Rick Vanover, Senior Director of Enterprise Strategy at Veeam emphasizes that zero trust principles should extend to data backup and recovery systems. This includes least privilege access, immutability, system resilience, proactive validation, and operational simplicity to protect against ransomware.
Four decades after a Scottish computer science professor coined the term, “zero trust” still stands as IT’s primary model for securing high-value assets. The model requires each and every user to verify their credentials – essentially to convince the system they’re not rogue actors trying to hack their way in.
But while the term is not new, the implementation of zero trust practices is evolving. For decades, most zero trust frameworks ignored the protection of data backup and recovery systems. The thinking was that resources should be concentrated on protecting the perimeter to stop attacks before intruders can get in and move throughout the system. Today, as ransomware attacks become more frequent and the value of data skyrockets, organizations are seeing the value of extending zero trust models principles to data and backup itself.
The tactical shift couldn’t come at a better time. A study of 1,200 IT professionals found that 85% of organizations were hit by a ransomware attack over the past year, representing a 12% increase in total attacks compared to the previous year. And those attacks targeted valued assets. Nearly half (45%) of these organizations’ production data was impacted during the attacks, putting their financial and operational health at risk.
The same study showed that 93% of ransomware attacks directly targeted backup systems and data, where attackers feel they can cause the most damage. Three quarters of the victims of these successful attacks lost backup data and 39% completely lost their entire backup repositories.
The data is hard to ignore: Attackers are targeting data backups. The most effective way to protect backups is to apply zero trust principles. While it’s important to apply zero trust policies to cybersecurity systems that keep intruders out, the numbers show that successful intrusions are more than likely to occur, elevating protection of data backups to the highest priority.
A change in mindset
This requires a change in mindset toward the zero trust as a concept – that it’s not a “silver bullet to success.” Zero trust is a mindset, not a product, and not a rigid set of principles that can’t be adapted to address escalating levels of threats.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) launched the Zero Trust Maturity Model several years ago to define security strategies in an age when data fuels modern organizational business strategies. The model includes five pillars based upon the foundations of zero trust – identity, devices, networks, applications and workloads, and data. But it leaves out data backups.
A new model updates these concepts further. The Zero Trust Data Resilience (ZDTR) Maturity Model extends the five pillars from the CISA structure to backup and recovery systems.
The ZDTR model applies five core principals along with a reference architecture and a new set of capabilities for the Zero Trust Maturity Model.
Here are how each of the five principles apply to data backup and recovery systems:
- Least privilege access: Like backup management systems, backup storage systems should be isolated on the network so that no unauthorized users can break in. This stops bad actors from getting access to critical backup copies – the “crown jewels” inside the castle – through network reconnaissance or exploiting a vulnerability.
- Immutability: Immutable backups ensure thatspecific sets of data can’t be modified or deleted by attackers if they gain control of the backup system. Immutability can be provided by the physical properties of storage media or through technologies embedded at hardware, firmware, or software layers.
- System resilience: Since backup functions extend beyond the data itself, systems need to be hardened to protect the entire ecosystem of tools, technologies, and processes related to data backup and recovery. An important move is to segment the backup software and backup storage layers. This shrinks the size of the attack surface of backup repositories and limits the potential impact of a ransomware event.
- Proactive validation: To truly trust the efficacy of a backup system, it needs to be validated at any time. That means monitoring the backup system for network, performance and security. The data backed-up data itself, along with the reliability and effectiveness of recovery policies, need to be validated on a regular basis.
- Operational simplicity: Organizations can develop the most extensive, strategic security plans and still fail if the plans are too complicated to carry out.
Conclusion
The importance of data backup and recovery can’t be overstated. For years, organizations considered backups to be potentially deferrable budget items because the odds of getting breached were low. Now the script has flipped: The odds of getting attacked more than once are rising every year. Organizations should do whatever they can do now to ensure they have an absolutely portable, absolutely recoverable copy of their most critical data.
Zero trust requires organizations to trust no one and verify everything. The ZDTR approach takes this to heart, elevating data backup and recovery to the highest level of importance in protection strategies. The approach maintains that the data copy – that crown jewel, that holiest of holy assets – needs to be protected at all times, assuming that all other safeguards are at risk of failing.