Introduction to Backups Part I
Guest authored by a badass Hoodie
Hello frens,
We’ve had an insane amount of success so far. In less than 4 months, we got 4 HOODIES 5 jobs (yes, that’s correct) for a combined total salary of $299k and an average study time of 7 weeks!!! I thought the first 8 week turnaround was a fluke until I saw it happen over and over again.
If you’re not a paid member of the stack yet, what are you waiting for? $20/month to change your life. No cap.
Today we’re going to discuss backups! This is an incredibly important topic, and being aware of “how the sausage is made” is incredilby important. In most corporate environemnts, they’ll have/want to use a commercial backup solution, but you can always make one from scratch yourself.
This article was written exclusively by one of our Hoodies in the stack and it GOES HARD.
This article gets a little technical, and as always, you should verify independently before implementing this backup strategy that this is the right solution for you and your team, but this gives you a great insight into the nature of how backups work and some best practces surrounding them.
Here’s All About Backups, Part I:
Do you know how to backup your data with the power of one simple script?
Anon…it’s a problem.
Too many freaking companies don’t have proper backups set up for their organizations. They’re at risk of spending thousands (or millions!) on recovery because they didn’t implement a good backup scheme. Some may have backups but have never tested them. They found out the backups didn’t work until it was too late.
But you’re not going to make the same mistake. You’re going to build upon your cyber foundation. Knowing how backups work is a core skill in cyber…even if you don’t end up managing the organizations backups personally. Curious on learning how to add backup management to your future six figure skill set?
I thought so. Let me get into it…
Backup Chad Origins
This article is all about backups. A solid backup scheme can make you the hero of an organization if something bad happens. Server go down? You can bring it back up on another machine in less than an hour. Ransomware attack? Pssssh. You have a desktop configuration backed up and all files safely encrypted off site. You thought ahead.
A Backup Chad knows why backups are important, what they need to keep in mind, and the different tools available to them. It is impossible to cover everything about backups in one article. What is possible though? Covering the basics, giving you some working script examples to play with, and showing you what else is out there. This will be a multi-part adventure.
Let’s start our Backup Chad journey with why backups are important.
Why Backups?
You may think the answer is obvious. You need backups to restore your data in case it gets lost. Duh! This obvious answer would lead you to believe that every company must implement a rock-solid backup plan. Sadly, this is not true. Many companies, especially if they are small, don’t have a dedicated IT team to think of setting up backups. It is an afterthought. Others don’t recognize the financial consequences of not having them. Some do have them and just assume they’ll work without testing them. The fact this is reality is scary. It is your job to act as an advisor to your executives about the importance of backups.
I also want to touch on the importance of knowing backups in the context of a cyber career. You may be thinking “But fellow hoodie, I am in cybersecurity. Isn’t the SysAdmin’s job or something to handle all the backups?”. And you may be right depending on your circumstances. But there are three things you got to remember as a hoodie.
Confidentiality, Integrity, and Availability.
It is on you to apply those three things to the data and systems in your organization. What do backups fall under? Availability. As a Backup Cybersecurity Chad, you need to know how your organizations data is backed up so you can protect it. Even if you don’t perform it yourself you must know how the backups work. Is data being encrypted in transit to the offsite location? Are the backups only accessible to the relevant people and processes? Is the right data being backed up for a full recovery? How can you know these things if you’ve never learned how to backup something yourself?
I hope I have made my case for the importance of why you need to do backups and why you need to learn it. Now let’s cover what Backup Chads have to keep in mind.
Backup Chads, Remember this!
We touched briefly on what Backup Chads have to keep in mind. Some of those points are:
Are backups encrypted in transit to their final destination
Are backups encrypted on the final medium they are resting on?
Are proper permissions set on the backup data?
Is everything needed for a full recovery of the system?
I want to touch on one important concept. This is known as the “3-2-1” backup rule. There should be 3 copies of data, on at least two different types of media. One of these copies should be offsite.
Figure 1: 3-2-1 Backup Scheme Picture. Pulled from securityboulevard.com
This protects your data in many circumstances. One copy being offsite protects your information in case your companies building is destroyed by a natural disaster. It also reduces the chance that a hacker will pivot, find the data, and corrupt it. Having all your backup copies on site is too dangerous. Do not have your production and backup copies destroyed in one go by something like ransomware.
One thing needs to be made clear for backups. There are multiple ways to accomplish them. Some ways may be better than others. The way you backup a database with 10 million rows will be different from how you will backup a 1 TB file system. Recognize there are many tools out there for you to use. I will mention different tools for different situations at the end of this multi-part series.
You know the “why”. You know the “what”. Let’s cover a way you can perform a backup.