Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can Backups of Email Be Hacked?

Question: Hi, Leo. I’m an engineer in the UK. I’m interested in email security and I’ve read your stuff on email interception. I want to discuss an aspect of this (the backup of email servers) and get your view. Most articles that I come across suggest that intercepting email in transit or in flight over the wire as opposed to radio is hard to do for a hacker. It’s the end points that the hacker is most likely to attack, but my worry is that even in transit, an email is likely to pass through an intermediate email server and those servers are likely to be backed up with a backup possibly being stored off the network. Once this backup has been made, the security of the information content can then be a time independent risk. Such a backup could be read or copied who knows when in the future by who knows who. How much of a threat would you consider these backups to be?

You raise a very good point and it applies to more than just email. This is a very often-overlooked aspect of both email and more general cloud security.

Become a Patron of Ask Leo! and go ad-free!

The email route

Email is pretty much point-to-point these days.

When I send email it goes from my computer to a mail server. It then goes to the mail server of the recipient and from there it's typically downloaded to the recipient’s computer. In reality, there are usually only four touch points: the two servers and the two destinations or the two endpoint PCs.

Any of those touch points, including the mail servers, can and probably should be getting backed up.

Receiving-server backups

Usually, it’s not the sending server. When I send an email and it goes to my mail server, it’s only there long enough for the email to be retrieved from my computer and then sent to its final destination.

The destination mail server is often where email will live for some time, depending on the user of that particular mail account. If you’re actually using POP3 to download email every five minutes, then it’s possible that the email could reside on that server for as little as five minutes. On the other hand, if you’re checking less frequently (like once a day), or using something like IMAP, or checking email from a web interface, then the email might be on that server for hours, days, or years.

We actually hope that those servers are being backed up regularly. But backups mean that a copy of your email is made as part of that backup process.

Email servers should be backed up

I talk about backups all the time. A backup is nothing more than a copy of what’s on a computer. You then store the backup somewhere secure, so if something happens to your computer, you can restore the backup.

Ultimately, we absolutely want our email service providers to be backing their servers up. Stuff happens. You don’t want to lose your email because Gmail or Hotmail or Yahoo! or whomever had a hardware problem. If they have a problem you want them to be able to restore your email from a backup.

VaultNow, email service providers store backups offline in an exceptionally secure way. They usually physically remove and store backups in a separate secure location. There are restrictions on who can be around the backup. There's at least as much security (if not more than) the actual servers that contain the data in the first place.

These backups are also only kept for "a while". We don’t know how long they’re kept: days, months, or years, but they're very likely not kept forever. That’s an impractical solution for most of these email service providers, given the sheer volume of data that they receive. Eventually, those old backups get rotated out and discarded in some (hopefully secure) fashion.

One thing that's important, though, is that those backups are typically not online. In order to access the backup they must be physically located and loaded.

Because of that I really don’t consider them a viable hacking target. I don’t want to say that it’s impossible, but it’s extremely unlikely. Just considering all of the hoops one would have to go through to actually get physical access to those backups, especially when there’s so many “easier” alternatives (like attacking your computer with malware).

Not hackers, but court orders

There is a very important point that many people overlook. To me, the greater potential impact of server-side backups is in things like responding to court orders. Backups can be subpoenaed.

Even if you delete email from your email account a court order could cause your email service provider to be required to provide all of the backups from your account.

That way, they can access email that you deleted yesterday, but that’s still on the backup from the day before.

It's the cloud

I’m talking about email because that's what you specifically asked about, but everything that I’ve just described applies to anything in “the cloud.”

Any data that you put into any online service is subject to all of the same issues that we’re running into here. It’s backed up, stored off-site, and inaccessible to hackers, but it may be accessible to the legal system.

Those are things all very well worth considering when you’re using not only cloud services, but even just day-to-day email.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

2 comments on “Can Backups of Email Be Hacked?”

  1. “You don’t want to lose your email because Gmail or Hotmail or Yahoo! or whomever had a hardware problem.”

    I can’t speak about Hotmail or Yahoo but Google has multiple HUGE datacenters sprinkled around the world. I doubt that a “hardware problem” is going to cause any sort of data loss. The renduncanies are just too great. Service interruptions, tho, are a different story.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.