All news with #backup security tag

🔐 Executives must treat cybersecurity and business continuity as a unified discipline rather than separate functions. Drawing on six years managing high-availability systems at Amazon, the author warns that attackers increasingly target recovery and backup infrastructure, turning outages into leverage. The article advocates network segmentation, air-gapped and offline backups, and integrated incident-response and recovery testing to protect operations and reputation.

🔐 AWS Backup now lets you encrypt logically air-gapped vaults with your own AWS KMS customer managed keys (CMKs). This gives organizations more control over key lifecycle, access policies, and compliance posture while preserving the security benefits of logically air-gapped backups. Support covers same-account and cross-account CMKs and is available in all Regions where air-gapped vaults are supported. You can enable CMK encryption when creating vaults via the console, API, or CLI.

🔁Amazon Web Services has expanded Amazon Keyspaces (for Apache Cassandra) to support Multi-Region Replication in Middle East (Bahrain) and Asia Pacific (Hong Kong). The managed capability automatically replicates tables across Regions with typically less than one second of replication lag, allowing applications to read and write the same table in multiple Regions. Customers gain lower latency, improved regional resiliency, and can replicate between these Regions and any other supported AWS Region while paying only for resources they use.

🔁 AWS Backup now supports a single-action copy of database snapshots across AWS Regions and accounts for Amazon RDS, Amazon Aurora, Amazon Neptune, and Amazon DocumentDB. This eliminates the previous two-step process and removes the need for intermediate copies, custom scripts, or Lambda automation. The change reduces operational complexity and helps achieve faster RPOs while removing costs associated with intermediate snapshot storage. You can use the feature today via the AWS Management Console, AWS CLI, or AWS SDKs.

🛡️ Amazon RDS for SQL Server now preserves Change Data Capture (CDC) settings and metadata when restoring native database backups. By specifying the KEEP_CDC option during a restore, customers retain CDC configuration and any captured change data, preventing gaps in ongoing data-capture workflows. This capability is available in all AWS Regions where Amazon RDS for SQL Server is offered and is documented in the RDS for SQL Server User Guide.

🗓️ AWS Backup now provides a schedule preview for backup plans, displaying the next ten scheduled backup runs and showing when features such as continuous backup, indexing, or copy settings take effect. The preview consolidates all backup rules into a single timeline so you can quickly identify overlaps, gaps, or configuration conflicts. This capability is available in all AWS Regions and accessible from the AWS Backup console, API, or CLI without additional configuration.

🔒 This buyer’s guide explains why organizations need comprehensive data protection platforms for hybrid cloud environments and which capabilities to prioritize. It highlights core requirements such as data discovery and classification, layered protections (encryption, DLP, immutability), continuous monitoring, and automated recovery to address ransomware, misconfigurations, outages and compliance. The guide also surveys market trends and leading vendors to help IT teams evaluate DPaaS, cloud-native and on-premises options.

🔓On September 17, security vendor SonicWall disclosed that cybercriminals exfiltrated backup files configured for its MySonicWall cloud backup service. The company initially reported the incident affected 'less than five percent' of customers but has since updated that all Cloud Backup users who used the feature are impacted. Stolen files include encrypted credentials and configuration data, which could enable targeted attacks despite encryption. SonicWall has published an affected-device list and a detailed remediation playbook for administrators.

🔒 Modernize disaster recovery and continuity with six practical steps for CISOs. Secure executive funding and form a cross-functional team, map risks and locate data across cloud, SaaS, OT, and edge devices, and conduct a Business Impact Analysis to define a Minimal Viable Business (MVB). Evolve backups to 3-2-1-1-0 with immutable or air-gapped copies, adopt BaaS/DRaaS and AI-driven tools for discovery and autonomous backups, and run realistic, gamified tests followed by post-mortems.

🔒 Microsoft has made Windows Backup for Organizations generally available, offering an enterprise-grade, opt-in solution to preserve Windows settings, user preferences, and Microsoft Store-installed apps. The capability is available after installing the September 2025 Windows Monthly Cumulative Update on Entra-joined devices and must be enabled by administrators through Intune or backup and restore policy settings. Backups are stored in Exchange Online in the tenant's selected Country/Region, are protected by encryption, and are accessible to Microsoft personnel only under strict oversight for troubleshooting or legal compliance, helping streamline migrations to Windows 11 during device setup.

💾 Amazon RDS for Db2 now supports native database-level backups that let customers back up individual databases within a multi-database instance. This enables selective migration of specific databases to other RDS instances or on-premises environments, and lets teams create isolated copies for development, testing, or compliance. By targeting single databases rather than full instance snapshots, customers can reduce storage costs and streamline operations. The feature is available in all Regions where Amazon RDS for Db2 is offered; see the service documentation and pricing pages for configuration and cost details.

🛡️ Modern disaster recovery and business continuity require a ground-up rebuild to address distributed data, evolving cyberthreats, climate-driven disruptions, and strict breach-reporting obligations. Key elements include executive sponsorship, standing interdisciplinary teams, AI-assisted discovery and classification, continuous and immutable backups aligned with a 3-2-1-1-0 approach, and the design of a minimum viable business to restore core functions. Frequent, gamified tabletop exercises and automated validation complete a resilient program.

🔔 AWS Backup is now available in the AWS Asia Pacific (New Zealand) Region, offering centrally managed, policy-driven protection for compute, storage, and database resources. The fully managed service supports immutable recovery points and vaults to guard against accidental or malicious deletions and to enable reliable restores after data loss. Customers can set up protection via the console, SDKs, or CLI and assign resources using tags or Resource IDs.

🔒 Ineffective recovery processes and increasingly sophisticated ransomware are driving adoption of Cyber Recovery approaches that isolate and validate backups before restoring systems. Modern platforms combine immutable snapshots, sandboxed restores, and automated forensics with AI/ML-based detection to identify safe restore points and reduce downtime. Vendors highlighted include Acronis, Cohesity, Commvault, Dell, Druva, Rubrik, Veeam, Zerto.

🔒 KNP Logistics Group, a 158-year-old UK transport firm, collapsed after the Akira ransomware group accessed an employee account by guessing a weak password. Attackers bypassed protections by targeting an internet-facing account without MFA, deployed ransomware across the estate, and destroyed backups, halting operations across 500 trucks and precipitating administration and 700 job losses. The incident underscores the urgent need for strong password policies, MFA, and isolated, tested backups.

🔒 Applying zero trust to the storage layer is no longer theoretical — it is now essential to ensure recovery. The author describes ransomware incidents, including Change Healthcare in February 2024, where attackers deliberately targeted backups and recovery points, exposing storage as a primary attack surface. He recommends three operational principles — control where data is touched, control who and when, and make critical backups immutable — and ties those measures to governance, policy-as-code, and executive outcomes.

🔁 Amazon RDS now supports single-step cross-Region and cross-account copying of snapshots for Amazon RDS and Amazon Aurora. This new capability eliminates the prior two-step process and removes the need for an intermediate snapshot, helping customers achieve tighter recovery point objectives while reducing storage and operational costs. The feature is available in all AWS Regions, including AWS China and AWS GovCloud (US), and can be used today via the AWS Management Console, AWS CLI, or AWS SDKs.

🔒 AWS Backup now lets you choose whether to include Access Control Lists (ACLs) and ObjectTags when backing up Amazon S3 buckets. Previously, these metadata elements were included for all objects by default; the new option lets administrators include only the metadata required for their recovery or compliance needs. This capability is available in all Regions where AWS Backup for Amazon S3 is offered; review pricing and regional availability on the AWS Backup pricing page.

🧪 AWS announced that Fault Injection Service (FIS) is now available in the Europe (Zurich) Region. FIS is a fully managed service for running controlled fault injection experiments to validate application performance, observability, and resilience under scenarios such as AZ power interruptions and cross-region connectivity failures. Customers can create reusable experiment templates, integrate them into CI/CD pipelines, and generate detailed experiment reports stored in Amazon S3 for audit and compliance needs. This launch expands FIS to 24 regions globally.

🔔 AWS has extended AWS Backup Audit Manager to produce organization-wide, cross-account and cross-Region reports in six additional Regions: Asia Pacific (Hyderabad, Jakarta, Melbourne), Europe (Spain, Zurich), and Middle East (UAE). Using an AWS Organizations management or delegated administrator account, you can aggregate compliance and operational backup data across accounts and Regions. The feature centralizes policy enforcement and helps demonstrate adherence to business and regulatory data protection requirements.