Backup and Restore Assessment

An independent security analysis and review of systems responsible for backup and restore.

A backup and restore process, is a last-ditch effort to help organizations survive a complete organizational disaster, where all online systems are rendered permanently unusable. However, knowing this, some attackers destroy or render useless an organization’s backup and restore system before launching their main attack? Therefore backup and restore systems also need to be secured against attack. Check the security level of a backup and restore system with a Backup and Restore Assessment. A Backup and Restore Assessment thoroughly analyzes, investigates, and tests the backup and restore system to ensure that any cracks in its defence are discovered and understood.

Value

  • Enables decision-makers to understand the cyber threats and risks to the organization’s backup and restore system

  • Operational insights into your current environments, along with recommendations for improvement.

Product

The deliverable of the test is a debrief workshop and a written report. The report contains the following:

  • A non-technical section with an executive summary for management and decision-makers.

  • A technical section including detailed observations and tangible recommendations Method.

  • In-depth insight and understanding of the security posture of your backup and restore systems.

  • Technical analysis and assessment of the backup and restore systems on the host, network, and application level.

  • Analysis and assessment of relevant procedures, processes, and guidelines in place, that may directly or indirectly affect any backup or recovery efforts.

Method

The assessment uses expert interviews and manual and automated testing. Specialist personnel are interviewed with the purpose of gaining an understanding as possible of the systems architecture, as well as the operational procedures and processes. The procedures and processes as well as the networks, hosts, and applications constituting the backup and restore system, are manually assessed to identify potential misconfigurations and vulnerabilities. In addition to manual testing, automated scans, and analysis tools are used to argue and automate where appropriate, to ensure that manual efforts are focused on the most critical aspects of the assessment

Involvement

Through a close dialogue we will, together, agree on scope and content.