[LINK] Hacking of medical records
Robert Brockway
robert at timetraveller.org
Wed Dec 19 00:54:02 AEDT 2012
On Tue, 11 Dec 2012, Jan Whitaker wrote:
> I seem to recall a throw away line either in a written story or a tv
> interview where the person said it was better to keep your backups
> off the network, too. One can only speculate what the person meant by that!
Hi Jan. In order to maximise the chances of a successful data recovery
there should always be at least one full set of data backed up that
conforms to the following criteria:
* Offsite
* Offline
* Tested
Having the backup offsite provides geographic separation that tends to
protect against physical problems (that are constrained by physical
distance).
Having the backup offline provides logical separation that tends to
protect against logical problems (scripts that delete backups, deliberate
attacks over the wire[1], etc).
These two collectively provide 'availability' of the backup.
Testing provides 'integrity' of the backup.
Some readers may now be thinking of the 'CIA triad'.
A fourth criteria (encrypted) can be added to finish the triad with
'confidentiality'[2].
[1] This is not the first time online backups have been attacked. There
was a high profile case of online backup deletion a couple of years ago.
[2] I'm cautious about recommending encrypting backups however as it
requires a 'technological maturity' that I'm yet to see in most
organisations, even large organisations. If you encrypt your backups you
must make provision for key recovery (eg, key escrow).
Cheers,
Rob
--
Email: robert at timetraveller.org Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Web: http://www.practicalsysadmin.com
Systems Administrator, Solutions Architect, Free and Open Source Advocate
Director, Software in the Public Interest (http://spi-inc.org/)
"Information is a gas"
More information about the Link
mailing list