Page 57 - Cyber Warnings
P. 57
Yet Another Case for Viable Back-Ups and Testing
Mistakes Happen
by Charles Parker, II
InfoSec has the distinct tendency to be a very taxing and stressful, at the most inopportune
times, field to work in. There are the usual deadlines, budgetary constraints, labor hour
limitations, internal politics, vendors calling and/or emailing, and the inevitable compromise or
successful phishing campaign at 3:50 Friday afternoon or 3:30 Tuesday morning.
Murphy’s Law has been very active in InfoSec for some time. These moving parts must be
considered and scheduled to continue the forward movement, while maintaining the in-depth
defensive posture against the attackers from across the globe.
This balancing act is manifested with the user multi-tasking. The human experience only has so
much attention to apply to all the projects. With a greater number of projects, there is less
attention to each applied. With this, all it takes is one oversight and there may be a massive
time-consuming issue to resolve.
One area of operations that has become increasingly important are the back-ups. Back-ups
have been very useful and a beneficial tool on many different fronts for the business and
Admins, e.g. a user deletes an email or sets of emails, hardware errors, users being
ransomware victims, and other use cases.
In general, this is a prudent practice and an industry standard. The Admin never knows when
the data would be needed. This protocol is simply important. Not to utilize a back-up protocol is,
at the least, bordering on negligence.
With the back-up methodology, there are many factors to take into consideration, including the
timing and media. Also, as important is the testing. Without a robust test periodically, there is no
guarantee the back-ups are viable. Testing is not always done though.
At times, the Admin simply is too busy and accepts the output from the back-up application
stating the back-up was perfectly acceptable. Although this report may provide an artifact stating
all is fine, there may be an error. The dependence on this may provide the background for a
significant oversight and error.
GitLab
An issue was noted recently with GitLabs back-ups. GitLab is like GitHub, except with a
alternate focus of lab work. With this instance, an employee deleted a directory located on the
incorrect server.
57 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
