The problem: exposed backups

In many infrastructures, backups are stored in the same environments as production applications. As a result, in the event of a massive attack or network compromise, backup copies suffer the same fate as the rest of the information system. They are then unusable or even deleted.

The SafeHub solution: partitioning in VPCs

With Arkeion-SafeHub, your backups are hosted in one or more VPCs (Virtual Private Clouds), i.e. private virtual environments that are completely separate from the rest of your systems.

👉 Definition: a VPC is an isolated portion of the public cloud that functions as a dedicated but completely partitioned data centre. You benefit from cloud resources (elasticity, availability) while maintaining strict separation from your production environments.

These VPCs are configured to guarantee:

Isolation: no direct interconnection with the compromised IT system.
Traceability: each access is logged and verifiable.
Enhanced security: strict network segmentation and dedicated access controls.

This approach follows the principles of the Ransom-Kick methodology: decoupling critical environments to limit the effects of propagation and guarantee the availability of a reliable recovery base.

The benefits for your resilience

Hosting your backups in isolated VPCs has several advantages:

Protection against lateral attacks: even if the main IT system is compromised, the backups remain inaccessible.
Auditability: you maintain clear traceability of access and actions.
Flexibility: one or two VPCs can be configured according to your business and regulatory needs.

In the Arkeion Group ecosystem:

Arkeionis determines which data needs to be protected in these isolated environments,
SafeHub ensures their compartmentalisation in dedicated VPCs,
Arkeion-Certification validates the robustness of this model with your stakeholders (customers, insurers, auditors).

Take action

👉 Separate your critical backups from your exposed environments.