Backup File Server to DAS
- 
 i realize that i was very ignorant about the risks we have as network admins, i should setup a good backup plan as soon as possible, wow we are like in a forest, the strong eat the weak 
- 
 @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? 
- 
 @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. 
- 
 @IT-ADMIN said: i realize that i was very ignorant about the risks we have as network admins, i should setup a good backup plan as soon as possible, wow we are like in a forest, the strong eat the weak Yes, among the most important aspects of IT are security, risk management, disaster planning, etc. These are our core skills. The other stuff that we do is pretty trivial. 
- 
 @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? 
- 
 @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! 
- 
 There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business." All IT is about managing risk and deciding where on the spectrum we are going to fall. 
- 
 @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! lol, it depend, there are some ransom who demand too much $ 
- 
 @IT-ADMIN said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! lol, it depend, there are some ransom who demand too much $ There are? and what is to much? If you're being targeted by ransomware that is outside the of the normal $500-$1500 ransom, then it's likely that a Sophos won't save you anyway. 
- 
 @IT-ADMIN said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! lol, it depend, there are some ransom who demand too much $ In which case you consider your data not worth the money. So you forfeit your data. Good job.. way to look at security ass backwards. 
- 
 @scottalanmiller said: There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business." All IT is about managing risk and deciding where on the spectrum we are going to fall. That's true, but it seems odd to me still to list it, when it would almost never be on the recommend that a business do this list. 
- 
 @DustinB3403 said: @IT-ADMIN said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! lol, it depend, there are some ransom who demand too much $ In which case you consider your data not worth the money. So you forfeit your data. Good job.. way to look at security ass backwards. Not sure if that is backwards. Seems like they are making the decision that their data doesn't have the same value of the ransom. 
- 
 @Dashrender said: @scottalanmiller said: There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business." All IT is about managing risk and deciding where on the spectrum we are going to fall. That's true, but it seems odd to me still to list it, when it would almost never be on the recommend that a business do this list. A large business sure would. 
- 
 @IT-ADMIN said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! lol, it depend, there are some ransom who demand too much $ Sure, the problem is that you don't know for sure how much the ransom will be until it is too late. If it is $300 or $10,000,000 is a big difference. But the FBI recommends paying it  Generally they make the ransom low enough that you will pay it but enough that it will hurt. Generally they make the ransom low enough that you will pay it but enough that it will hurt.
- 
 @coliver But it is completely backwards. To think, oh hey I'm being ransomed for my data. He doesn't specify a value. Just that the ransoming is occurring, the value could be $300US. Which might be @IT-ADMIN said: lol, it depend, there are some ransom who demand too much $ Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked" 
- 
 @Dashrender said: @IT-ADMIN said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: @Dashrender said: @scottalanmiller said: - Use a good firewall with Layer 7 filtering, like Palo Alto
 How many of use actually do this though? More than you'd think. Sophos is pretty popular in the SMB. Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice? Cheaper to pay the ransom than it is to pay for a Sophos over a ERL! lol, it depend, there are some ransom who demand too much $ There are? and what is to much? If you're being targeted by ransomware that is outside the of the normal $500-$1500 ransom, then it's likely that a Sophos won't save you anyway. Sophos is going to be a very minor point of protection no matter what. 
- 
 @coliver said: Not sure if that is backwards. Seems like they are making the decision that their data doesn't have the same value of the ransom. And maybe it doesn't. It's not worth a Windows license, good backups, etc. Those things are cheaper than the ransom, normally. So not surprised if the data isn't worth much of anything. 
- 
 @scottalanmiller said: @Dashrender said: @scottalanmiller said: There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business." All IT is about managing risk and deciding where on the spectrum we are going to fall. That's true, but it seems odd to me still to list it, when it would almost never be on the recommend that a business do this list. A large business sure would. OK true - again we are an SMB site, not an enterprise one. In the case of an enterprise, the cost of Sophos vs restoring data is a no brainer. 
- 
 @DustinB3403 said: Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked" Thats something you never do in IT. You never do "everything in your power." Truly, never. That's what @Dashrender and I were discussing. You almost never bother with a UTM for this, but doing everything in your power, you would. You rarely see an SMB go to tape, yet that is how you best avoid this. Everything in IT is about weight the options versus the risk and determining what makes the most sense for the given scenario. 
- 
 @DustinB3403 said: @coliver But it is completely backwards. To think, oh hey I'm being ransomed for my data. He doesn't specify a value. Just that the ransoming is occurring, the value could be $300US. Which might be @IT-ADMIN said: lol, it depend, there are some ransom who demand too much $ Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked" i was joking Dude, lol 




