Five Best Practices for Protecting Backup Data
Backup encryption should be one of many activities that formulate a comprehensive security strategy. In many environments, storage has operated outside of the realm of security officers for some time, as their main focus has been primarily on areas such as perimeter security, intrusion detection/prevention and protection of host systems. As a result, the storage infrastructure – both primary storage and especially copies of primary storage – is likely to be an Achilles’ heel when it comes to security. Policies for data security are a corporate concern and should be a fundamental element of an enterprise security strategy. Strategic security policies can then spawn tactical and operational policies through the joint efforts of the security and storage organisations. To that end, storage must become an integral part of the corporate security strategy.
To achieve these goals, a corporation should build a practice around five fundamental areas detailed in this paper.