Out of the Essential 8, Regular backups is the easiest to achieve as the technologies, tools and strategies for backup are well documented. If you are looking to tick off a box quickly and easily to show progression on your Essential 8 journey, this is definitely the one to look at first. There are some prefaces in place, although these are not insurmountable and can be achieved relatively quickly.
So what do we need to do? Here are the key steps needed:
- Know what to backup – Backups should encompass the system configuration as well as the data that resides in the system. The aspect that you should be aware of is that it is not just the core servers and end points that needs to be covered by this… Often businesses miss applications and their related backups in the mix. Some systems may need to be backed up more frequently due to their critical nature.
- Implement a strong backup solution – there are heaps of backup solutions in the marketplace that cover a multitude of the different ways of backing up your data. You should be looking at a backup solution that encompasses both static backups and incremental backups.
- Where to store your backups – Storage is cheap and easy to gain today whether it be on cloud or in the datacentre. Choosing the appropriate storage tier is important to ensure that you have the right type of storage for your backup data so you can meet RecoveryTime Objectives (RTO).
- Databases are a pain – Backing up databases are a little trickier as active and large databases are often queried and small modifications occur. It depends on whether you are using flat file databases or relational databases, flat file databases are easier to backup than relational databases. Often an agent is required on database servers to perform backups.
- Hardened Appliances/Servers – Often backing up hardened appliances (specifically in my area of security) can be annoying as standard backup strategies can’t be applied because backup solutions and related agents can’t be deployed to perform backup functions. Often these systems have an inbuilt backup tool that will help the offboarding of backups on a regular basis.
Implementing Business Continuity and Disaster Recovery (BC/DR)
Now that backups are in place, there is a need to test to see if it works. Most Backup solutions will check the integrity of a backup, although this doesn’t test it in a real world sense. As part of your BC/DR strategy, you should test to see if backups work in a real world sense. Its best to have a 6 monthly DR exercise where you try to recover your backup.
Try to recover the images to a separated network (Test and Dev) to see if it works… you don’t have to try to recover all your servers, applications and systems; you should focus on recovering all critical systems and then have a spread of servers and applications.
Access to Backups
Whilst the Essential 8 states that there are 3 maturity levels in Regular backups stipulating certain requirements around access to backups, I am a strong believer that access to backups should be limited automatically to Backup Administrators. It’s such a simple step to create role based access within a backup solution.