[Novalug] VA Health records held ransom
Joel G
unician at speakeasy.net
Wed May 6 13:24:46 EDT 2009
Michael Hans wrote:
> Nothing surprises me anymore when it comes to backups,
> just last year I witnessed a rack with 7 USB hard drives
> sitting on top of a server. When I inquired about it
> I was told "6 are for incremental and the 7th is for
> a weekly full backup".
ethan at 757.org wrote:
> Odd, but no different than tape really.
Actually, it does seem worse. Most sysadmins wouldn't have
seven separate tape drives side by side, each with one tape
permanently mounted in it. This seven-disk case is exactly
the kind of setup that makes the original (health records)
problem possible: all of the backups are online at all times,
which means one remote break-in can destroy both the live data
and all of the backups, plus there is no provision for physically
taking any of the backup copies elsewhere beyond the length
of the USB cable, which means one small electrical fire (or one
flood from a faulty ceiling sprinkler) could kill all of the
equipment at once. Using some kind of removable media, they
really could obtain a useful improvement in data security by
just ejecting the tapes after use and storing them in another
room in a fire-resistant, water-resistant file cabinet.
More information about the Novalug
mailing list