a single organization.

SolarWinds Backup can also make internet traversal more safe in two ways: 

  • In addition to using AES 256-bit encryption prior to transmission, after the first full backup, only changed blocks are transmitted, compressed, and deduplicated so the data isn’t usefully readable.
  • Backup data is transmitted over a TLS 1.2 connection, for even greater security.

 

To find out how SolarWinds Backup can help you secure your customers’ data, click here.

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a trial.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site