Security Considerations
Product version: 9.4
Last modified: 12 May 2020
To ensure security of your infrastructure and prevent unauthorized access to your data and systems, consider the recommendations provided in this article. They will help you to reduce the risk of losing sensitive data and avoid potential security issues.
General Recommendations
-
Update OS on your backup infrastructure components (Director and Transporters) in a timely manner. It is recommended to have the latest patches and updates installed to minimize OS vulnerabilities.
-
Use strong passwords for the OS with your backup infrastructure components.
-
Make sure that your source and target physical servers are secured and only authorized personnel has access to them.
-
Use the latest version of NAKIVO Backup & Replication.
-
Use strong passwords to access NAKIVO Backup & Replication interface.
-
Install a trusted SSL/TLS Certificate for NAKIVO Backup & Replication interface.
-
Use the latest Chrome/Firefox browser versions.
Data Transfer
To ensure security of the data transferred and stored when using NAKIVO Backup & Replication, consider taking the following actions:
-
Enable firewall on the machines where NAKIVO Backup & Replication and Transporters are installed.
-
Use a dedicated network for transferring data between your backup infrastructure components (backup servers, Backup Repositories, etc.).
-
If NAKIVO Backup & Replication is deployed in AWS EC2, make sure it runs on a private network/subnet and is not exposed to the Internet.
-
Use VPN connection between remote locations to avoid exposing NAKIVO Backup & Replication components to the Internet.
Backups and Replicas
-
Encrypt backups to secure data when it is transferred over the Internet and stored in Backup Repositories. For details, refer to Encryption in Flight and at Rest.
-
Restrict product user access so that only authorized users could have access to backups and replicas. For details, refer to Managing User Roles.