For one thing, backup contains copies of data from all other applications, making it a prime target for
            cyber attacks.

            The backup environment is also incredibly complex. Even small backup environments have numerous
            components,  and  in  larger  organizations  and  enterprises,  the  number  of  software  and  hardware
            components and the interactions between them is staggering. Each component typically requires access,
            creating  multiple  potential  vulnerabilities,  even  in  security-hardened  operations  that  use  zero-trust
            methods like multifactor authentication.

            Unfortunately, no organization is immune, as we saw in a recent attack against a large company with
            well-secured IT operations managed by an experienced provider. Even though the company did all the
            right things, it still lost its backup catalog, rendering data unrecoverable. This example highlights the
            difficulty in securing backup, especially since many backup products weren't designed to fend off cyber
            attacks.



            Why Zero Trust Alone Can’t Secure Backup

            Zero trust is crucial for improving cyber protection and is widely recommended for securing infrastructure
            and data. Everyone should use it wherever applicable. But backup and recovery environments need more
            security than zero trust can provide. That’s because zero trust has some limitations.


            1. Access is access: While zero trust makes access more difficult, the goal is still to grant access, which
            can be exploited if credentials are compromised. This is an unacceptable risk for backup systems.

            2. Multiple components = more vulnerability: The numerous components in a backup environment all act
            as potential attack vectors. Security is often managed separately for each component, thereby increasing
            the challenge.

            3. Inconsistent vendor adoption: Not all technology vendors fully embrace zero-trust principles in their
            product design and management. Even backup vendors that offer advanced security features typically
            can’t extend these protections to all components in a backup environment.

            4. Framework flaws: Legacy code and architectures could contain hidden vulnerabilities that zero-trust
            methods might not recognize. For example:

               o  SSH and OpenSSH, designed as secure replacements for remote login protocols, can serve as
                   backdoor entries into some backup products.
               o  Log4j, commonly used for monitoring and logging events, has been the target of attacks like
                   Log4Shell,  which  exploits  openings  in  the  software.  Patching  these  vulnerabilities  across  all
                   systems remains a challenge.

            5. Lack of cyber resilience for backup: Originally designed to counter hardware failures and human errors,
            backup now plays a crucial role in recovering from cyber attacks. To be truly cyber resilient, backup
            environments need advanced protection that is designed to withstand sophisticated attacks and maintain
            integrity when other systems are compromised. Zero-trust methods don’t do that.







                                                                                                            122