![]() Not only is this as valid today as it was many years ago, it is perhaps even more valid. Just as importantly, you need to store one copy of the backups far away from the original. They are all simply additional records inside the same database they are not backups. This is the number one reason why I reject the built-in data protection mechanisms in SaaS vendors like Microsoft 365, Salesforce, and Google Workspace. You cannot store your backups on the same system that you’re backing up. So many people focus so much on the three copies, but they ignore the “2” and “1” in the “ 3-2-1 rule. Make three copies of your data, store them on two different media, and store one of them somewhere else. ![]() This simple rule that describes the basic definition of a backup is just as relevant today as it was when Peter Krogh coined it. For what it’s worth, the attack also could have been stopped by enabling multi-factor authentication (MFA), but they had failed to do that as well. This is why we don’t put all our eggs in one basket. the OVH data center fire that happened in March of this year), or any number of natural disasters or terrorist attacks. This time it happened to be a hacker, but it could have just as well been a data center fire (e.g. That’s what happens when you store everything in a single account in a single region a single disaster or attack can take out everything. All backups of everything were also deleted. All of their configuration data and intellectual property were deleted. CodeSpaces tried to lock the hacker out and the hacker responded by completely deleting their AWS account.Ĭ ceased to exist at that moment. In what I believe is the first major ransomware attack, a hacker gained control of their account and told them they were going to delete it if CodeSpaces did not cough up the ransom. All of their VMs and databases - and all of their backups of those VMs and databases - were stored in a single AWS account in a single region. Don’t be the next īack in 2014, CodeSpaces advertised itself as a safe place to store your code. The only thing you can do is minimize those fees as much as possible. You must create an air gap between the resource you are backing up and the place you are storing that backup - and the only way to do that will create transfer fees. There is no way to properly back up data residing in an IaaS cloud vendor without incurring some kind of egress charges (i.e. Curtis Preston, Chief Technology Evangelist
0 Comments
Leave a Reply. |