Cloud data is the pulse of the modern enterprise, so it makes sense that over 90% of organizations worldwide conduct data backups, and it’s considered a data governance best practice. However, with the growth of multi-cloud, hybrid architectures, the sheer proliferation of data, and the sophisticated cyberthreat landscape, is this IT golden standard doing more harm than good?
Even the best of intentions can have unintended consequences. Unfortunately, common cloud backup methods can lead to the growth of shadow data — organizational data that is copied, backed up, or housed in a data store not under the same security structure or governed by security or IT. Because this data is left “in the dark,” it’s a hot target for today’s threat actors — and organizations have taken note. A majority of data security and governance professionals (68%) have named shadow data as the No.1 concern of protecting cloud data.
Regardless of the potential drawbacks, backing up a business’ files or databases is necessary. It ensures business continuity in the event of data loss caused by ransomware, hardware or system failure, and more. The key is to be educated on the risks involved, so your data security and governance teams can prevent any potential security incidents.
Understanding Common Backups and Associated Risk
There are many different ways to backup cloud data, but two of them, while commonplace, come with risks that may be unacceptable and can be categorized as follows:
Manual Database Dumps, Created at Will by the User
Also called “data dumps,” or “dumps,” occur when a user makes a complete copy or a copy of a subset of the data, depending on the specific use case. A dump saves the data from the database into a file or object in the cloud, typically in a way that can be restored into a database of the same type.
Data dumps present several risks to organizations if not properly monitored and secured. It’s not uncommon for these files to contain sensitive data.
The risks include:
- A vast and uncontrolled attack surface – Database dumps double the possible attack surface with much weaker defenses. While the original database requires login credentials, sometimes even multi-factor authentication, the copy typically does not.
- Privacy and compliance violations – Dumps are a way that data ends up in a non-compliant location or stored in a non-compliant way. For example, if an employee copies a database that stores GDPR-regular data in the EU and moves it to a non-compliant location, it would be a regulatory violation. The privacy team that ensures compliance with the database itself might have no idea this has occurred
- Further Costs – Every time a database dump is created, organizations have to pay more to store that data.
Combatting the Risks: If possible, avoid manual database dumps unless absolutely necessary due to the lack of guardrails.
S3 Replication as an Automated Cloud Platform Backup Mechanism
Each cloud provider offers its own menu of automated options for backing up valuable data. Automated backups add a measure of improved security and alleviate some of the burden of manual database dumps.
One of the most popular methods of automated cloud platform backups is S3 replication or automatic copying of objects across Amazon S3 buckets.
While slightly more secure than manual dumps, S3 replication also comes with its own risks, including:
- Privacy and compliance violations – If the replication configuration is set for the entire bucket/prefixes in the bucket, this could lead to all new objects created in the source bucket being transferred to a different bucket that is in violation of data residency requirements. It also violates retention or privacy policies if it is not deleted from the replicated bucket after a certain amount of time, or leads to the inability to fulfill data access or erasure requests.
- Unmanaged, shadow data – All replicated data has the potential to easily become unknown or unmanaged shadow data. Developers and data scientists will often replicate buckets without the knowledge of security, and sensitive data could be replicated in a different bucket that is entirely unknown.
- Public exposure of sensitive data – Destination backup buckets can have different permissions than the original bucket — leading to buckets accidentally being left public or given to third parties.
- Additional cloud costs – Many of the CSPs charge based on usage — meaning your organization pays twice for replicated data.
Combatting the Risks: First, determine whether or not your data is being replicated by running the command aws s3api get-bucket-replication – bucket my – bucket in AWS. And, in general, use replication very sporadically and for well-thought-out purposes when other automated solutions don’t work.
Cisco to Acquire Splunk, to Help Make Organizations More Secure and Resilient in an AI-Powered World
Data Back-Up — How Should I Back Up My Data Then?
In general, third-party backups are usually safer than manual database dumps of S3 replications. After all, there is a responsible third party whose job is to make the data secure. When looking for a backup vendor, look for one that follows solid security practices, such as encrypting data, having a framework for where they save data, and maintaining relevant privacy and governance standards.
Also, be sure to have data security posture management (DSPM) in place to help your security team discover and classify all data on a network, whether in an original database or a backup, to help prevent accidental data exposure.
Data backup is considered a necessity for today’s modern enterprise.
By understanding the risks associated with the most common types of data backup practices and how to perform them safely, organizations can be in the best position for business continuity.
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify Computer Services. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute, or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.
If you are not the intended recipient you are notified that disclosing, copying, distributing, or taking any action in reliance on the contents of this information is strictly prohibited.
