-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, 15 Feb 2019 06:07:23 -0700 "@lbutlr" <krem...@kreme.com> wrote:
> On 14 Feb 2019, at 19:31, Grant Taylor <gtay...@tnetconsulting.net> > wrote: > > > > If VFE had backups stored off-site via something like Amazon Glacier > > with no normal in-band connectivity between the main systems and the > > backups, and the hacker went out of their way to delete the backups, > > I don't think I could hold /that/ against VFE. > > I believe that when you hold customer data you have an obligation to > have backups that cannot be deterred by accessing your systems. There > are many possible ways to do this, from a rsync process on another > machine that your network has no write access to that is able to login > and do a backup, all the way up to services like backblaze or Arq that > will (or can) keep differential backups for you. <snip> You mean like this? rsync -cav --delete /current-empty-part s...@backup.com/very-safe-backup :) These things need more thought. And no, a purposeful attack could overcome even Kevin. His servers could fall to the attack that took vfemail. The guy said that passwords and exploits of some sort were used. A root password to where the VMs are hosted and backed up would be critical. Unless you're doing something clever, Kevin. Sincerely, David -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEL2N7+xWmVOJDQxWGm3XCrhg2YP8FAlxncU4ACgkQm3XCrhg2 YP8xoBAAq21cs8x+nr9lHtQ2e03Pzvd/3abNGFii04ouJhFF6NfMz1cgeyB9056b bAuJ9YUHmY3lsDl51ZsMh0JVuVRq+VjPBHawxvzt9WuiXsGPPuyJr+7uyLYIZpa+ AjIWpA+ng2B9574DggBpPPlFZMkxEwysjaBFAScc/Es2TCDXjw8Z44E9fAlGV7vj 2IVC21dzhrbdbcKx/ZlNBV6Xs4t6s/ihlgS1odo/X6OuQsAvqJidLU81O36iYHDf Rg8VI9HtSzZHrkXLM2K9R5MXCJQCFlYHaKNd/h5vdrOWqWFh/V9oxf/iZY25oy7l wYsLNbF4TSfsmQ13Nk10FkVkVz2b9mVFAMqvmcR1Be/sreiy70B3DguDT64JUe/n 2uKxXkw5fetesjlwP7cRveRh1hFWhrYGXPlbemwUvQ4XmvUtJacbht2/XoPt4TKz OYOkIoT1D9aaKA5lhEU6eaDjaCI54RdXo7rQiwzU0bqNiPhkcIhGUJtQEip2noFQ W5awVVRERykeFHxcbLBHtJKt02Fk/3ONqsTb+7xbr5wlIRRAdSgiL0Y/efZz3BGe 5YrJ9F89BZci1TjZed1d4jl2Zs2g4kIzvO8OxsAmmPnkTZ14zerh2psrm1Vt2SzO rn7rY9lseKbP5iiFqT6GQxKVzSRbgOrB0sTi93iBVmFAeKKLY8I= =14si -----END PGP SIGNATURE-----
