Backups are a good thing. Obviously! But they're important for much more than restoring a file deleted accidentally.
When ransomware attacks, it sets out to cause as much disruption as possible. Often, the only escape (other than paying the ransom) is to restore all systems back to some clean state before the attack occurred.
That's never going to be a trivial task, but it depends on those backups being available and being safe. If an attacker gets access to your backup management system, the backups cannot be trusted. The backups could be exfiltrated or damaged, so they re-infect systems (or worse) when the backup is restored.
It's no wonder, then, that the National Centre for Cybersecurity (NCSC), has highlighted the risk and made specific recommendations on protecting backups and backup systems.
A key recommendation they make concerns management of the privileged access to the backup systems. As I said above, if you can't protect those systems, you can't trust the backups.
Ideally, backup accounts and solutions should be protected using Privileged Access Workstations (PAW) and hardware firewalls to enforce IP allow listing. Multi-factor Authentication (MFA) should be enabled, and the MFA method should not be installed on the same device that is used for the administration of backups. Privileged Access Management (PAM) solutions remove the need for administrators to directly access high-value backup systems.
Many organizations have invested in enterprise-class backup systems such as Commvault, Veeam, Veritas and others. That's obviously a good thing, but it doesn't matter how good the backup system is, they should all be accessed via a PAM system. Osirium PAM, the leading Privileged Access Management solution, already has integrations with these systems . You can see an example of it in action with Veeam in this demo (although it could have been any backup system) using both the management console and via a web browser.
In the demo you can see the key aspects of PAM being used with the backup system::
If you'd like to know more about Osirium PAM and how to protect your critical backups, please get in touch.