Securing Backups in Microsoft SQL Server
Backing up database without password contains several vulnerability of disclosing the confidential information. The reason that any database can be restored at any location makes this problem more serious. You can check it out by creating a Backup of your database and restoring it in some other machine. The information stored in your backup media also get disclosed by - Restore filelistonly or Restore headeronly options. Backing up a database without supplying password could lead to several anomalies that no company would like to suffer.
Some common problems concerned -
(1) Disclosing of company information, such as customers, policies and future plans.
(2) Disclosing of contact information or accounts information especially in case of Bank or Insurance companies.
(3) Disclosing of structure of the storage pattern of the company.
(4) Utilization of future plans by rival companies.
These are common problems, but there are numerous specific problems that could be faced. Let's have an estimate of some reasons why backup set must be password protected -
(1) Backups in Tapes is not kept in a secure manner.
This is also recommended to store all the backup off-site. In such cases where your company stores Tapes off-site, there could be some physical security problems of there storage. There are cases when disgruntled employees have sold these tapes to rival companies to gain better perk and confidence in rival companies. As you all know, each company wants to know the structure and pattern followed by other company. A employee of company may be unfaithful and he can damage some information. But damaging some data is not a big issue than selling or disclosing information.
(2) Backups can be sent as e-mail or uploaded.
This problem is not hidden to anyone. Your company firewall may be strong, but Thumbnail drives can anytime be applied in USB port and data can be transferred. Thumbnail drives are nowadays in fashion also. Anyone can have a 1GB to 10GB of such thumbnail drives. The important thing to notice about thumbnail drives is that they do not require installation. Just plugging into USB port and computer shows a Removable media and then copy and paste of files. This is so easy to do that a newbie can do this.
How to provide security in Backups ?
This only requires to add an option of password to make your backup set password protected. The advantages of providing password in backup are -
(1) Restore Filelistonly, Restore Headeronly commands does not disclose the backup information.
(2) If you want to restore from media, error is generated by SQL Server.
The following commands can be used to provide a password. I assume that you have a backup media and backup device name 'backup01'.
Statement#1
Backup database Northwind to backup01 with password='secretpass'
Now, let us have a test on this and see what SQL Server says when password is not provided.
Restore database Northwind from backup01
Server: Msg 3279, Level 16, State 2, Line 5
Access is denied due to a password failure
Server: Msg 3013, Level 16, State 1, Line 5
RESTORE DATABASE is terminating abnormally.
This was an error with severity level 16. That means it's working. Now, let us have a look on restore related commands that produce some information.
Restore Filelistonly From backup01
Server: Msg 3279, Level 16, State 2, Line 5
Access is denied due to a password failure
Server: Msg 3013, Level 16, State 1, Line 5
RESTORE DATABASE is terminating abnormally.
Again the same error. In this way, we may conclude that this approach is easier to create this. Some other options can also be provided like media name, media description and media password.
Media Name, Media Description and Media Password
There are some differences in directly applying password while backup and using media name. When you are using following command while backup.
Statement#2
Backup database Northwind to backup01 with medianame='Set-1' , mediapassword='passwd'
This would create password for backup01 and once it was done, you get the same error Msg 3279 while you execute the following command on the same media.
Backup database Northwind to backup01
So, when your provide password for the media, you can not backup any information into media unless you provide password. After the Statement#2 you need to provide password for other backups.
Backup database MSDB to backup01 with medianame='Set-1' , mediapassword='passwd'
The statement executes successfully. This is the actual difference in using 'with password=' and 'with medianame' case. After executing Statement#1, you can use the same for other backups without mentioning password or mentioning different passwords.
Conclusion
This is all about providing protection for passwords. There are many other things to research in the same scenario and I would like to share my ideas when such studies are complete. Overall, my aim was to open your eyes that backups are not only to secure your data, but due to carelessness this may lead to leakage of information. In my opinion, disclosure of important information is more serious matter than loss of information. So, awareness is important and there is a little effort to apply in securing your backups.
Other Articles
The Significance Of Data Recovery And Offsite Backup In Today's Business World The question of data recovery comes to mind when an enterprise, with much larger volume and several business centers across the globe, loses its valuable data at one of its centers from a natural disaster like the recent Katrina hurricane, earth quake, flood or a terrorist attack. An organization’s data is considered to be its most vital asset ...You Have To Love It All The Latest Devices Available On The Market Today Lexar Jump Drive Mercury You have to love it all the latest devices available on the market today. Especially all the jump drives and memory sticks that can make your life so much easier these days. As a woman I don’t like any complicated devices. I do use memory sticks on a daily basis and I like to check out all the new devices o ...Disk Recovery Software Disk recovery is the process of retrieving deleted or lost files. Files that are deleted using the 'shift-delete' function bypass the recycle bin and are erased from the operating system's memory. Files may also be lost due to power blackouts, computer viruses, and through unwanted, careless deleting or formatting.Deleted or lost files ca ...Keep Your Computer Healthy By Repairing Windows Registry Windows Registry is a database used by Windows operating system to store hardware and software configuration information. Computer problems are often caused by invalid key entries in the registry. Anyone with Administrator privileges can edit the Registry by using the registry editor (regedit.exe) that comes with the Windows operating system. Ho ...Server Racks A "rack" is designed to hold items, and it is usually on a two-post or four-post frame. So a server rack is a frame that contains server components. The new server racks are designed to hold the servers and also to cool them and other electronic equipment by allowing air to flow in a front-to-back direction.Server racks come in various sh ...Computer Hard Drive Recovery Ideas If you have never faced the loss of data, you still need to take precautions that your server, hard disk or RAID stay in good health. Also, you need to have some sort of plan in mind to help you in case there is any problem. Data losses, if and when they happen, take time to amend and may be expensive The primary symptoms of data losses are: ...Hey Folks We Need Backup Here - Quickly You know that you should back your data up. But you still don't because you don't know what to get. Here is the overview of four budget backup solutions that I've personally used and can vouch for.Acronis True Image 8.0 (Acronis)Acronis True Image allows you to create an exact disk image for complete system backup and disk clonin ...Top 7 Reasons You Should Back Up Your Data Online! How much is your data worth to you? In this modern electronic-age we rely more than ever on our computers to supply us with the information we need. Chances are every piece of data you might ever rely on to make an important decision has been reduced to a digital format and resides somewhere on your computer's hard drive. Improved functionalit ...Why It Is Essential To Back Up Your Computer Hard Drive On A Regular Basis No matter who you are, proper data back up is required. Whether you work at home, work for a huge conglomeration, or work for a tiny store, having current data back up files can keep your business from failing during a hard drive crash.Businesses are not the only things that would suffer. Can you imagine life without your email addresses? ...Top Strategies to Maximize the Life of Your Hard Drive If I asked you the question: which part of your computer is the most fragile, what would you say? What if I asked: which part is most important to you?Often, the answer to both of these questions is your Hard Drive. Your hard drive is likely one the most important things you own. It contains work data, school data, emails, photos, ...Software That Takes Care Of ... Other Software What's housekeeping software? It's software that takes care of your PC and everything recorded on that hard-drive. If that's what you need, make sure you consider these titles.HandyRecovery 2.0 (SoftLogica LLC)As you might expect, data recovery and undeletion software is a very popular thing. Next to antivirus software, a firewal ...Offsite Backup Services are Essential Although you may not list it in on your IRS form, information is your business' primary asset. From your customer database to your financial records to your proprietary product information, information is the key element to maintaining both the day-to-day operations of your business and its long-term viability. Unfortunately, as the sop ...PC Diagnostics - Step by Step Computer diagnostics help you to identify different problems and failures that any computer may present in any given moment for an apparently unknown cause. PC diagnostics test the system, including memory and BIOS, the software and the hardware by means of PC diagnostics software designed specially to do this task.Common problems occur w ...Disc and Data Recovery Data Recovery is probably the last thing on anyone's mind when they buy a computer. Most of us never think something will go wrong until it's too late. Data recovery or Disc Recovery services is something we hope we will ever have the need for.Whether your computer simply crashes or you accidentally delete software that is important or im ...Disaster Recovery Made Easy With Online Backups Whenever disaster strikes the most critical asset that every company should have protected from sudden loss due to fire, flooding, or theft is their data. No matter what happens to your hardware you can be sure to be able to be up and running no matter how sudden or how severe your damage or loss is — if you use an online backup system.O ...Data Recovery Methods Sometimes, due to unforeseen occurrences, it may become necessary to recover information from your hard drive. For instance, you computer may encounter problems and you need to recover documents. In many cases such data retrieval is quite possible. So, how exactly does data recovery work?Specialists in data recovery will take your har ...Data Backup - Do I Really Need It Data Backup- Do I Really Need It ? Copious uncertainties revolve around in your mind when it comes to hoosing a data protection solution i.e. Data Backup. You might have bunched up a series of questions relating to Data Loss. What if I lose my information after flood, fire or power outage strikes, or my hard drive crashes ...Document Data Entry Scanning Managing records or documents is a key task in every business. It involves identifying, classifying, storing, circulating and disposing of documents among others. Each of these activities involves multifarious, minor tasks that are often time consuming and costly. This is not such a problem these days though because computers and other technolog ...Hard Drive Recovery Equipment Today the world revolves around the computer. From homes and offices to schools, airports and hospitals, computers have become an integral and indispensable part of our daily lives.One of the foremost uses of computers is data storage. Data stored on the computer resides on a physical memory disk known as the hard drive that is a layer of ...How on Earth do Companies and Organisations Lose Data? Browsing the web I became engrossed with the concept of data backup and data loss. There is almost an almost unlimited amount of information covering subjects such as how to keep computer and server data secure, how to back-up data, how to restore data, how to replicate data, who will remove your backup tapes to an remote location, which compa ...Computer Diagnostics for Improving PC Performance and Recovering Lost Data We visit a doctor when we’re ill or just for regular checkup. Computer diagnostics software is like a doctor for your computers. We performance routine diagnostics for regular maintenance of computer or investigate the causes of computer problems whether they’re performance issues or lost data. PC diagnostics is intended to help users understan ...
|