Small-town street scene in Illinois American flag flapping in breeze by huge painted American flag fading from brick wall


Episode #73 - Backup and Recovery with Mr. Backup Himself - W. Curtis Preston

Cyber criminals are heavily focused on compromising backups so their attacks are as crushing and painful as possible for the victims. Good backups and the ability to quickly restore are a critical part of every infosec program but many organizations still treat backups as an afterthought. This week, the guys welcome the recognized authority on data backup W. Curtis Preston (aka. Mr. Backup) to reveal the backup and recovery trends he is noticing, tips organizations can implement to minimize risk, and what to look for in a backup solution.

For More On  W. Curtis Preston:
LinkedIn -
Restore It All Podcast -
Free Book by W. Curtis Preston: Modern Data Protection -

Get the show notes and articles at
Pick up your copy of Cyber Rants on Amazon.
Need cybersecurity expertise and support? Visit us at
Be sure to rate the podcast, leave us a review, and subscribe!


Mike's Headlines

Brazen crooks are now posing as cybersecurity companies to trick you into installing malware

Spike in Amazon Prime Scams Expected

Watch Out for the CVE-2022-30136 Windows NFS Remote Code Execution Flaw
Hackers Steal 50,000 Credit Cards From 300 U.S. Restaurants

Air-Gapped Systems Leak Data via Sata Cable WiFi Antennas

Tor Browser now Bypasses Internet Censorship Automatically
Elastix VoIP Systems Hacked in Massive Campaign to Install PHP Web Shells
Ransomware is Hitting One Sector Particularly Hard, and the Impact is Felt by Everyone
Cloud-Based Cryptocurrency Mining Attacks Abuse GitHub Actions and Azure VM
Hackers Can Unlock Honda Cars Remotely in Rolling-PWN Attacks
New 0mega Ransomware Targets Businesses in Double-Extortion Attacks
Ransomware Scourge Drives Price Hikes in Cyber Insurance


welcome to the Cyber rats podcast where we're all about sharing the Forbidden secrets and slightly embellished truths
about corporate cyber Security Programs we're ranting we're raving and we're
telling you the stuff that nobody talks about on their fancy website and trade show giveaways all to protect you from
cyber criminals and now here's your hosts microtondo Zach Fuller and Laura
Chavez hello and welcome to the cyberance podcast this is your co-host Zach Fuller joined by Mike Rotondo and
lauro Chavez today we have an excellent episode we are going to be talking about
something that does not get talked about enough something that we really should dig into a little bit deeper and that is
backup Disaster Recovery especially with all the ransomware and everything that's going on out there we should talk about
this more this is important and uh as a result we brought in the person they call Mr backup himself w you Curtis
Preston is joining us today Curtis it's pleasure to have you on the call happy to be here well great we're going to
dive in we'll do some uh in an introduction of Curtis here in just a moment but Mike why don't you kick us
off today with the news we've got a lot going on in the news today raising crooks are now posing as cyber security companies to trick you into installing
malware uh cyber criminals are now posing as cyber security companies and phishing messages that claim the
recipient has been hit by a Cyber attack and that they should urgently respond in order to protect their Network the person receiving the email is provided
with an instant case number and is told to call up to get a phone number to organize the audit crowdstrike describes
this as callback fishing because when the victim calls a number they're connected to an operator who persuade
them and install a rat so be very careful spike in Amazon Prime scams expected cyber security company avanan
has warned of an increase in fishing and credential harvesting email attempts in June in advance of Amazon's Prime days I
realize Prime days is over but uh still important it says hackers are
using a range of scams to Target consumers including email campaigns that dangle the promise of an Amazon gift card in return for taking a survey watch
out for cve 2022 30136 Windows NFS remote code execution flaw Trend Micro
resources research has published an analysis of the recently patched Windows vulnerability cve
2022-30136 that impacts the network file system the exploit is a remote code execution vulnerability that resides in
the windows Network file system it is due to improper handling of NFS V4 request a remote attire can exploit this
by sending malicious RPC calls to the Target server to achieve arbitrary code execution in the context of system
exports pointed out that the unsuccessful exploitation of this issue May trigger a crash of the impacted
system so even if they don't exploit you they're gonna they could crack you know or crash it this is exciting for all of
us in the doordash Life hackers steal 50 000 credit cards from 300 use U.S
restaurants pay payment card details from customers of more than 300 restaurants have been stolen in Two web
skimming campaigns targeting three online ordering platforms web skimmer or Mage cart malware are typically
JavaScript code that collects credit card data when online Shoppers type it into a checkout page recorded features
threat detection tools Identify two Mage cart campaigns injecting malicious code into the online ordering portals of menu
drive harbortouch and InTouch POS as a result fifty thousand payment cards were stolen and have already been offered to
say for sale on various marketplaces on the dark web most of these restaurants are small local establishes using
establishments across the US using the platform as a cost-effective alternative to Outsourcing their online ordering
process on both platforms the web skimmer was injected into the restaurants web pages and to sign
subdomain on the online payment service platform the air gap system is leaked data via Sata cable Wi-Fi antennas my
security researcher has found a new way to steal data from air gap systems by using Serial ATA cables isn't inside
most computers as a wireless antenna that sends out data via radio signals dubbed Satan
s-a-t-a uh lowercase man the attack was discovered by the head of r d of the
cyber security research Labs at Ben Gurion University in Israel and can theoretically help in an adversaries
steal sensitive information for an attack to succeed an attacker first needs to infect the targeted air gap system while this is not easy to act
there are there are reports of physical initial compromises since 2010 stuxnet being the most notorious one this piece
of malware is planted on air gap Network can Target the sensitive information prepared for Excel exfiltration by
modulating and encoding it that's it for the news I got a couple headlines for you tour browsers now bypass internet
censorship automatically elastic voices VoIP systems hacked in a massive campaign to install cloud-based
cryptocurrency mining attacks abuse GitHub actions and Azure VM that's a big thing and then for all of you Honda
drivers hackers can unlock Honda cars remotely enrolling pwm own account upon
attacks so something to keep in mind and lastly for us business owners ransomware scourges drives price hikes in cyber
insurance something to keep in mind and with that Laura what kind what do we get for
exploits awesome Mike thanks for that a lot of good stuff in the news in the news this week uh to couple on the um
the windows NFS flaw I am seeing quite a few exploits being POC on GitHub so make
sure you're looking out for the Microsoft Patch and at least for the compensating control pieces that are that are going to be necessary to close
that flaw for Xbox this week we just have one it's a very important one though because a lot of people out there
using ingenix or nginx this is a denial of service for 1.20 current version is
1.23 so you can tell that that these some of these actors are using the um
you know they're essentially taking the resolves for the next version and then reverse engineering a flaw into the
previous versions this is a cleverly done python script that essentially does localized art poisoning with DNS
hijacking and doesn't enable the box to basically talk to anything on the network while the script is running so
pretty clever attack here for these engineic systems so if you're using uh nginx in any capacity of uh you
know web servers or uh you know anything like that for proxy make sure you're trying to get off a 1.20 of these
exploits are becoming more common for this common operating system and with that Zach I hear we have a pretty
awesome guest this week to talk with so I'm excited we did we do thanks lauro in
just a moment we are going to talk with Mr W Curtis Preston about backup disaster recovery and Dive Right In but
we'll be right back after a quick commercial break want even more cyber rants be sure to subscribe to the Cyber
rants podcast get your copy of our best-selling book cyber rants on Amazon today this podcast is brought to you by
silent sector The Firm dedicated to building world-class cyber security programs for bid market and emerging
companies across the U.S silent sector also provides industry-leading penetration tests and cyber risk
assessments visit silence sector dot com and contact us today and we're back with
W Curtis Preston Curtis it's pleasure to have you here thanks for jumping on with us and I look forward to this
conversation anytime I can talk about backups is a good day for me
outstanding well hey first things first you've got over 30 years or coming on 30
years coming up yeah in disaster in Disaster Recovery in the backup space
what what got you into that field can you give us a little bit about your background and kind of what took you down that path to to specialize in that
area if I'm being honest uh what got me into the field was that was the job I
could get right back in 1993 my wife actually worked for at that time
uh what was the second largest credit card corporation and they needed a backup guy and you know I knew I I knew
a guy that knew a guy basically my wife uh I basically leveraged that that uh
relationship to get a job as the backup guy at MBNA and then through a series of
I don't know total happenstance I just never got out of it I I didn't initially
plan it that way but after about I'd say about five or six years I realized that
I had become a specialist in something that everybody else abandons and so you
know because it is a it is a job that that we often give to the junior person which is a horrible thing to do but
that's what we do and then as soon as somebody gets uh you know some seniority they move on to be a
quote unquote real sysadmin and so um once I realized that then I started
writing and Publishing and that's I think um 99 is when I published my first book
and you've you've written four books total correct correct correct first at a
high level what are the big issues that you're seeing today in the backup and
Recovery field when these companies are getting hit with rent somewhere or whatever happens right what are the top
problems that you're seeing in the business yeah it's funny if you had asked me that
question let's say 10 years ago I would have said that the top problem was that
people didn't understand how their backup infrastructure worked right they didn't understand about tape and disk
and deduplication and and these things the problems were were more sort of
throughput related and and you know just getting the backup system to function today and and more specifically
um well let's go back say four or five years ago the answer would have been well just make sure your backup system
is air gaps right um so that you so that that the uh that
you can have a good copy when you um when you get hit by ransomware the last
one to two years the answer is that the primary I think challenge for today's
backup environments is that backup systems have moved from this on unnoticed box in the corner of the data
center that no one cares about to victim number one in a ransomware attack
so you know especially the Conte ransomware group because they they've
actually it's been made quite public that they specifically Target the backup
servers they specifically Target certain products not just vulnerabilities not so much
vulnerabilities in the product itself but vulnerabilities in the configuration
and the installation and then they exfiltrate the backups and then delete
them and then begin their ransomware attack right so backups have moved
um you know like I said from something that wasn't getting noticed at all to
the front lines of the of the ransomware battle what are companies doing differently or or are they doing
anything differently nowadays are they really are you really seeing them being more proactive put making backup and
Recovery uh more front and center in their security programs are they still kind of lagging behind I'd say it's well
well both of those things are happening right um I mean you guys you guys fight to
cyber security uh War if you will all the time you know that there are a thousand things that
every customer should be doing and they might be doing a handful of them um I I do see a lot of companies looking
at their backup system I also see the vendors responding well uh the vendors
responding with best practices um as to how well the average customer
is implementing them you know I don't have any insight into how well they're
you know they're actually doing that so I'm not sure if I have a good a good answer to that question
yeah it's tough to know of course what what are you seeing or what what would you prescribe let's let's talk about
those organizations we talked to a lot of mid-market emerging size companies limited resources and such there A lot
of times unfortunately the answer is oh we're in the cloud we're good or we're you know there there's some there it's
kind of um almost a an afterthought what would you prescribe
is there a series of steps or a methodology that you'd prescribe to these organizations that don't really know where they are in terms of backup
and Recovery yeah well it you know I so I was a
consultant for 20 years right so the answer to any question like that is it depends right so it it depends entirely
on the backup infrastructure that you use right so on on one end you've got
you know on on sort of two ends of the spectrum on one end you've got a piece of software that you buy from
pick your favorite backup vendor and you install it on your box that you're going to manage on the
opposite end you have a service like the company that I happen to work for druva which is a a SAS based service
um that handles all of the cyber security aspects for you right so in
that range on the opposite end of druva the the big
thing is that I I'd say it's it's it's it's a lot like the you know I should really write like um a 12-step uh
program I think for for people that are looking at their backups because the first step is you just need to
acknowledge that you have a problem right just acknowledge that your backup system that no one's been paying
attention to the cyber security aspects of your backup system so that that's the first step and then
we just need to look at the the very common risks the things that so you know
a backup system the first thing I think that if we're talking about an on-prem system whether it's a uh you know the
the one end of the spectrum where it's a piece of software it's in the middle by the way our backup Appliance companies
right that provide an appliance that they manage the they
manage the upgrading of the OS along with the application so it should be it should not be part of
the domain right it should be a local password system it should you should be using
your backup systems you
abilities to use the concepts of police privilege to use you should be using uh
multi-factor authentication these are things that you're like well these are two guys like you three you're like well
duh but the thing is we're talking about backup people that are often the most Junior people in the in the data center
and so they're not necessarily the the system has gone unnoticed by cyber
security people so start applying common um cyber security techniques to your
backup system right it should be separated and segregated if you will you
should also um one really big thing is where and how
do you store the actual backups so again I'll give you two ends of the spectrum
one is if I have a Windows based it's very common that two I'd say the two
biggest backup software vendors right now run on Windows based servers and so it's very common like a default
installation is to install that product and store the backups in a directory
called C colon backslash backups don't do that
right that's bad and it's not just the fact that it's in a it's an incredibly
obvious directory it's that it is sitting directly in an accessible to
that backup server as a file right that's the first thing that has to happen is that this where you're
actually physically storing the backups and let's face it most people today are storing them in some kind of disk be it
cloud or on-prem disk if those backups are directly accessible to the backup
server as a file then if that backup server is compromised I can easily
exfiltrate and delete those backups there are you know I won't go into a level of detail there but there are
depending on your backup product there is a way to make that to make that happen
right and if you can't do it for the on-prem copy you definitely have to have an air gap copy uh that's stored
somewhere else so I think that I think that's a good first a handful of steps
yeah we see that a lot with a lot of our smaller clients is that they just use the base install and
think oh we're good and it's a standard domain it's not even local it's not a separate account it's not there's very
few controls around it and that's one of the things that's at least on the CSO operation side that we definitely
address as soon as possible um dealing with the cloud I mean you know
you got your backup stored in the same region as your production and you don't have a backup region that's a that's a
problem too yeah absolutely are you sorry I didn't mean to cut you
off Mike but uh are you aware of the have you heard of the um
uh Cloud code spaces attack this is several years ago no it doesn't ring a
bell there was actually a company that ran its infrastructure in AWS and they had they did they did everything that
they're not supposed to do right they had one account they did not have MFA enabled and they had their primary and
their backup all in that one account and then they got hacked the the uh and and
literally uh the company ceased to exist and
um the the the irony is that they were a SAS based service to store other
people's code oh I was supposed to it was supposed to be a safe place to store your code so yeah so that that yeah so
the the principles that I the principles of the the three two one backup right storing data at least one of the copies
in a different location than your primary it applies in the cloud as much
as if not more than in the data center and it's been a long time since I've done operational backups is it still the
prevailing philosophy that you do in incremental daily and then a full every week and then offload that slower that full
for four weeks and rinse and repeat yeah so the that is the the concept of an
occasional full is a foremost backup product well if we look
at com you know current uh backup products that were that have
been that have come out in the last I'd say 10 years generally they all use an incremental forever approach generally
speaking that doesn't work with everything so for example databases uh you you still often
have to do a fullback an occasional full backup right but the
um the the old school like a weekly full and daily incremental that generally had
to do with tape because right if you didn't do that you your your restore would be horrible
right you know I'm thinking back to being that Junior guy sitting in a a server room with a box of tapes and a
fireproof handheld safe going all right here's this tape here's this tape yeah yeah it's a yeah doing a restore with
with dozens of tapes that was always a giant pain one thing that hasn't changed
there is a core concept of we we call it the three two one rule uh three copies of your data on two different media that
have different risk profiles and one of which is stored off-site uh that's an old
um you know an old thing from the 90s that still plays still Rings true
well here's a question I have um should we should for for backup resiliency should there still
be a usage of tapes do you think I mean I know it's somewhat looked at as Antiquated to have the big silos that
you know that did all the the cool Robotics and stuff but with the attacks that that we have today I mean just
being a crazy idea would it make sense to bring something like that back so you so first off I'll say I am not an
anti-tape person right I'm probably the most pro-tape person at druva who driva
being a 100 Cloud company right we don't have any tape but uh so I'm not against
tape that I'll just I'll say two things one is the biggest challenge with tape
it is how it works and how and a fundamental misunderstanding of how it works because most people if I were to
ask the three of you and I won't put you on the spot if I were to ask you the three of you what's the primary problem with tape I'm willing to bet that you
would say that it's too slow and that's what almost every client I ever had thought was wrong with tape the
problem is tape is actually too fast it's it's a fundamental mismatch of technology and people use it because
they think it's going too slow and it's actually going too fast um that that problem still exists in
fact it's way worse than it was 10 years ago when I was you know doing this in the trenches
um having said all of that I'll just say a short yes to uh your
your question right there's nothing wrong with having that um The Challenge comes in the logistics
of making that happen number one and number two getting that copy to anywhere
uh you know if you've moved into the cloud how exactly do you make a tape
copy of your stuff that's in the cloud if you've moved you're in the data center and everybody's working remotely
how do you get that tape sent to somewhere other than that data center it's more about logistics than anything
else and also if you're uh I mean druva works with customers
that have you know tens of petabytes if you've got tens of petabytes how exactly
do you create an occasional full backup of that um the answer is it's just really
difficult so there's nothing wrong with tape per se I'd say that the and it's also really
good by the way at holding on data for really long periods of time so if you do need an archive that you want to hold on
for 10 15 20 years right now
um there's not much better options than uh than than a lto tape
cool thank thanks for that and for entertaining my my would-be vision of a
of an archaic future that still sees you know tapes as a as a suitable form of
secure Cold Storage backup by the way by the way more tape is sold today than it
was before there's a whole lot of tape in the cloud um in fact the current all of the
current um the hyperscalers are most of the when I
talk to the tape companies they're their biggest customers so tape isn't gone what has happened is
is it's no longer for most people being used for backup and Recovery they're using it for long-term storage and for
you know having an extra copy that you know the sort of a doomsday archive copy
kind of thing um so it's it's not as archaic as you might think
how's that awesome yeah I always thought the problem would be like you said Logistics
of of just you know the recovery from tape but also you know how do you manage
uh you know especially where you have older tapes and you know an older a vendor that's you know that that uses
the tapes right the deck essentially and then have the manufacturer keep up with that it'd be it's equivalent of going
out today and trying to find an eight-track player that still works in some cases right off eBay and then how do you project that down the road 30 or
40 years right hoping that we'll still have the capability to play like the cassette tape well I I think we have
good um there's a good uh what do you call it I mean it's a
valid concern I had you know what a nine track tape is yeah absolutely the old nine track tapes
okay sure go on eBay there's like thousands of nine track drives available
for sale right now and then you know if it's not eBay there are actual companies who basically refurbish these things
those things are those are ancient right that's from the 50s and the 60s
um so there there will be lto drives available 30 50 years from now
um I I'm a little I I have a current interest there there's a technology called mdisk I
don't know if you guys are familiar with that that's my current sort of thing that I'm really looking it's an optical platform
um it looks like a Blu-ray or a DVD but they change the substrate the substrate
of DVDs are um a die it's an organic die that gets
burnt with the laser the mdisk is a um it's a it's an inorganic they call it
Rock but you know obviously it's not a rock but it's an inorganic layer that they burn with a laser and they're
they're advertising a Thousand-Year life what's amazing about this this relatively new technology it's like 15
years now is that it's compatible it's read compatible in any DVD or Blu-ray
Drive depending on which one you're talking about so I think that's an example of how we can continue moving
forward while still having backwards compatibility so but that that is a real problem
um that we talk a lot about in backup and archive circles is that that you know the the Hundred Year data problem
that not not easy to fix well we I recently worked for a company
that uh well recently within the last 10 years worked for a company that had data that went back to the 70s and they were
keeping mainframes alive at three billion dollars a month to be able to maintain that data
um because they don't they weren't created enough to figure out anything else so right
um data hoarding is definitely a problem as well yeah um so it'll call a lot of data that you
really don't need um and make that determination and do
you get resistance on right maybe you don't even ever get into the space but it's like you know hey you can get rid
of that data you don't really need it anymore yeah I'm a subscriber to the data hoarders threaded on Reddit
um and um so I I am infant or intimately
aware with this with this problem these are people that that that proudly hoard
their data and you know when you when you hear a home user say uh if they're
new to the to the subreddit they'll they'll log in there like so I have 150
terabytes of uh of movies like how should I back that up how should I you
know you're like how do you have 150 gigabytes right have you heard have you heard of Netflix
uh you know I'm sorry if I've if I've just you know my uh my uh that's the
Doomsday that's the Doomsday of the library of movies yeah for Netflix yeah
but yeah yeah but in a corporate space it is very common what I what I do try I I try is I try to
get companies to think about the uh legal ramifications of keeping data too
long and if I can if I can get the a lawyer involved you know from their
company to help them understand that if you have the data whether it's on backup
tapes or in primary storage if you have the data at least in the US I you know I'm not that familiar with laws in other
countries but if you have it you are legally obligated to provide it in a discovery case
right yeah I fought that fight many many times so yeah and so it's it's a really
bad idea to keep primary data for longer than it than you need and also to keep backups for longer than you really need
operationally so it's it's a good thing to do on behalf of the company but
um you know they either they either like the idea or they don't yeah
yeah especially regulated data too I mean when you've got PCI Data that goes back 10 or 15 years what do you thinking
right you know right right but for HIPAA even worse unless there's a
requirement yeah exactly but but uh but honestly the most of the conversations I'm talking about today do have to do
with these cyber security aspects right yeah um because the because backup systems have gone
ignored for so long that um so you know we talked about the
separating of the data right by the way that that NFS exploit that you talked about earlier is that
if it's a Windows box that is using NFS you can exploit that NFS or is it a way
to exploit just a random Windows box it's a vulnerability in the code itself so if
you're using it so if you're yeah the NFS Services yeah it's the NFS services that are weak
yeah because that's a very common way by the way to store backups is to have a box and you export it via NFS
um to to the backup server and um so that's that's the big concern that
I have today is is um is how are they
number one just making sure you have any copy right it did basically the
equivalent of the tape copy because if you if you have a typical on-prem infrastructure the the best thing you can do today as
far as I can tell is to have a copy of that data and most of them can do this
put a copy of that data in like Amazon S3 and turn on the the the the the the
immutable option right it's a horrible place to have it if and when you
actually get an attack because you'll have to you'll have to get that back and
the system that copied it up to the cloud it thinks of that as like a like an archive like a like an old copy right
they don't think of it as a as an active thing that they're going to use to recover
um the the um and yeah you know I I do work for a company that this is this is the
problem that we solve for people that we try to tell them you know just the phrase I like to use is get out of the
backup business and just get into the recovery business um and it's like
you know solve these cyber security challenges by just having someone else uh that specializes in that do all of
that for you right um and that the second challenge that that they have if they have it in the
cloud is that what is your recovery option right I talked about the difficulty of
of if it's not designed to do that um you know the the way we work uh when
we restore an on-prem Server Like A VMware server we often are faster than a
typical on-prem Appliance um so the question is you know what's your recovery option you know protect
the data but then make sure that you've done it in a way that you can recover the data quickly in the event of an
attack or or you know a disaster no that makes sense
yeah something um sorry Zach I don't want to hijack but the question I have that you know we see a lot when Mike and
I are you know taking taking clients through a cyber security framework like
you know PCI is a good one um CSF or or even CIS controls and they
talk about specifically encrypting backups how how important do you see
that um in in what you do for my from an online perspective I mean do you are you seeing clients like want to bring their
own keys and things like that to secure those backups or yeah uh absolutely so at this point again go
back 10 years ago encrypting backups was a novelty today I think it's table Stakes so it's it's both from a I'd say
it's it's more about compliance and about protecting your company from
embarrassment so if you're if your backups are encrypted and they and and
let's say it's tapes and the tapes get stolen you don't have to tell anybody if your backups were unencrypted then you
um you know you have to notify the world that some very personal information just
got stolen and it could possibly be read right um the same is true of the stuff that's
stored on disk or or the cloud you you've you've got to encrypt it in
such a way that you know the hackers aren't going to be able to get it it's also about like um you know we make sure to separate the
data from the metadata we also do deduplication I know how familiar you guys are your listeners are with that
but this is the idea of slicing up the data into little pieces and running that through uh you know a cryptographic
hashing algorithm to get a to get a value and then we identified that that
chunk of data is new or not new and we use that to drop by an order of magnitude or two the
amount of data that has to be transferred in the backup and so there's metadata that is needed to
assemble all those little bits together into a file and then there's metadata needed to assemble all the files into a
server um distorting that data separately and encrypting that as well right the bring
your own key thing is I think absolutely crucial right um the the the the if a question to ask
a vendor is is there any way at your company and
hopefully they will be honest with an answer is there any way at your company that you know a privileged person with a
privileged account can get access to my data and and because and it's not so much not
trusting that company as much and again I'm preaching to the choir here it's if there's an account that can be used to
do that then that account could be compromised and used to do that right so
um that's I think to bring your own you know the bring your own keys and all of
that you know the you know if the vendor isn't ever able to access your data
that's really the question that that's the thing that you want um and of course that means that you
know you need to manage your keys and your passwords and if you you know lose all of them you might be
in a you might begin a world of hurt with great power comes great responsibility right absolutely
absolutely we're coming up on time here Curtis but um we talked a cup about a
couple things you mentioned a couple things that people need to be on the lookout for um their recovery options speed recovery
making sure they have the ability to manage their keys and uh that the organization that they're backing up
with can't actually access the the data themselves are there any other tips you
would give for uh buyers or people in the market looking for a backup and
Recovery Solution is there anything else they should be looking for that maybe we haven't
touched on yet I think we've covered the the basics I mean it's hard to cover you know all of
the things I'm advising customers right now and and a call of this length but I
think we've covered I I think the the biggest concern I have are people that have Windows based backup servers that
are and again it's not that Windows is either more or less secure than than say Linux or VMware that there are clearly
attacks and you know vulnerabilities and exploits that are happening with those um Curtis it's okay to bad mouth Windows
on this show we know how unbelievably crap Fest it is uh my primary problem
with it is that it is the number one attack Vector for ransomware right
and I I just think it's a bad idea to have that as your as your primary backup
server and unfortunately that's you know the two biggest companies in the backup space that is what they're doing
um they do both offer Linux based
um uh media servers and and other ways to store their data so at least look at
that option if you're going to stay with a Windows based backup server look at storing the data the data itself in
something other than Windows uh also maybe the cloud um but uh by the way one thing I uh you
mentioned my my books my most recent book modern data protection you can actually get it free by going to uh ebook and um then you know you get a free copy of
the my latest O'Reilly book sales calls
absolutely awesome
the greatest takeaway for today is uh don't use WordPress backup on a Microsoft Windows system that's what I
was gonna say you combine those two together and everything just burns to the ground
well well hey um thank you Curtis for for joining us today any other final
words of wisdom or if if you had to had to leave the audience with with one
thing to remember anything else you would you would say yeah I mean it's gonna sound like uh to a hammer
everything looks like a nail but I do think that the easiest way to solve all these cyber security problems is to use
a service like deruba to put you know to put the all of those problems in the
hands of someone who actually wants to solve those problems uh and to also make sure that you have an air gap copy that
you know it's just all of our copies are very wrapped in immutable you don't have to do anything special so words
well ladies and gentlemen W Curtis Preston here they call him Mr backup
Curtis we thank you so much for uh joining us on the show you mentioned that's slash ebook is where people can find your ebook how else can
they reach out to you I know you have a podcast with what your podcast URL so at
WC Preston is Twitter my podcast name is restore it all so if you go to you can find uh episodes and all that great we'll put these links in the show notes as well well thank you again so much thank you everybody for
listening to the cyberance podcast if you like the podcast subscribe share it
rate it help us get the word out there cyber security is critical to the well-being of our nation and really the
backbone of our economy our way of life and we need to get this information out there so thank you for listening let us
know what you want to hear about in future episodes and we'll see you next time pick up your copy of the cyberance book
on Amazon today and if you're looking to take your cyber security program to the next level visit us online at join us next time for another edition of the Cyber rants