World Backup Day

Uploaded on 2023-03-29 in TECHNOLOGY--Resilience, FREE TO VIEW

Friday, March 31 is World Backup Day when cyber security professionals unite to urge everyone to make backups. For several years, World Backup Day has been marked on the last day of March. The concept was developed in order to raise awareness of the importance of maintaining regular, secure data backups.

What are the types of data that are often overlooked, the loss of which can lead to serious consequences? Here we focus on a types of data often overlooked but shouldn't be.These include backing up data from GitLab, GitHub, Bitbucket and Jira.

DevOps Backup

If an organisation uses DevOps tools like Jira or version control systems like GitHub, GitLab, and Bitbucket, these data are essential intellectual property. Thousands of hours and dollars are invested in creating, supporting, and improving these projects. Around 70% of DevOps teams release code continuously, even once a day.

For most organisations, losing such valuable data and the work of thousands of developers can be devastating, leading to unimaginable costs and even bankruptcy.

According to The GitLab 2022 Global DevSecOps Survey, concerns about security have never been higher with 43% of security professionals feel "somewhat" or "very" unprepared for the future. This is why it is important to consider DevOps backup as a step towards building security ownership across the DevOps team.

The Constant Threat Of Ransomware

Backups are critical for businesses, particularly given the constant threat of ransomware. Research from Osirium found that despite 98% of respondents saying they were aware that backups are a target of ransomware attacks, over half (56%) do not keep offline backups and only 35% take extra precautions to protect access to backups and backup management systems.

"Unfortunately, some businesses have become reliant on automated, online backups. This is a huge risk, as in the event of a ransomware attack, the backup system will faithfully take copies of the infected data and render the backups useless" says James Nadal, Senior Content Manager at Osirium. "A multi-layered approach to managing these systems is needed by not only keeping offline backups, but protecting access to the backup management system and related backup files, which is critical to prevent infection." Nadal advises.

Reasons To Backup DevOps Data

Until recently, convincing teams and superiors that even if their code is hosted by reliable companies like GitHub, GitLab, or Atlassian, it could still be lost or unavailable, was one of the toughest jobs for a CISO. However, an Atlassian outage lasting two weeks which affected hundreds of organisations demonstrated that this problem needed to be fixed.

Companies now require a backup plan to minimize the impact of service outages and workflow interruptions.

In addition, ransomware poses a significant threat to DevOps, with an estimated attack attempt every 11 seconds this year. Cybersecurity Ventures predicts that cyber attacks will cost companies $10 trillion annually by 2025.
Although awareness of attacks against cloud services and SaaS tools, including GitHub, GitLab, and Atlassian products, is increasing, companies need to implement solutions to mitigate attacks and minimise their effects.

Human mistakes, hardware failures, and software errors also contribute to the need for a backup plan.

Furthempre, having software to back up critical data, including source code, projects, and DevOps tools, is a requirement for respected security certifications such as SOC 2 or ISO 27001. Failing to comply with these regulations could result in legal issues, making it even more critical for companies to prioritise backup solutions.

The need for data protection, backup, and long-term retention is also enshrined in the shared responsibility models that all cloud service providers operate on, including GitHub, GitLab, and Atlassian.

The technology vendor Crucial has done research on the ongoing cost of data breaches and their key findings include:

The US the data theft capital of the world, outranking South Korea, Canada, and Australia.

75% of Americans were worried about having their personal, credit card or financial information stolen by hackers, while only 40% were afraid of being robbed.

California is the state with the largest cybercrime losses of $1.2B

Russia was the most targeted country in 2022, with more than 50,000,000 breaches in the first three quarters.

France was the country with the second highest data breach density.

The UK experienced an 8.1% uplift in the cost of data breaches.

DevOps Backup

Most IT professionals haven’t got dedicated tools for DevOps backup. They use scripts or a traditional file backup of their local machines, although time-consuming, expensive and is no guarantee that data can be restored. To address this issue, automatic backup solutions for DevOps tools should incorporate industry-specific functionalities, such as full data coverage, the ability to make full, incremental, and differential copies. Additionally, these tools should include best-in-class security features such as encryption, SAML integration, and ransomware protection.

Most importantly, the backup solution should enable DevOps to restore data instantly to support everyday operations and provide Disaster Recovery and Business Continuity technologies in the event of major failures. This should include the possibility of cross-recovery for immediate data migration between service providers like GitLab, GitHub and Bitbucket.

GiTProtect: GitProtect: Crucial: Lifewire: Image: Oakozhan

You Might Also Read:

How To Optimize The DevSecOps Pipeline:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.