this post was submitted on 21 Aug 2024
381 points (97.7% liked)

Cybersecurity - Memes

1975 readers
2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
 

Who could have guessed that having tested, well protected and current backups help when dealing with cyber security incidents?

top 25 comments
sorted by: hot top controversial new old
[–] henfredemars@infosec.pub 36 points 2 months ago (1 children)

We have critical customer data on servers that are not backed up. Our contracts specify liability if we lose that data within 6 months in the millions. Management won’t allocate funds for a backup strategy and hardware to store the data, but I keep rainy day copies on one old laptop and a prayer.

Ain’t my pig, ain’t my farm. I just work here.

[–] criticon@lemmy.ca 10 points 2 months ago

Meanwhile my previous company had a warehouse dedicated to paper backups. We had to work together with a huge team to find and destroy everything older than 10 years (the max we are required to store)

At the end the remaining documents could be stored in a single cabinet

[–] aodhsishaj@lemmy.world 36 points 2 months ago (1 children)

But backups are expeeeeeeeehhhheeehhhheeeeennnnnsssssiiiiivvvveeeee

[–] cron@feddit.org 28 points 2 months ago (3 children)

You know whats even more expensive than backups?

Show answerNot having backups

[–] hydroptic@sopuli.xyz 18 points 2 months ago

But but but making proper backups is expensive in this quarter!

Not having them might be more expensive at some point, but have you considered that skimping on backups will also allow the C-suite and the board to buy more yachts, cars etc. ???? Why will nobody think of the poor rich people

[–] slazer2au@lemmy.world 10 points 2 months ago (1 children)
[–] cron@feddit.org 8 points 2 months ago

Combining the cost of backups with little assurance. Perfect 💪

[–] aodhsishaj@lemmy.world 8 points 2 months ago (1 children)

Can you come speak at my company?

[–] cron@feddit.org 20 points 2 months ago (1 children)

Best I can do is creating more memes. But feel free to use them for your advantage.

[–] aodhsishaj@lemmy.world 7 points 2 months ago

Lol. That's going directly to the slack

[–] saltesc@lemmy.world 15 points 2 months ago (1 children)

Fuckin network drives, man. And the guy that set up the infrastructure left in 2004.

[–] cron@feddit.org 3 points 2 months ago (1 children)

Does this stuff really run on 20y old hardware? Hard to imagine that this hasn't been lifecycled twice since then.

[–] aodhsishaj@lemmy.world 4 points 2 months ago (1 children)

Place I left 10 years ago is still using an old IBM s390 and doing backups to tape.

Banking infra is weird bro.

[–] SkunkWorkz@lemmy.world 2 points 2 months ago

Tape is OG especially for long term storage.

[–] HeyJoe@lemmy.world 10 points 2 months ago (2 children)

Of all the things our company does badly, I can actually say backups are pretty close to perfect! They are monitored closely for issues since they run all day every day and are tested quarterly to make sure they work. They also have to since it's part of the yearly audit. Also, they have saved us numerous times from little things like people deleting stuff to full system restores due to bad changes. Thankfully, we never needed them due to our company being compromised... and really hope we never do.

[–] skittlebrau@lemmy.world 11 points 2 months ago (1 children)

Meanwhile at the place I used to work, my boss had a single hard drive holding 10 years of unencrypted client data that he expected me to use day-to-day for live tasks.

[–] Gork@lemm.ee 4 points 2 months ago (1 children)

What a cybersecurity nightmare!

[–] skittlebrau@lemmy.world 2 points 2 months ago

I forgot to mention, all of the client passwords for things like web hosting and social media accounts were in a plain text Word document too. The boss didn’t think there was anything wrong with this.

[–] lud@lemm.ee 3 points 2 months ago (1 children)

I hope you are protecting your backups really well too

[–] HeyJoe@lemmy.world 5 points 2 months ago

Yup, 2 copies all encrypted. 1 copy kept Onsite and 1 copy kept offsite, and then 1 copy sent to long term storage offsite after 3 months (i forget how long we keep them in long term storage). 1 backup every 24 hours. If the server hosts a dB it also has its own set of maintenance rules with full and incremental changes going from 1 hour down to 15 min depending upon its usage and importance. The storage used is insane but it's required for our area.

[–] 5oap10116@lemmy.world 6 points 2 months ago (2 children)

My company got hacked and it took about a month to restore all the backups. During that time, we were using mobile hotshots and passing around flash drives. After that, everything essentially returned to normal aside from making sure all the offline work got where it needed to go. We did not pay the ransom

Asking someone familliar with this stuff ont he IT end: Does it sound like my company was prepared aside from getting hacked in the first place?

[–] cron@feddit.org 6 points 2 months ago

Hard to judge from the outside, but I would say you were prepared (with room for improvement).

  • You had working backups
  • Your backups were well protected
  • You did not pay the ransom
  • You were able to work with the limited tools you had
  • And everything restored within one month.

Companies that are not well prepared:

  • Have no backups or their backups encrypted, too
  • Are not able to operate during the recovery phase
  • Pay the ransom
  • Have no plan in what order to restore stuff
  • Are impacted even one year later ... or go bankrupt.
[–] TexMexBazooka@lemm.ee 1 points 2 months ago

No, you didn’t meet a reasonable RPO, which is the amount of time between the security incident and a full recovery. Usually with full backups the goal is to get everything back up and running within 24-48 hours, which is pretty much only possible if you have adequate backups to take a “nuke it and rollback” approach

[–] homesweethomeMrL@lemmy.world 3 points 2 months ago* (last edited 2 months ago)

DR Chief: We must run a company wide test at the end of next month

Executives: Yeah, nah.

[–] Rai@lemmy.dbzer0.com 1 points 2 months ago

Very relevant video!

(Ignore the over-the-top intro if that’s not your thing, the actual video is a fellow talking about things like game companies getting randomwared by Russians)