[BreachExchange] The Top Four Endpoint Backup Solution Security Tips
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Apr 17 18:49:27 EDT 2018
https://solutionsreview.com/backup-disaster-recovery/the-
top-four-endpoint-backup-solution-security-tips/
Data loss is a concern for any organization. Businesses can lose not only
credibility with their users, but large amounts of money in the event that
data is lost as. Endpoints, in particular, are at a high risk of being
compromised because there are so many variables at play. The risks that
come with endpoint devices are damage to the device, user error,
unauthorized data modification, and the loss or theft of the device. With
so many risks related to mobile devices, an endpoint backup solution is a
way to strengthen security. When choosing a solution, be on the lookout for
these features:
Usability
Your endpoint backup solution should have the ability to protect all of
your mobile device data. This requires your solution to rely on adoption as
well as ease of use. The solution should be capable of managing almost
continuous data protection without disruption or the need for intervention.
Automation
Automating certain backup tasks not only reduces risk, but helps to meet
administrative, legal, and business data archive requirements. Making use
of automation also reduces the possibility of an employee error, overall
making your endpoint backup solution more secure.
Security In-Flight and At-Rest
Data encryption at all times is necessary for an endpoint backup solution.
Some providers falsely claim that they offer encryption in-flight and
at-rest if the data is encrypted at just one point during the process. For
that reason, it is imperative that you confirm that your data is encrypted
during the entire operation. The data should be encrypted on the initial
device, as it is being transferred, and when it is resting on the server.
Encryption Key Management On-Premises
If encryption keys are stored next to the data by the cloud provider, the
provider could release your data without you being aware of it in the event
of a subpoena. Because of this, it would be ideal for encryption keys to be
held in your own data center on a master server. Using this approach, you
would be the only one with access to decrypt your data.
Endpoint devices are difficult to secure. Because of the potential for
human error, they are the perfect target for cyber threats. However, using
the above methods, your data will be better protected as well as harder to
attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180417/61acf607/attachment.html>
More information about the BreachExchange
mailing list