On the second Virtualization Security Podcast of 2011, we had Doug Hazelman of Veeam as our guest panelist to discuss backup security. Since most of backup security relies on the underlying storage security, we did not discuss this aspect very much other than to state that the state of the art is still to encrypt data at rest and in motion. What we did discuss is how to determine where your data has been within the virtual or cloud environment. This all important fact is important if you need to know what disks or devices touched your data which is an auditing requirement for high security locations. So we can take from this podcast several GRC and Confidentiality, Integrity, and Availability elements:
- Backup Integrity and Confidentiality State of the Art is Encryption of Data at Rest which is in many cases handled by the underlying storage security.
- Virtualization Backup tools can only track where data has been based on what it sees. Since data is contained within virtual disks generally, the Hypervisor is responsible for tracking a virtual disk’s location.