Hi,
An interesting security issue has arisen whilst setting up our SureBackup environment and I was hoping to see if anyone else has tackled the issue of sensitive data in an Application Group?
For example HR have their own servers which run payroll applications etc. To verify the integrity of the backups we were looking to set up a SureBackup fire up the lab and let them test the application manually. All Good. But everything that has occurred during the lab being up gets removed when closing down the lab so there is no trace of what data was accessed and by who, this includes safeguarding against a rogue IT employee accessing the sensitive data through the host in the background(not that I want to).
This seems like a very grey area, technically speaking I would rather know that servers and applications are working in my backups however I do understand the security implications that have to be considered when no audit trail is available.
Has anyone else thought through this dilemma? Any Advice?
-
joespirit88
- Enthusiast
- Posts: 39
- Liked: 5 times
- Joined: Jul 04, 2017 12:53 pm
- Full Name: Joe Spirit
- Contact:
-
PTide
- Product Manager
- Posts: 6427
- Liked: 728 times
- Joined: May 19, 2015 1:46 pm
- Contact:
Re: SureBackups with Sensitive Data
Hi,
The first and the easiest workaround that I can come up with would be to setup access logs collection from those SureBackup machines. Actually I think that it won't hurt to have such practice in production too.
Thanks!
The first and the easiest workaround that I can come up with would be to setup access logs collection from those SureBackup machines. Actually I think that it won't hurt to have such practice in production too.
Thanks!
-
joespirit88
- Enthusiast
- Posts: 39
- Liked: 5 times
- Joined: Jul 04, 2017 12:53 pm
- Full Name: Joe Spirit
- Contact:
Re: SureBackups with Sensitive Data
Thanks,
We do have SIEM in our production environment and looking into if we can get this working for SureBackups. For application specific logs which are stored in various locations on different servers as text files etc seems like a mammoth task to get running. Technically it's possible, however the IT team will know it all fits together and know how to stop this log collection if we really wanted to.
I'm not sure there is any right answer to this question, we are employed to think how to exploit the systems and put a stop to it, but then who police's the police?
We do have SIEM in our production environment and looking into if we can get this working for SureBackups. For application specific logs which are stored in various locations on different servers as text files etc seems like a mammoth task to get running. Technically it's possible, however the IT team will know it all fits together and know how to stop this log collection if we really wanted to.
I'm not sure there is any right answer to this question, we are employed to think how to exploit the systems and put a stop to it, but then who police's the police?
-
PTide
- Product Manager
- Posts: 6427
- Liked: 728 times
- Joined: May 19, 2015 1:46 pm
- Contact:
Re: SureBackups with Sensitive Data
I am afraid that there is no answer at all if you don't trust your own security team. Get a single person to be responsible for that kind of stuff, so that if something happens, you will know where to start looking for answers.
Also you inquiry sounds like "access control feature" for some monitoring tool like VeeamONE, you can leave a feature request on their forum.
Thanks!
Also you inquiry sounds like "access control feature" for some monitoring tool like VeeamONE, you can leave a feature request on their forum.
Thanks!
-
joespirit88
- Enthusiast
- Posts: 39
- Liked: 5 times
- Joined: Jul 04, 2017 12:53 pm
- Full Name: Joe Spirit
- Contact:
Re: SureBackups with Sensitive Data
Thanks again,
I think it's more the IT security team will need to prove that we are trustworthy to auditors if it was ever looked at. Appreciate your thoughts though!
I think it's more the IT security team will need to prove that we are trustworthy to auditors if it was ever looked at. Appreciate your thoughts though!
Who is online
Users browsing this forum: Bing [Bot], Google [Bot], Semrush [Bot] and 58 guests