Online Backup for MLS

Discussions around using and interfacing with the Church MLS program.
lajackson
Community Moderators
Posts: 8704
Joined: Mon Mar 17, 2008 9:27 pm
Location: US

Postby lajackson » Thu Oct 28, 2010 5:51 pm

jimmckeeth wrote:Amazon Cloud S3 storage would be less than $1 a month for the level of usage we would need. While not free, it would certainly be very affordable, and cheaper than replacing flash drives annually.


I have been using the same flash drive for six years. But even if I were to replace it every other year, it would be cheaper than $1 a month.

I would surmise that, with everyone going to some sort of high speed internet connection, Church headquarters will be doing more backups. But that is just my opinion.

JimMcKeeth
New Member
Posts: 16
Joined: Thu Oct 28, 2010 12:41 pm
Location: Mukilteo, Washington, USA

Postby JimMcKeeth » Thu Oct 28, 2010 10:06 pm

RussellHltn wrote:I think the first question is with the switch to CUBS, what financial data would be missing? Under the old system, there was "ward" data and "CHQ" data. But now there's only "CHQ" data.


I need to understand CUBS better. Maybe this will change things and make it a moot point.

russellhltn
Community Administrator
Posts: 26668
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Thu Oct 28, 2010 10:44 pm

jimmckeeth wrote:moot point.


Finally! Someone who understands that it's "moot" not "mute". :)
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.

JimMcKeeth
New Member
Posts: 16
Joined: Thu Oct 28, 2010 12:41 pm
Location: Mukilteo, Washington, USA

Postby JimMcKeeth » Thu Oct 28, 2010 10:46 pm

RussellHltn wrote:Finally! Someone who understands that it's "moot" not "mute".
__________________
There are 10 types of people. Those who understand binary and those that don't.


I also understand binary.

User avatar
mfmohlma
Senior Member
Posts: 854
Joined: Thu Feb 28, 2008 5:45 pm
Location: Hillsboro, OR

Postby mfmohlma » Fri Nov 05, 2010 10:53 pm

jimmckeeth wrote:
RussellHltn wrote:Finally! Someone who understands that it's "moot" not "mute". :)
__________________
There are 10 types of people. Those who understand binary and those that don't.


I also understand binary.


This isn't the first time that RussellHltn's signature has appeared as an unintended insult. Perhaps it's time for a rewrite. :p

waynecooke
Member
Posts: 134
Joined: Wed Oct 27, 2010 11:05 am
Location: Kalama, Washington

Postby waynecooke » Fri Nov 05, 2010 11:07 pm

I don't think that anyone anywhere in that conversation meant an insult. I think that jimmckeeth's response was really funny. I got a chuckle out of it. (I also know the difference between "moot" and *mute* and wish I understood binary better:))

RossEvans
Senior Member
Posts: 1346
Joined: Wed Jun 11, 2008 8:52 pm
Location: Austin TX
Contact:

Postby RossEvans » Sat Nov 06, 2010 8:46 am

jimmckeeth wrote:As the financial clerk I am not the only one who uses MLS, but some other users are not as good about performing backups. Additionally I sometimes forget one of the 3 steps:

  1. Backup to C: drive.
  2. Backup to USB drive locked in cabinet.
  3. Update to offsite backup (on USB drive in my pocket).
We do those same three steps in our ward. And perhaps sometimes someone forgets Step 2 or 3 -- especially Step 3, since different people might be doing the back up at different times.

In thinking through the security risks, there is potential for the whole MLS database to fall into the wrong hands from loss of the USB backup in clerks' pockets.

The risk of a lost USB drive itself is fairly high. People lose these things frequently. The MLS backup file is itself encrypted, but I think it can be decrypted automatically by loading it into any test installation of MLS. So if an unauthorized person did come into possession of the backup file and were disposed to explore it maliciously, all they would need would be an install package for MLS.

Everyone who thinks the access to that MLS install package is restricted by high security, raise your hand. (Yes, I know it is restricted.)

There obviously is risk in users violating policy and backing up the files to a third-party site of their choosing. There also is risk in following policy and keeping the offsite USB drive -- perhaps even more risk than using a reputable online site.

The risks of online backup seem more manageable if CHQ picked a trustworthy online vendor, or just stored more frequent backups on Church servers so that at least the most recent backup was archived remotely. Storage bytes and bandwidth get cheaper all the time.

Meanwhile, perhaps we should rethink how we handle the "offsite" USB drives in Step 3 above. Using an encrypted drive would add a significant layer of protection -- at the cost of some hassle in entering and maintaining the password.

User avatar
aebrown
Community Administrator
Posts: 15104
Joined: Tue Nov 27, 2007 8:48 pm
Location: Sandy, Utah

Postby aebrown » Sat Nov 06, 2010 9:19 am

boomerbubba wrote: The MLS backup file is itself encrypted, but I think it can be decrypted automatically by loading it into any test installation of MLS. So if an unauthorized person did come into possession of the backup file and were disposed to explore it maliciously, all they would need would be an install package for MLS.


Fortunately, that assumption is not correct. To install a backup on a different installation, you have to provide a valid username and password (for a user with administrative privileges) from the backup. So the risk of information falling into the wrong hands (if a USB drive with a backup file is lost) is not as high as you suggested, but overall you do raise some good points.
Questions that can benefit the larger community should be asked in a public forum, not a private message.

RossEvans
Senior Member
Posts: 1346
Joined: Wed Jun 11, 2008 8:52 pm
Location: Austin TX
Contact:

Postby RossEvans » Sat Nov 06, 2010 10:32 am

Alan_Brown wrote:Fortunately, that assumption is not correct. To install a backup on a different installation, you have to provide a valid username and password (for a user with administrative privileges) from the backup. So the risk of information falling into the wrong hands (if a USB drive with a backup file is lost) is not as high as you suggested, but overall you do raise some good points.


Thanks for setting me straight on that point. I agree that substantially reduces the risk. There is some remaining risk of brute-force attacks if the password is not strong, unless MLS also includes some safeguard against repeated attempts. I presume that the encryption of the files themselves is strong enough. Unlike the situation with the main administrative computer, which at least is locked in the office, an attacker in this case could try exploits at his leisure.

Overall much of MLS security relies on physical security. We tend to pay a lot of attention here to the hypothetical risks of putting any data on third-party servers, while there are significant risks under our noses locally already. On balance, with something as significant as the entire MLS membership and finance database, I would rather see a policy that relies on automated online backups to a secure central site maintained by CHQ. That does not mean that individual clerks should feel free to violate policy and devise their own cloud-based system.

russellhltn
Community Administrator
Posts: 26668
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Sat Nov 06, 2010 12:41 pm

I can't see the Church paying for something it can do itself. We already have an automatic off-site backup. It only runs once a month. If the Church considered it an issue, they'd just increase the frequency.

But with the change to CUBS and the expansion of the CDOL, just what is at risk of being lost? A month's worth of HT/VT data? Recent third tier callings? It's frustrating, yes, but I don't see anything critical to "business continuity" being at risk even if the Ward never did a backup.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.


Return to “MLS Support, Help, and Feedback”

Who is online

Users browsing this forum: No registered users and 1 guest