[Dshield] Firewall Tapes off site?
miles at mstevenson.org
Wed Mar 2 16:33:20 GMT 2005
Sending copies of critical backups to an off site location is an excellent
idea, and highly recommended. If a third party is going to be handling the
data, then encrypt it with GnuPG. Make sure that your private key is well
protected at your own facility, and that you don't lose the passphrase to the
key. A lot of folks recommend against writing down such important
passphrases, but I think it's a bad idea to risk forgetting the passphrase
and not being able to restore from backups! Just store the hand-written
passphrases in a good fireproof safe at your facility with reasonable access
controls and you should be in good shape.
On Wednesday 02 March 2005 5:47 am, Shane Presley wrote:
> Slightly off topic, but I was wondering what various people think
> about sending firewall backup tapes off site? Seems like you have to
> do it for D.R., but I also don't like the idea of the firewall
> OS/Application data being shipped to a third party?
> -------------- Sponsor Message ------------------------------------
> SANS Intrusion Immersion Training: Orlando, FL, February 3-9th
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
Email: miles at mstevenson.org
PGP/GPG Key ID: 329F889D767D2F63
More information about the list