Is Backing Up Your Computer Protection Or Remediation?

[Digmor Crusher]

Many say that regular backups of your computer is the best protection that anyone can practise. I disagree. A backup does not prevent you from getting malware. Once you get malware it can restore your computer so that the malware is gone, but this is not protection. What happens if you get a data stealer and its 10 minutes before you are aware, all your data is stolen, you can restore a backup to get rid of it but this does not prevent your data being gone. How is this protection? A backup can only remediate after the infection.

 

[Trident]

Many say that regular backups of your computer is the best protection that anyone can practise. I disagree. A backup does not prevent you from getting malware. Once you get malware it can restore your computer so that the malware is gone, but this is not protection. What happens if you get a data stealer and its 10 minutes before you are aware, all your data is stolen, you can restore a backup to get rid of it but this does not prevent your data being gone. How is this protection? A backup can only remediate after the infection.

A backup only takes care of 1/3 points mentioned in the CIA triad:
X Confidentiality
X Availability
-> Integrity

So a backup can’t be considered total security but is part of a more complex routine.

 

[monkeylove]

There's also data theft.

 

[Arequire]

Sure you aren't conflating backing up your data with backing up your system? Backing up your data is a form of protection, backing up your system is a form of insurance and, if infected, affords the ability to remediate.

 

[bellgamin]

What happens if you get a data stealer and its 10 minutes before you are aware

You hit the nail on the head!

Even though I frequently image my system to an external drive, data theft is my greatest concern. I always set my firewall up to ensure it's "default-deny" on connect-outs. That added layer of security is okay for a medium-risk user like me. However, it is far from bullet-proof.

High-risk users need to take added but PITA precautions, such as encrypting sensitive files and employing extremely strict user access contols. Even so -- "There never was a cowboy that couldn't be throwed."

As to "remediation" VERSUS "protection" -- I have to agree that backing up is remediation. However, as Willy Shakespeare likely would have written (if he were a member of this forum):

Ah, beloved back-up,​

‘Tis but thy name that is my enemy;​

Thou art thyself, though not a Protection.​

What’s Protection? It is nor hand, nor foot,​

Nor arm, nor face, nor any other part​

Belonging to a back-up.​

​

O, be some other name! What’s in a name?​

That which we call a rose​

By any other name would smell as sweet...​

(adapted by bellgamin from "Romeo & Juliet," Act 2, Scene 2 )​

​

​

 

[HarborFront]

Backing up has its usefulness (rollback after ransomware attack, rollback if system not performing properly, need to remove a software and its registry remnants completely etc) but it cannot prevent data theft........that's its weakness

IMO, to minimize data theft, you should run your browser in a VM/sandbox to

1) read email attachments
2) surf the net
3) open apps for downloaded documents and movies

In addition, you need to

1) have a strong AV/AM to detect and remove data theft malware
2) encrypt the data
3) block unauthorized outgoing connections in the firewall.
4) store data offline

Scanning with your AV/AM before backing up helps to prevent the data theft malware from being backed up. In the recent Meduza Stealer case too bad most AV/AM fail to detect it except ESET

For effective scanning uae

1) the main AV/AM
2) a different on-demand scanner

Instead of pre-scanning you can also do a restore scan with Veeam, the commercial version, which allows scanning as you restore your backup.

 

[Sandbox Breaker]

Offline encrypted backups. I'm running ChromeOS so not really worried about ransomware. It's more for the private, secure storage of my data.

 

[ForgottenSeer 97327]

My take, image backup is rollback remidiation against software bugs. Data backup is my protection against phisical damage (hardware failure, PC theft, house on fire, water damage, after all half of the Netherlands is below sea level). I never considered it protection.

This is why I use online image and quick data backup (local, not cloud) and have an off line backup in our runaway bag of our personal data (some documents, but mistly hokiday pictures and mivies).

I think my desktop and my wife's laptop protection is so strong it can't be bypassed with common malware (and I can't imagine to be ever attacked by professional hackers).

My biggest worry was our (Samsung) mobile phones, which we used often for 3 years. Luckily my A53 and my wife's A54 should get 4 years of updates, so that aspect is covered.

I backup data of all devices (phones included) twice a year to a USB drive. On top of that I copy important data to OneDrive (like invoices of costly stuff, insurance policies, copies of contracts and certificates) and important mails to a gmail account I have for that purpose only). We have stripped phone apps from all unnessecary permissions and reduced background and internet activity so much that I have 4 days battery life on my A53 and my wife 3 days on her A54.

 

[kylprq]

for filesystem; yes, for user credentials; no
decent protection obsoletes backup except hardware failure.