Back up your systems securely
Creating backups is one thing, making sure they’re secure is another. We offer some tips for ensuring the process is as painless as possible.
Making backups of your data is critical. If you don’t regularly create usable backups, any outages, disk failures, or administrative errors can cause permanent data loss. But, although backups address the availability (and to some degree integrity) aspects of the AIC security triad (availability, integrity, confidentiality), they can introduce significant risks with respect to the confidentiality or secrecy of your data. In other words, when you centralize all your data on removable storage (e.g., tape drives), things can get very bad very quickly if the tapes are misplaced or stolen.
The solution, of course, is to encrypt your backups. Depending on the risk you’re willing to accept, strong encryption can even let you store your files in potentially insecure locations (e.g., a public cloud storage provider). In general, most backup programs support 256-bit AES, which is extremely strong, so with properly generated keys that are secured from attackers, your data should be safe from decryption for at least a few decades. However, you must consider several other issues when deciding how to apply encryption to your backups and how to manage your encryption keys.
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.