Backups represent your last resort when security controls fail. Yet backup security receives minimal attention until ransomware attacks compromise both production systems and the backups organisations expected would enable recovery. Attackers specifically target backups because they understand backup compromise prevents recovery. Organisations test backup restoration regularly but rarely assess backup security comprehensively. They verify technical ability to restore whilst ignoring whether attackers could access, modify, or destroy backups during attacks.
Critical Backup Security Controls
Air-gapped backups that attackers can’t access from compromised networks provide essential protection. True air-gapping means physical separation or network isolation that prevents any electronic access to backup systems. Backups accessible through network shares don’t qualify as air-gapped regardless of access controls. Immutable backups prevent modification or deletion even by administrators. Ransomware operators with compromised administrator credentials can delete normal backups through legitimate management interfaces. Immutability removes this capability by making backups write-once at the storage level.
Expert Commentary
Name: William Fieldhouse
Title: Director of Aardwolf Security Ltd
Comments: “Backup security assessments routinely find backup systems accessible from compromised networks, backup credentials stored insecurely, and restoration procedures requiring access to encrypted production systems. Organisations discover during incidents that backup security they assumed existed never actually deployed.”
Implementing Secure Backup Practices
Encrypt backups properly with keys stored separately from backup data. Backup encryption means nothing when attackers access encryption keys alongside backup files. Key management makes encryption effective rather than performative. Monitor backup integrity continuously rather than discovering corruption during restoration attempts. Hash verification, test restores, and integrity checks reveal backup problems before crises when you need working backups immediately.
Regular web application penetration testing should include backup security assessment. Testing whether compromised systems can access or modify backups reveals protection gaps before attackers exploit them.
Test backup restoration under adversarial conditions. Don’t just verify you can restore files; verify you can restore when attackers control production infrastructure, encryption keys are unavailable, and documentation lives on encrypted systems.
Working with the best penetration testing company includes realistic backup security testing that simulates actual ransomware scenarios.
Backup security requires treating backup infrastructure as critical security systems rather than IT operational tools. The protection level backups receive should match the value they provide as your last defence against catastrophic data loss.
