1 / 31

Security, Backup and Disaster Recovery

Security, Backup and Disaster Recovery. Peter Heweston - August 2009. Backup and Recovery. Hydstra is becoming central to agency business The investment in data amounts to millions of dollars Data is arriving in near real time Operational decisions are being made daily

raquel
Download Presentation

Security, Backup and Disaster Recovery

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security, Backup and Disaster Recovery Peter Heweston - August 2009

  2. Backup and Recovery • Hydstra is becoming central to agency business • The investment in data amounts to millions of dollars • Data is arriving in near real time • Operational decisions are being made daily • Disaster planning needs to be reviewed regularly • Disaster plans need to be tested

  3. Disaster! • Hardware failure • Virus infestation • Accidental deletion • Malicious deletion • Theft • Vandalism • Fire, flood, earthquake • Terrorism

  4. Hardware Failure • Hot backup server • replicate system every 15 minutes to backup server • RAID disks • RAID = Redundant Array of Inexpensive Disks • hot-swappable RAID • Dual power supply • power supplies are a vulnerable component of modern PCs. • Server class machines often have dual power supplies • On-site spare parts • 160GB hard drives are hard to buy • 20GB tape drives are obsolete

  5. Viruses • Corporate antivirus • Ensure it is being updated regularly • Some viruses disable update • Spam filters • Ensure offline laptops are updated regularly • Internet Policies • Document policies • Limit personal access to internet • Scan incoming emails • Monitor usage and fee back to users • Training • Discourage silly emails and links • Inappropriate usage • No file-sharing and Warez sites allowed

  6. Accidental Deletion • Only trained users are allowed access to systems • Set user levels appropriately (not all TS=3) • Set file system security to prevent accidents • Restrict access to Explorer - drag'n'drop accidents are common • Restrict access to DOS boxes • Set up and run HYDIRCHK regularly for early detection • Run HYARCSIZ regularly • Use recycle bin and backup options for Hydstra TS files • Make regular backups

  7. Malicious Deletion • Withdraw access as soon as people leave • Big companies escort you to the door as soon as you are sacked or laid off • Windows operating system logs can log file deletions • You have to enable it • Enable DBFLOG in HYCONFIG • Logs HYMANAGE etc • Not external processes

  8. Equipment Loss • Most laptops are lost or stolen at work, next is car, third is airport • 90% of lost PCs contain confidential business information • 82% are never recovered • Most are unencrypted • Many don't even require a password to log in • 60% of data breaches are due to lost or stolen portable devices • 1 in 2 users have lost a portable drive • 76% respondents said that they never use any data security to protect information stored on USB devices.

  9. Data Loss • Time Warner Inc. reported that 40 tapes containing personal data on 600,000 current and former employees had been lost en route to a storage facility. • A laptop storing personal data on 11,000 children was stolen from a Nottinghamshire hospital • New Zealand Inland Revenue Department (IRD) has no clue as to the whereabouts of 106 of its computers or their contents.

  10. Tracking • A range of products is available to report back on stolen laptops and phones • Prey is public domain software that sends info to a web site of your choice, with pics if you have a webcam • http://preyproject.com/ • Apple MobileMe Find My iPhone • Locate iPhone on a map • Send an SMS message • Play a sound • Wipe all data • Many other similar apps

  11. Ironkey Secure USB Drive • 4GB AES Encrypted USB drive • Stealth browsing via secure Firefoxand Tor (The Onion Ring) • Permanently disabled after10 bad password attempts • Self destructs if physical tampering detected • Password management • Waterproof • $US179 for 4GB

  12. Lenovo ThinkPad USB Portable Secure Hard Drive • 128bit AES encryption • 320GB • Up to "Secret" security • $US 319, $AUS 459

  13. Freecom Hard Drive Secure • 2TB encrypted USB • RFID credit card to unlock • 349 euro

  14. Windows Encrypted Files • NTFS File System supports file encryption • Key is secured using your login • Must use complex login passwords • Don't change domains or you will lose access to your data • Be careful about moving data to non-encrypted USB devices • Right click Properties and select Advanced

  15. Windows Encrypted Files

  16. TrueCrypt • Best free encryption software • Encrypt a hard drive or USB drive • Created an encrypted container in a normal file • Installs a device driver • Many encryption choices, including 256bit AES (rated to Top Secret) • Requires driver to be installed to read the data

  17. Formatting USB Drives • Most USB drives come pre-formatted with FAT32 • You can convert to NTFS • CONVERT M: /FS:NTFS • Advantages • Smaller sectors • Compression, encryption • Files >4GB • Disadvantages • Only XP, Vista, Win 7 • Must ALWAYS remove safely • May have Access Denied problems • Bad choice for memory-based devices

  18. Data Theft • Firewalls • Manage internet security • Tokens for VPN • Password policies • Remove expired staff • Enforce regular password changes • Consider tokens, fingerprints, MIL cards etc • Phones, PDAs, MP3 players etc • Consider policies • Forbidden in Defence buildings • USB drives • Easy to steal everything, easy to lose • Publish policies on data use and abuse

  19. Waste Stream • Dumpster diving is a common source of data loss • Cleaners can't be trusted • Shred everything • I mean everything • no really, everything • don't just reformat, securely erase • Manage disposal processes • Many PCs bought at disposal auction have recoverable data on them

  20. Building Loss • Plan for complete loss of building • Fire, flood, earthquake, explosion • Water resources agencies are often near rivers! • Requires complete offsite backup • Duplicate site • Hot backup of systems • Communications lines for telemetry • Carriers - Telstra, Optus etc • Secure offsite physical backups

  21. Backup • Backups need to recover from different problems • Probably requires multiple backup strategies • Disaster • Oops • Delayed recovery • Strategies include • Tape • Hot copy • DVD • USB drive

  22. Tape • Best protection against major disaster • Tapes should be stored offsite • or at least in fireproof waterproof safe • Requires compatible hardware to recover • May be difficult to purchase a drive • Have one spare • Complex to manage • Needs to be done every day • Complex cycle of tapes to keep and recycle • Best done by corporate IT • Slow or expensive to recover a single file • Test it regularly!

  23. Hot Copy • Could be quite often - every 15 minutes • ROBOCOPY copies only changed files • RSYNC or SFFS can replicate over FTP • HYCLONE is a wrapper round ROBOCOPY • Copy the system from network to your PC daily • Locked files • Some files will be inaccessible • Some are nearly always inaccessible • SVRTASKS, PASSWD, etc • Issues around file consistency • During a live copy DBF can become different from CDX • A can be different to .AX

  24. DVD • Consumer technology has a long life • Cheap • Make DVD copy of the entire system at least once a week • Keep them for ever • Allows you to go back in time many years • When would you detect a lost TS file at a closed station? • The same day? • When you ran HYARCSIZ? • A year later? • A decade later? • Could you get it back? • From current backup tapes? • From 10 year old backup tapes?

  25. Huge USB Drives • Storage is cheap - $US 1700 for 8TB • A large Hydstra system is 2GB • 8TB drive holds 4000 copies • One a day for 11 years • One an hour for 5 months • Much more if you only save changed files • HYCLONE can write to dated folders • Retain evidence of system statefor court cases etc

  26. Scheduling Backups • To be really sure you have a clean backup or clone all users must be off the system • Use timeouts in HYCONFIG • MTIMEOUT • WTIMEOUT • UTIMEOUT • Shut down long running processes with /K • SVRIMP /K • SVRRUN /K • HYXPLORE /K • Prevent HYXPLORE start

  27. Scheduling Backups • If necessary, terminate remaining processes with prejudice • TASKLIST shows running tasks • Shut down programs with TASKKILL • TASKKILL /FI "IMAGENAME eq hy*" • Easy enough to forcibly script a shutdown of all Hydstra processes • Then run backups, clones etc • Restart systems with a Scheduled Task

  28. Rebuilding Hydstra Systems • Restore backup to new server, mount as same drive letter if possible • Re-apply permissions down the Hydstra tree • Register HYDLL on clients (including Citrix server) • Install Foxpro ADO drivers on clients (including Citrix server) • Ensure TEMPPATH tree has full permissions

  29. Testing • The best laid plans ... • Test your backups • Ask IT to recover a specified file from backup every month or so • Think!

  30. Security, Backup and Disaster Recovery Peter Heweston - August 2009

More Related