It started with a compromised virtual server. That server became a jump host, and the attacker began encrypting every volume in the same domain. Then, through a stroke of bad luck or after some thorough reconnaissance, the same server migrated into a different data center and kept encrypting.
The outcome? Not just production data was lost. The backups were gone too. This is the critical hit scenario. The one you hope never happens but must plan for anyway. I'm not here to blame anyone. Things happen. But this should serve as a reminder about one security topic too many organizations overlook: protecting your backups from the same threats that target your production environment.
Cloud Backups Aren't Always What You Think
Most organizations use some form of cloud service. For simplicity, let’s talk about PaaS and SaaS.
With SaaS, you usually have to trust whatever the provider promises. That means looking beyond the marketing line of “We take care of backing up your data.” The fine print often says something more specific, like “Archival backups for customer-initiated restores for 60 days.” Others are even clearer. One vendor states in all caps that it does not guarantee protection from data loss and that it is your responsibility to maintain alternate backups.
The problem is that most people never read those details. Businesses and individuals alike pick SaaS because they want simplicity. They assume backups are included. In reality, they often only get minimal retention, which will not help in a large-scale incident.
PaaS and Shared Responsibility
For PaaS, the situation is different. It is, or should be, obvious that backups are partly your responsibility.
Just like with security, the provider handles the physical infrastructure and uptime, while you manage the protection of your own data.
On most hyperscale platforms, you can enable backups when you set up your instances or databases. You can choose frequency, retention, and sometimes location. It is convenient and works with minimal setup.
So what could go wrong? Well, think back to the European cloud provider story. If your backups live in the same environment as your production data, an attacker who gains access could take both. That is why you cannot rely entirely on the same provider for both.
Why You Should Use A Different Provider For Backups
The safest option is to keep your backups somewhere completely separate from your production environment.
You have several choices here:
- Backup as a Service (BaaS): These companies specialize in exactly this. They connect to your SaaS, PaaS, and even on-premises systems to store backups in a separate location. Most have ready-to-use integrations with all the big providers and plenty of smaller ones.
- Cross-cloud storage: Store your AWS backups in Azure or Google Cloud, or the other way around. A breach in one provider does not automatically give an attacker access to your backups.
- S3-compatible storage: Amazon S3 is the most common example, but many services use the same API. This makes it easy to set up backups to a completely different environment without a lot of new tools.
Yes, this might mean explaining to your finance team why there is now a second invoice for storage. But that is a much easier conversation than explaining why all your data is gone.
Testing Your Backups Matters More Than You Think
Even if your backups are stored somewhere safe, they are useless if you do not test them. Backups that fail when you need them are as bad as having no backups at all.
Make it part of your routine to:
- Test restores at least quarterly
- Try different recovery scenarios, from a single file to a full environment
- Keep track of how long recovery takes and whether it meets your needs
- Surprisingly, many companies spend money on backup solutions but never try restoring them until disaster strikes.
Backup Awareness Is Everyone’s Job
Protecting backups is not just an IT project. The CIO and CISO need to be involved in setting policies, approving budgets, and ensuring teams understand the plan.
Every department should know where its important data lives, how it is backed up, and how quickly it can be restored. The more people understand the process, the easier it is to get buy-in for changes like adding a new backup provider.
Don't Wait For The Wake-Up Call
The European cloud provider that lost both production and backup data is still trying to recover its business. Some customers may never come back.
Do not put yourself in that position. In 2025, doubling down on your backups means using a different provider than your production environment, reading the fine print on your service agreements, and testing your backups regularly.
It's not complicated, and it's not expensive compared to the cost of losing everything. A little planning now can save you from the ultimate disaster later.
This article was originally published on October 2, 2023