Ransomware-Proof Disaster Recovery for Vendor Services

When
-
Session Host/Speaker(s)

As we use more and more third-party vendor services, we become overly reliant on the vendors' own backup and disaster recovery practices. This can (and has) come back to bite us if the vendor themselves experiences a security incident, or simply closes up shop and doesn't answer any phone calls.

At UC Davis, we host web sites on two different cloud-based vendor services, and they differ greatly in their implementation, access, and APIs. One uses linux containers while the other is a more traditional server cluster. With one, the customer can schedule jobs to run on the infrastructure itself. The other has a robust command-line tool.

In this session, I will describe our custom cloud-based automated process whereby we backup over 700 web sites across two vendors into a secure AWS account owned and managed by UC Davis.

We will cover:

  • Web application hosting, service, and access tools provided by the two vendors.
  • Cloud-based tools for performing "serverless" tasks.
  • Cost-conscious storage options for kinda a lot of data.
  • Fun flow-charts and diagrams that show the architecture, data flow, and security considerations.

Prerequisites:

  • Understanding that "The Cloud" is just somebody else's computer.
  • Healthy distrust for vendor infrastructure integrity.
  • Desire to avoid a $1.14 million ransomware incident.
  • A general understanding of web site¬†hosting¬†would be nice, but not required.