On 10/21 05:01 , ED Fochler wrote: > > aren't you increasing the exposure of your production system X2 by giving > > another backup process access to it? > > Yes. And it's the right thing to do. Because a production failure with > rapid recovery is manageably bad. Having your production and backups > encrypted by ransomware is a business-ending catastrophe. I have an > explanation, but if that much makes sense to you, you don't need to read on. > > ED. > > > Redundant systems generally increase the likelihood of nuisance failure, but > decrease the likelihood of catastrophic failure. This case is no different. > By having two separate backup servers in different locations, maybe with > different admins, you are exposing the primary machines to double the risk by > having 2 independent methods of access. Assuming your risk was near zero, > doubling it shouldn't be so bad. So yeah, there's a greater risk of > potential disruption by having multiple methods of access. x2. Also x2 > network bandwidth. > > Assuming the risk of having your backup server compromised is near (but not > quite) zero, then you are looking at a non-zero chance of everything you care > about getting mangled by a malicious entity who happened to crack a single > machine. That's a non-zero chance at total, business-ending failure. Having > a separate backup enclave means that killing production and backups > simultaneously would require 2 near-zero possibility hacks occurring in rapid > succession. 0.0001^2 > > So the risk of simple failure, with reasonable recovery is twice as likely. > But the probability of production and backups getting destroyed at once goes > down exponentially. Other solutions that are similarly over-cautious in > industry include tape backups going into cold storage, mirrored raid sets > with drives that get pulled and stored in safety deposit boxes, etc. It may > be overkill, and that's your call. I will continue to suggest it though. > Hacking and ransomware are growing problems. Single backup solutions guard > well against accidents and hardware failure. To guard against mischief and > corruption, you want two, and you want them isolated from each other. > Perhaps from different vendors or using different technologies. > > Thank you for reading. I am recovering from back surgery and find > myself with more free time than usual. :-) > > Ed the long-winded self important explainer and promoter of security > practices.
Ed, thanks for posting that. I will save it, edit it, and repost to customers when the time is appropriate. :) -- Carl Soderstrom Systems Administrator Real-Time Enterprises www.real-time.com _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
