Let’s see what happens when I attempt this from an on-premise server that is under protection:įrom the Azure Backup console, click Schedule Backup, and find the option to Stop using this backup schedule and delete all of the stored backups. In order to delete data from the Azure Portal I cannot simply effect this change from my Azure backup-enabled on-premises systems. But wait, how did we even get to this point in the first place?! Okay, so I have a chance to recover from this, assuming the attacker does not also intercept or remove this message from my mailbox (and he or she might). Reading further, I see that I have 14 days to re-enable protection, and keep the data: If you were smart and setup notifications in the Azure Portal, then you will be notified when this happens:
If I wanted to do damage or put you in a tight spot, and hold your data for ransom, I would probably start by attacking your backups. Let’s say I was an advanced piece of malware on your network, or an actual human attacker. In fact, the key does not grant your server the capability of deleting backups!! The easiest way to demonstrate this, is to see how one would go about turning off the Azure Backup functionality. And that “key” is not the same as your administrative credentials for signing into the Azure Portal. This file is your “key” to associate the server with that vault.
#AIR GAPPED BACKUP DOWNLOAD#
However, when you go to configure your backup on the server(s) themselves, you will find that you need to download a separate set of “credentials” in the form of a small file. You probably have a set of admin credentials to sign into a cloud portal, such as the Azure Portal, and create a vault, such as Microsoft’s Azure Recovery Services vault. But the question is whether they are “as good.” Why do we pose this question? How Azure Backup credentials workīefore you configure Azure Backup, or many other cloud backups, you typically have to provision some kind of storage container up in the cloud, to which your backup data will be written. They are always online, and accessible, by their very design and nature. Most modern backups are now on done on disk (like a NAS for example), or written to the cloud.Īzure Backup, and other clouds like it, are online. Most backups used to be this way by default (tapes that could be taken offsite and so forth).
#AIR GAPPED BACKUP OFFLINE#
Offline means air-gapped, in other words, no wires connecting the media back to the fabric of your network (or any other). These are all markers of a solid backup solution over all–I would even say they are mandatory.īut, what about offline? Isn’t offline backup a critical consideration these days, especially with the evolution of modern malware–worms and the like? The best solutions are actually comprised of more than one backup, and usually one of those backups is either offsite, offline, or both. Last, the solution is automated, meaning there is no human intervention required, and notification capability is usually built-in (again, as it is with Azure). Usually encryption is available with the cloud providers (like Azure), so the backup is secured with a private key, before it ever leaves your network. Is Azure Backup (or any cloud-based backup for that matter) as good as having an offline backup? The Benefits of Azure / Cloud BackupĬertainly one of the biggest benefits of a cloud-based backup is that it is offsite. I am posing this question, not just for Azure Backup, but any cloud-based backup.
0 kommentar(er)
