Skip to main content

A-007 - Backup & Recovery

Purpose

Provide the ability to preserve, restore and recover critical data and systems in case of failure, compromise or data loss.

Asset Type

  • Business Capability

Description

  • Covers data protection, backup mechanisms and system recovery capabilities across the Scheol environment
  • Includes backup storage, backup processes and restoration procedures

At the current stage:

  • no centralized or reliable backup solution is in place
  • previous reliance on hosting provider snapshots is no longer available
  • backup capabilities are therefore considered minimal and incomplete

Criticality

  • Critical
  • Failure of backup and recovery capabilities can lead to irreversible data loss, service disruption or inability to recover from incidents (e.g. ransomware, system compromise)

Sensitivity

  • Highly Sensitive
  • Backups may contain:
    • configuration data
    • credentials or secrets
    • business or application data
    • system states

Exposure Level

  • Internal only
  • No dedicated backup system is currently exposed externally

However, lack of structured backup increases exposure to data loss and operational failure.

Trust Zone

  • Hybrid
  • Affects both:
    • Heaven (VPS-hosted services)
    • Hell (local infrastructure and future backup systems)

Dependencies

  • All infrastructure and platform assets (data sources)
  • Storage systems (local or remote, currently undefined)
  • Administrative access (backup operations)
  • Future backup platform (planned: PBS, Restic, NAS)

Relationships

  • All information assets (data protection dependency)
  • Infrastructure and application assets (system recovery)
  • Monitoring & Detection (backup validation and failure visibility)
  • Documentation & Governance (recovery procedures and traceability)

Security Position (Architecture Context)

  • Recovery layer of the security model
  • Critical for resilience and incident response capability
  • No direct attack surface currently, but high-value target once implemented

Current structural weaknesses:

  • absence of reliable backup mechanisms
  • no offsite or immutable backup
  • no tested recovery procedures
  • high dependency on system availability without fallback

Existing Protective Measures

  • None considered reliable at this stage

Previous measures:

  • hosting provider snapshots (no longer available)

Current limitations:

  • no automated backups
  • no backup isolation
  • no integrity validation
  • no recovery testing

Owner / Responsibility

  • Operations Role (Ops)

Notes

Backup & Recovery is currently one of the most critical gaps in the Scheol Security Lab.

Immediate priorities include:

  • implementing a minimal viable backup solution (e.g. Restic, Borg, or Proxmox Backup Server)
  • ensuring offsite storage or logical isolation
  • defining basic recovery procedures
  • validating backup integrity through periodic tests

This asset represents a major risk area and is expected to evolve rapidly in the next phase.