Skip to content

oVirt Backup and Recovery

Data security and recovery are critical when dealing with virtualization tools. In the event of an outage or disaster, businesses must be able to rapidly restore virtual machines (VMs) and critical data. Being a virtualization management tool, oVirt not only shines in virtual environment administration but also provides virtual machine full backup and recovery capability.

This article will explore what oVirt is and how its backup and recovery system works.

What is oVirt?

Red Hat created oVirt, a robust open-source virtualization tool that uses the Kernel-based Virtual Machine (KVM) hypervisor.

With a web-based interface, this platform provides a centralized administration solution allowing consumers to manage compute, storage, and networking resources. oVirt facilitates companies’ design, management, and implementation of virtual machines.

oVirt is suitable for small and large companies since it is flexible and scalable. One important characteristic of oVirt is its ability to work with other open-source community projects such as Ansible for automation, Gluster for storage management, and PatternFly for user interface design. This integration helps customers to use existing tools in the opensource community and at the same time take advantage of oVirt’s advanced capabilities.

Components of oVirt

The oVirt Engine, hosts (nodes), and storage nodes make up the fundamental architecture of oVirt. These components form a comprehensive solution for managing virtualized environments.

  • oVirt Engine

oVirt engine is a Wildfly-based Java application that functions as a web service. The engine talks to VDSM (Virtual Desktop and Server Manager) to deploy, start, migrate, and monitor VMs.

  • Nodes

oVirt Nodes is a streamlined operating system built on CentOS. It operates on RHEL, CentOS, and Scientific Linux, utilizing the KVM hypervisor and the VDSM service, coded in Python. These nodes are Linux-based distributions with VDSM and libvirt installed. They also feature additional packages that simplify the virtualization of networking and system services.

  • Storage Nodes

Storage nodes use either block or file storage which can be locally or remotely accessed through NFS (Network File System). These nodes are arranged into storage pools, offering options for high availability and redundancy.

The Latest oVirt Release Features

oVirt announced the release of a new update which became available on December 1, 2023. The new release named oVirt 4.5.5 is available on x86_64 architecture for:

  • oVirt Node NG (based on CentOS Stream 8)
  • oVirt Node NG (based on CentOS Stream 9)
  • CentOS Stream 8
  • CentOS Stream 9
  • RHEL 8 and derivatives
  • RHEL 9 and derivatives
  • Experimental builds are available for ppc64le and aarch64.

The new oVirt version has several updates that improve the functionality and user experience of this open-source virtualization solution.

The contributions made to the new release were made by 46 developers within the community. This emphasizes the collaborative efforts made towards enhancing oVirt’s capabilities and addressing user feedback.

Key Features of oVirt 4.5.5

– Component Updates: The release features updates to several core components including:

  • OTOPI: Now at version 1.10.4
  • oVirt Ansible Collection: Updated to 3.2.0-1
  • oVirt Engine Data Warehouse: Upgraded to 4.5.8
  • oVirt Engine API Model: Version 4.6.0 is now available.

– High Availability Improvements: The Hosted Engine HA was updated to version 2.5.1, enhancing the resilience of hosted environments.

– API Enhancements: The release improves on the oVirt Engine API Metamodel (version 1.3.10) and the SDK (Python version 4.6.2), providing better tools for developers.

– Performance Monitoring Enhancements: Metrics collection has been upgraded to version 1.6.2, facilitating more effective virtual machine performance monitoring.

– Log Management Updates: The Log Collector is now at version 4.5.0, improving log data management across virtualized environments.

– Networking Enhancements with Open vSwitch: Updated integration with Open vSwitch versions 2.15-4 (el8) and 2.17-1 (el9) enhances networking capabilities within oVirt.

– Bug Fixes and Security Patches: This release addresses various bugs and security vulnerabilities, including:

  • Fixes for issues related to VM import processes and disk configuration error handling.
  • Security updates addressing vulnerabilities like CVE-2024-0822 involved disabling specific execution capabilities in GWT code.

oVirt as a Basis for Red Hat Virtualization and Oracle Linux Virtualization Manager

oVirt serves as the upstream open-source project for both Red Hat Virtualization (RHV) and Oracle Linux Virtualization Manager (OLVM). Its key role in these virtualization tools highlights its significance in the broader ecosystem of virtualization solutions. Both RHV and OLVM gets to benefit from the continuous development of oVirt. With the new release, both platforms can seamlessly  integrate these new features rapidly while maintaining stability and performance standards expected by enterprise users.

Red Hat Virtualization (RHV)

Red Hat Virtualisation (RHV) Red Hat Virtualisation, which is based on oVirt, delivers an enterprise-grade virtualization solution with additional Red Hat support services. It uses oVirt’s robust management capabilities and also provides features like enhanced security protocols, advanced monitoring tools, and dedicated support options tailored to enterprise customers. Thus, RHV is a suitable option for organizations seeking a reliable virtualization platform backed by professional support.

Oracle Linux Virtualization Manager (OLVM)

Similarly, OLVM is also based on oVirt technology but is tailored specifically for Oracle environments. It integrates seamlessly with Oracle’s suite of products, offering specialized features that cater to Oracle database workloads and applications. This allows OLVM to provide users with a familiar interface while simultaneously ensuring compatibility with Oracle’s ecosystem.

oVirt Backup and Recovery

Backup and recovery are critical components of any virtualization strategy. In an enterprise setting where data integrity and availability are crucial, robust backup solutions ensure organizations can recover quickly from data disasters and loss incidents. Let’s break down the different methods available in a way that’s easy to understand.

Understanding Backup Modes

When using Storware Backup and Recovery with oVirt 4 or later, you can choose from four different backup modes:

  1. Disk Attachment:

    • Think of this as creating a digital copy of your VM. The VM’s metadata and disk files are stored separately.
    • Pros: Simple to understand.
    • Cons: Requires a proxy VM in each cluster, and incremental backups aren’t supported.

  2. Disk Image Transfer:

    • This method creates a snapshot of your VM’s disks, including any changes made.
    • Pros: Supports incremental backups, and no proxy VM is needed.
    • Cons: Requires oVirt 4.2 or later.

  3. SSH Transfer:

    • Data is transferred directly from the hypervisor using SSH.
    • Pros: Can be efficient, especially for smaller environments.
    • Cons: May require additional network configuration.

  4. Change Block Tracking:

    • Only the parts of your disks that have changed are backed up, saving time and storage space.
    • Pros: Highly efficient for incremental backups.
    • Cons: Requires oVirt 4.4 or later with specific versions of Libvirt, qemu-kvm, and vdsm.

Learn more about available backup strategies for oVirt VMs

A Note on Best Practices

For the best possible backup experience, Red Hat recommends updating your oVirt environment to the latest version. This will ensure you have access to the most recent features and security updates.

Need more help?

If you have any questions or need further assistance, don’t hesitate to reach out to our team.

Conclusion

oVirt offers a versatile platform for virtualization management, and its backup and recovery capabilities play a crucial role in maintaining system integrity and availability. With features like full and incremental backups, application-consistent snapshots, Changed Block Tracking (CBT), and agentless backup, oVirt is a robust and scalable backup solution for organizations and businesses seeking reliable disaster recovery solutions.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Storware
Storware is a backup software producer with over 10 years of experience in the backup world. Storware Backup and Recovery is an enterprise-grade, agent-less solution that caters to various data environments. It supports virtual machines, containers, storage providers, Microsoft 365, and applications running on-premises or in the cloud. Thanks to its small footprint, seamless integration into your existing IT infrastructure, storage, or enterprise backup providers is effortless.

How to find SolarWinds Web Help Desk services on your network

Latest SolarWinds vulnerability (CVE-2024-28987)

According to the US Cybersecurity and Infrastructure Security Agency (CISA), a critical hardcoded password vulnerability within SolarWinds’ Web Help Desk software is actively being exploited and was added to their Known Exploited Vulnerability (KEV) catalog.

  • CVE-2024-28987 is rated critical with CVSS score of 9.1 allowing for unauthorized access by a remote attacker.

What is the impact?

A remote attacker has the ability to log in to a vulnerable system using hardcoded credentials, providing access to internal information with the ability to modify the data.

Are updates or workarounds available?

According to the security advisory issued by SolarWinds, systems running “WHD 12.8.3 HF1 and all previous versions” of the Web Help Desk software are affected. Organizations are recommended to manually apply the hot fix released by SolarWinds to remove the hardcoded credentials from the software.

How to find potentially vulnerable systems with runZero

From the Service Inventory, use the following query to locate systems running potentially vulnerable software:

_service.product:="SolarWinds:Web Help Desk:"

 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

Five Easy Tips to Help Employees Prevent Cyber Attacks

October is Cybersecurity Awareness Month—a perfect time to reflect on just how vulnerable our digital world can be and, more importantly, what employees can do to protect their organizations from cyber threats. While CISOs and security teams work tirelessly behind the scenes, employees are the first line of defense. A careless click or weak password can open the gates to a cyber nightmare. Fortunately, protecting your organization doesn’t require a Ph.D. in cybersecurity. Here are five easy, practical tips employees can follow to prevent cyber attacks.

1. Think Before You Click – Avoid Phishing Scams

Phishing emails are the digital version of wolves in sheep’s clothing. Cybercriminals disguise themselves as trusted entities—whether posing as IT support, your CEO, or even your favorite streaming service. All it takes is one careless click on a malicious link or attachment to infect your computer with malware or expose sensitive data.

How to avoid falling for phishing:

  • Double-check email addresses: A suspicious email from “IT Support” coming from it-support123@gmail.com? Red flag.
  • Look for odd grammar or tone: If it sounds like the sender just learned English yesterday, it’s probably a scam.
  • Verify urgent requests: If an email asks for immediate action, like wiring funds or sharing passwords, verify through another channel, like a phone call or Slack message.

Pro tip: If you’re unsure, report suspicious emails to your IT or security team. They’ll be much happier vetting an email than dealing with a data breach.

2. Use Strong Passwords and Enable Passwordless Wherever Possible

Despite years of being told not to, too many people still use passwords like “password123.” If your password is easy to guess or reused across platforms, it’s like locking your front door and leaving the key under the welcome mat. Attackers love to exploit weak credentials, and once they get access to one account, they often have the keys to your entire digital kingdom.

How to up your password game:

  • Use a password manager: Tools like 1Password or LastPass generate and store complex passwords for you.
  • Avoid reusing passwords: Each service should have its own unique password.
  • Enable passwordless solutions: If your company offers passwordless authentication—like biometrics or hardware tokens—embrace it! Fewer passwords mean fewer entry points for attackers.

3. Keep Your Devices and Software Up to Date

When your computer nags you with software updates, it’s not just being annoying. Many updates contain security patches that protect against known vulnerabilities. If you ignore them, it’s like leaving a window open in your house after being warned that burglars are in the neighborhood.

How to stay up to date:

  • Enable automatic updates: For operating systems, browsers, and other software.
  • Reboot regularly: Some updates don’t fully apply until your device is restarted.
  • Check for firmware updates on IoT devices: Smart devices, such as Wi-Fi routers and printers, also need occasional updates to stay secure.

4. Be Careful with Public Wi-Fi Networks

Public Wi-Fi at coffee shops and airports may be convenient, but it’s also a hotbed for cybercriminals who can intercept your data. Logging into corporate accounts over an unsecured network is like having a private conversation on speakerphone in a crowded room—someone is bound to listen in.

How to use Wi-Fi safely:

  • Use a VPN: A Virtual Private Network encrypts your data, making it harder for hackers to intercept.
  • Disable auto-connect: Some devices automatically connect to any available Wi-Fi network—turn that off.
  • Stick to secure sites: When browsing on public Wi-Fi, make sure the website URLs begin with “https” to ensure encryption.

5. Lock Your Devices – Physically and Digitally

Leaving your laptop unlocked and unattended, even for a coffee break, is a huge risk. A bad actor could quickly access sensitive data or install malicious software. The same goes for digital security—if you’re not careful about logging out of accounts or locking screens, you’re creating easy opportunities for attackers.

Best practices for device security:

  • Use strong screen locks: Passwords, PINs, or biometrics on all your devices.
  • Enable automatic screen locks: Set devices to lock after a short period of inactivity.
  • Physically secure devices: If you work in a shared space or travel frequently, invest in a laptop lock.

Final Thoughts: It Takes a Village

Cybersecurity isn’t just the IT department’s problem—it’s everyone’s responsibility. Even the most advanced security technologies can’t protect against human error. By following these five easy tips—being wary of phishing, using strong passwords, keeping software updated, avoiding risky Wi-Fi, and locking devices—you’ll not only safeguard yourself but also contribute to a stronger security posture for your organization.

Think of it like flu season: you wash your hands and get a flu shot not just for yourself but for everyone around you. Cybersecurity works the same way—your actions protect not only you but the entire organization. So, this Cybersecurity Awareness Month, let’s all do our part to stay vigilant and keep the digital flu at bay.

Stay safe out there—both online and off.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

Navigating the Growing Challenges of Non-Human Identities in IT

Non-Human Identities (NHIs) have become one of the most critical attack vectors within enterprise environments. Todd Thiemann, Senior Analyst at ESG, notes that “Non-human identities represent one of the most significant attack surfaces within today’s enterprises.” As organizations increasingly adopt digital transformation and cloud-first strategies, managing and securing these identities is crucial. Lapses in security controls can lead to expensive data breaches, operational disruptions, and compliance issues, underscoring the importance of the insights from the recent AppViewX report for IT leaders dealing with these challenges. “Without proper management and security controls, NHIs can lead to costly data breaches, operational disruptions, and compliance failures.”

Understanding the Role of Non-Human Identities in Modern IT Frameworks

In modern IT frameworks, non-human identities (NHIs) such as application IDs, service accounts, and API cloud keys, among other things, vastly outnumber human users. Organizations now manage 20 times more non-human identities than human ones, with more than 50% expecting this number to increase by over 20% in the next year. Despite their prevalence, visibility into these identities is alarmingly low. Osterman Research revealed that only 5.7% of organizations have full visibility into their service accounts. This lack of visibility complicates the task of managing and securing NHIs, further amplifying the risk they pose.

NHIs are integral to various automated processes and systems, making their proper management crucial. These identities operate silently in the background, facilitating everything from inter-application communication to data transactions. As organizations adopt more cloud services, microservices architectures, and AI-driven processes, the population of NHIs grows exponentially. This surge, combined with inadequate visibility, creates fertile ground for potential security breaches. Hackers increasingly target these often-overlooked identities to gain unauthorized access and disrupt operations.

A common challenge is that NHIs often operate with elevated privileges, making them attractive targets for attackers. If compromised, they can provide an entry point to critical systems and sensitive data. Therefore, it’s essential for enterprises to prioritize NHI management and security. Robust identity and access management (IAM) solutions, coupled with continuous monitoring and automated certificate lifecycle management (CLM), can significantly mitigate these risks.

Understanding the multifaceted role of NHIs in modern IT environments highlights the urgency of implementing stringent security measures. As the digital landscape evolves, so too must the strategies to protect these vital yet vulnerable components of enterprise IT infrastructure. 

Assessing the Risks Associated with Unmanaged Non-Human Identities

The risks associated with unmanaged NHIs are significant and cannot be underestimated. Alarmingly, nearly 46% of organizations have experienced breaches related to non-human identities, with the average enterprise suffering 2.7 incidents in the past year. Moreover, 66 percent of enterprises have experienced a successful cyberattack resulting from compromised non-human identities. These statistics underscore the urgent need for enterprises to prioritize the management and security of NHIs to mitigate potential threats and vulnerabilities.

Unmanaged NHIs, often operating with elevated privileges, present an attractive target for cybercriminals. Once compromised, these identities can provide unauthorized access to critical systems and sensitive data, making them a significant vector for potential attacks. The operational complexity of modern cloud environments exacerbates this issue, as it makes manual management of NHIs not only impractical but also highly ineffective.

Compounding the challenge is the inadequate visibility into these identities, which hampers effective oversight and incident response. The lack of robust security controls around NHIs can lead to devastating breaches, resulting in financial losses, reputational damage, and non-compliance with regulatory standards.

Given the increasing sophistication of cyber threats, enterprises must adopt comprehensive strategies to secure NHIs. Automated solutions for identity management and continuous monitoring can offer significant advantages, providing real-time insights and rapid responses to potential security incidents. Integrating advanced threat detection and automated remediation into the cybersecurity framework ensures that NHIs are effectively managed and secured, thereby minimizing the risks they pose to the enterprise.

Failure to address these vulnerabilities proactively could lead to substantial and far-reaching consequences, emphasizing the critical importance of robust NHI management and security in today’s digital landscape.

The Importance of Automated Certificate Lifecycle Management (CLM)

Automated Certificate Lifecycle Management (CLM) is critical for mitigating the risks associated with Non-Human Identities (NHIs). As enterprises increasingly recognize the importance of safeguarding their digital ecosystems, over 80% of organizations expect to increase spending on non-human identity security, with a focus on identity threat detection, certificate lifecycle management, and workload access control.

Implementing CLM provides a streamlined approach to managing digital certificates, which are essential for establishing trust and ensuring secure communications between NHIs. Automated CLM solutions simplify the issuance, renewal, and revocation of certificates, reducing the risk of human error and minimizing operational disruptions. This automation ensures that certificates are always up-to-date and compliant with security policies, which is vital for maintaining the integrity of communications within complex IT environments.

Moreover, automated CLM enables real-time monitoring and alerting, allowing organizations to quickly identify and address potential vulnerabilities before they can be exploited. By integrating CLM with existing security infrastructures, enterprises can enhance their overall threat detection capabilities and ensure a robust defense against cyber threats targeting NHIs.

As the digital landscape evolves, the adoption of automated CLM becomes indispensable for managing the growing volume and complexity of NHIs. Enterprises that invest in these solutions position themselves to better navigate the challenges of modern cybersecurity, ensuring that their digital identities remain secure and resilient against emerging threats.

Best Practices for Securing Non-Human Identities in Enterprise-Level Organizations

Securing NHIs effectively requires a strategic approach that includes visibility, management, and automation. One key challenge is the poor visibility into non-human identity environments, with many organizations lacking confidence in their ability to secure and manage these identities effectively. To address these concerns, organizations should implement comprehensive identity and access management solutions that offer robust visibility and control. This includes employing automated systems for monitoring and managing NHIs, leveraging AI-driven insights for anomaly detection, and ensuring that security policies are consistently enforced across all digital identities.

Organizations must also adopt a zero-trust approach, which assumes that threats can originate from both inside and outside the network. This involves continuously verifying the identity and access rights of NHIs and restricting their permissions to the minimum necessary for their functions. By adopting this principle, enterprises can minimize the attack surface and limit the potential impact of compromised identities.

Integrating advanced threat detection tools with existing security frameworks can provide real-time alerts and responses to suspicious activities related to NHIs. Regular audits and compliance checks are equally important to ensure that security protocols are up-to-date and effective. By fostering a culture of proactive security and leveraging cutting-edge technologies, organizations can safeguard their digital ecosystems and mitigate the risks posed by unmanaged non-human identities.

Leveraging PKI Solutions for Enhanced Cybersecurity

Public Key Infrastructure (PKI) solutions are pivotal for ensuring robust cybersecurity in enterprise environments, particularly for Non-Human Identities (NHIs). PKI establishes a framework for encrypting communications, authenticating digital identities, and ensuring the integrity of data transactions. With the exponential growth of NHIs driven by cloud adoption and digital transformation initiatives, leveraging PKI has never been more critical.

By deploying PKI solutions, enterprises can authenticate the identity of applications, services, and devices, thereby preventing unauthorized entities from accessing sensitive information. PKI achieves this through the use of digital certificates, which verify the authenticity of non-human actors in a secure and scalable manner. This authentication process is essential for maintaining trust within the digital ecosystem, especially as NHIs facilitate increasingly complex interactions.

In addition to authentication, PKI ensures data integrity by encrypting information exchanged between NHIs. This encryption safeguards data from interception and tampering, providing a secure channel for communication. Implementing PKI also enables enterprises to enforce compliance with security policies, as digital certificates can be configured to meet stringent regulatory requirements.

The automation capabilities of modern PKI solutions further enhance security by streamlining certificate management. Automated certificate lifecycle management (CLM) minimizes human error, ensures timely renewal and revocation of certificates, and offers real-time monitoring and alerts. By integrating PKI with existing cybersecurity infrastructures, enterprises can bolster their defenses and reduce the risks associated with unmanaged NHIs.

Future-Proofing Your Cybersecurity Strategy for Non-Human Identities

Enterprises must proactively evolve their cybersecurity strategies to manage the growing volume of NHIs effectively. This forward-thinking approach involves anticipating emerging threats and addressing current vulnerabilities, ensuring a resilient security posture. Notably, 57 percent of the episodes where organizations suffered a successful attack tied to non-human identity compromises got Board of Directors attention. Elevating NHI security to a strategic level is crucial, requiring executive leadership to allocate the necessary focus and resources. By fostering a culture of security awareness and integrating advanced technologies, enterprises can strengthen their defenses against evolving cyber threats. This includes leveraging AI-driven insights, adopting zero-trust principles, and ensuring continuous monitoring and automated management of NHIs. These measures are vital for maintaining robust security and compliance in an increasingly complex digital landscape. Investing in innovative cybersecurity solutions not only addresses current risks but also positions organizations to effectively counter future challenges, ensuring the long-term security and integrity of their digital ecosystems.

Conclusion

The rise of Non-Human Identities (NHIs) as a significant attack vector highlights the urgent need for enterprises to prioritize their security. The exponential growth of NHIs, coupled with inadequate visibility and management, creates vulnerabilities that cybercriminals are increasingly exploiting. Organizations must act now by adopting automated solutions such as identity and access management (IAM) and certificate lifecycle management (CLM) to effectively manage and secure NHIs.

By implementing comprehensive security strategies—incorporating real-time monitoring, threat detection, and zero-trust principles—enterprises can mitigate the risks posed by unmanaged NHIs. The insights from the AppViewX report further reinforce the critical importance of proactive NHI management to prevent data breaches, operational disruptions, and compliance failures. Ultimately, investing in advanced security technologies not only strengthens current defenses but also future-proofs organizations against the evolving cybersecurity landscape.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

DORA: Strengthening financial institutions through effective backup solutions

The Digital Operational Resilience Act (DORA) marks a new phase in how financial institutions must approach cybersecurity and operational resilience. With its January 2025 implementation date fast approaching, institutions are focusing on aligning their ICT (information and communication technology) risk management frameworks with DORA’s stringent requirements.

One critical aspect of compliance under DORA is ensuring that institutions have robust backup policies and procedures in place. This article discusses how backup solutions, particularly cloud-based ones, can help financial institutions meet DORA compliance requirements, ensuring minimal downtime and protecting the integrity of their operations.  

Unpacking DORA’s backup requirements 

DORA mandates that financial institutions incorporate comprehensive backup, restoration, and recovery measures into their ICT risk management strategies. These backup systems are not simply a technical requirement — they play a central role in ensuring business continuity. DORA stipulates that backup solutions must be:

  • Secure: Protect the confidentiality, integrity, and availability of data. 
  • Activated without compromising IT systems: Backup procedures should not expose systems to further vulnerabilities during restoration processes.

In practical terms, financial institutions must set up backup systems that can withstand cyber incidents, system failures, and disruptions. Crucially, DORA emphasizes that backup is not just an IT issue — it is a governance issue, requiring oversight and approval from executive management. Backup solutions must, therefore, be part of the organization’s strategic ICT risk framework. 

The role of backup solutions in DORA compliance 

Effective backup policies and procedures lie at the heart of operational resilience and DORA compliance. In line with internationally recognized standards like ISO 22301 (business continuity) and ISO 27031 (ICT disaster recovery), backup solutions are indispensable for preparing for and recovering from disruptive incidents.

DORA’s focus extends beyond simple data restoration. It includes ensuring logical and physical data segregation (air gapping), data encryption standard, access control, data integrity, and redundancy. Financial institutions need to select backup solutions that ensure the following: 

  • Redundancy and high availability: Ensures continuity by replicating data across multiple locations. 
  • Strong encryption and access control: Secures data both at rest and in transit. 
  • Quick recovery times: Minimizes downtime during an incident response by swiftly restoring access to critical systems and data.

Choosing a third-party backup provider with a proven track record in financial services can help ensure compliance, while also mitigating risks in the event of an incident. 

Regular testing: A pillar of effective backup practices 

Under DORA, regular testing of backup and restoration procedures is mandatory. This ensures that institutions can quickly recover in the face of incidents, while also identifying gaps in their current strategies. These tests must be conducted periodically, with large organizations often needing to implement threat-led penetration testing (TLPT).

However, not all backup solutions offer equal efficiency when it comes to testing and auditing. When choosing a vendor, it is important to look for those that support: 

  • Efficient auditing and reporting: Documenting the effectiveness of backup processes without using excessive business resources. 
  • Frequent and flexible testing capabilities: Allowing businesses to test their backup infrastructure as often as necessary to ensure compliance with DORA’s stringent requirements.

As backup testing will be a recurring event under DORA, the ability to perform these tests without disrupting normal business operations will be critical for maintaining both operational resilience and regulatory compliance.

Conclusion 

Backup solutions are central to meeting DORA’s ICT risk management and operational resilience requirements. Financial institutions that invest in robust backup systems can protect their operations from disruptions, ensure continuity, and, most importantly, comply with the regulatory demands set out by DORA.

In summary, when selecting backup solutions, financial institutions should focus on key features that will ensure they can meet DORA’s stringent requirements: 

  • Access control and encryption: Protect data integrity and confidentiality with data encryption standard. 
  • Redundancy and high availability: Ensure that data is consistently available when needed. 
  • Efficient testing and reporting: Minimize resource use while meeting regulatory testing mandates. 
  • Comprehensive recovery plans: Ensure a quick and organized restoration of services after an incident. 
  • Detailed documentation: Maintain thorough records of backup processes, testing, and recovery, crucial for both internal governance and external regulatory audits.

By implementing these strategies, financial institutions will not only achieve compliance with DORA but also enhance their resilience against cyberthreats, securing their operations and maintaining the trust of their customers. 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×