top of page

How ‘Pandora’s Box’ Infiltrates Backup Appliances

108.8 billion. That’s the number of business emails the world is set to send and receive in 2014 [1]. Add in intellectual property, assets word files and customer data, and suddenly the amount of information flowing through a business becomes almost unthinkable.

In the digital age, this influx of information is the economic currency of an organisation and its customers. The more data a business has, the more intelligence it has to drive profits. But, if the security of this information is compromised, businesses could find themselves facing the Pandora’s Box of digital evils.

Traditionally we have stored sensitive business data in a safe or filing cabinet, the lock and key firmly in place to keep out potential intruders. Today, we store information virtually or in large data centres, with backup appliances acting as the “lock and key” to keep out cyber criminals hoping to steal valuable information to sell for profit on the black market.

There is a general misconception held by companies that these backup appliances are just ‘black boxes’ for storage, and security is unimportant, and if businesses are to avoid the opening of Pandora’s Box, this mind set needs to change.

Backup appliances represent the “last line of defence” for a company, and security is of vital importance. In a similar way to the mythological opening of Pandora’s Box, should backup appliance security be compromised, the heart of the business, which holds every single piece of information linked to the organisation, is suddenly highly vulnerable to attack and data theft.

This type of security breach can happen solely through one access point damaging a company’s virtual infrastructure and creating both short and long-term consequences. With data growing at 60 to 70 per cent yearly [2] and the proliferation of virtualisation, companies face a new reality where traditional protection models, based on the need to secure complex systems built from multiple separate components with varying vulnerabilities and security requirements, are inadequate.

This misconception of backup appliances as storage boxes, presents a huge risk, particularly as these devices are now connected to nearly all parts of the organisation and critical IP generated from all work streams. This situation is compounded further with the growth of cloud services and information increasingly being stored outside of the physical walls of a company.

Threats to the backup appliances which can lead to this Pandora’s Box scenario can come internally or externally. External threats seem the most obvious since there could be a criminal or hacker that is seeking to obtain confidential company information and IP. But these outsiders typically can’t affect the system because they can’t run malware. The best point of entry for them is to target an individual at the company that can provide them access to the appliance. A targeted attack uses malware aimed at a specific user or group of users within a targeted organisation and may be delivered through a spear-phishing email, or a form of drive-by download known as a watering-hole attack. Their ultimate goal is to provide a backdoor for the attacker to breach the targeted organisation. According to the Symantec Internet Security Threat Report 2013, enterprises comprising over 2,500+ employees accounted for 39 per cent of all targeted attacks, compared with 50 per cent in 2012 and 2011. The frontline in these attacks moved along the supply chain department. Large enterprises were more likely to be targeted though watering-hole attacks than through spear phishing.

Internal threats are much more likely to occur, which means educating staff on potential security risks is essential. Internally, the threats can come from anyone working in the company, particularly with the backup appliance administrators. With the increase in data, backup appliance use expands and so does the amount of administrators that oversee the entire system. In order to maintain a safe system, these administrators only have select rights and have separate access and ownership. Should one of these administrators want to access a part of the appliance they typically can’t access, whether accidentally or maliciously, they could potentially impact the system and wipe out all the data. This can happen when administrators routinely perform functions with an unnecessarily elevated level of access, or bypass guided workflows in order to run OS commands directly, or even run home-grown scripts untested in the controlled environment of the appliance by overriding proactive Intrusion Prevention System (IPS) policies.

Appliances have security components and critical system protection such as this in place to prevent a Pandora’s Box situation from occurring. For example, by providing hardware and software to companies with robust data systems. This will allow the organisation to unite physical and virtual storage, tackle data growth, and eliminate complexity. More than just disk storage, backup appliances allow companies to have effective information management.

Losing the data stored in these ‘black boxes’ is massive. Because they are now connected to multiple data centres and cloud infrastructure, the risk not only hits the company but it could hit partners and customers that it works with. The modern data centre and the future data centre is connected to cloud-based services and appliances and security companies need to accommodate and change for the current needs of companies. Companies are looking for appliances that are efficient and easy to use, but they need to make sure they are secure.

3 views0 comments


bottom of page