Backup Software Vulnerabilities and How to Provide Protection

Backup software is a commonly used precaution for most organizations to prevent the loss of data that is crucial to the operations of businesses and corporations. As a general rule, most IT administrators limit backup software to a small number of servers or even just a single server. The clients that require backup then communicate with the backup server over the network by transmitting the data that is to be backed up. It is also possible for the backup server to survey the servers to locate the data that requires backup.

Since the backup software on servers scans the system to view all of the files, backup software vulnerabilities can significantly compromise the system if a hacker spots the vulnerability and then exploits the hole. The exploit can send numerous malicious files into the wild which can access a variety of clients and applications due to the fact that the backup software scans the entire system.

How the System Checks for Vulnerabilities

  • Vulnerability Scanner: Most organizations employ vulnerability scanning that routinely checks the entire system for security holes and vulnerabilities.
  • Port Access Check: It is important to check all network ports that used by the backup software. There are backup products on the market that are specifically designed to conduct port checks for any unauthorized access.
  • Backup Software Updates: IT administrators for organizations update the backup software with the latest version and then set up a monitoring system with the vendor site to receive notifications when patch updates are released due to an exploit or vulnerability that has been discovered.

How to Provide Protection against Backup Software Vulnerabilities

In addition to installing the latest patch updates to the backup software and vulnerability scanning, protection can be provided as follows:

  • Port Firewalls: Firewalls should be installed on all of the ports of the network that the backup software uses. This prevents untrustworthy networks such as the Internet from accessing the backup software.
  • Run Network-Based Firewalls: Network-based firewalls should be run consistently to restrict access to the backup software. Running a network-based firewall ensures that only certain hosts are allowed to use the backup server ports.
  • Encrypt Data: Prior to being transmitted on the network, all data should be placed in encrypted form before being stored on backup software.
  • Monitor Backup Software: Data that is stored on backup software should be monitored on a regular basis to ensure there has been no theft or unintentional loss of the information.
  • Disposal Policy: The organization should have an established policy in place that outlines how data should be disposed of when it is no longer needed.

Backup software vulnerabilities are not isolated to specific systems. Instead they are existent on all operating systems that run backup client software however; the most affected systems tend to be the Windows and Unix operating systems.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.