Backup File Server to DAS
-
@DustinB3403 said:
This malware needs to act quickly. It doesn't have time to dick around and upload potentially TB or more of data to encrypt it.
Thats not true. It needs to encrypt quickly. Once encrypted it has free time to upload all that it can.
-
@scottalanmiller said:
@IT-ADMIN said:
OK, can a restore point decrypte the ransomed data ??
Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.
If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.
for this reason it is very recommended to store your system images in another physical storage not on the same machine
-
@IT-ADMIN said:
@scottalanmiller said:
@IT-ADMIN said:
OK, can a restore point decrypte the ransomed data ??
Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.
If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.
for this reason it is very recommended to store your system images in another physical storage not on the same machine
Not just that but preferably with a system that can lock it as read-only once it's backed up. Which is great for audits as well.
-
@IT-ADMIN said:
@scottalanmiller said:
@IT-ADMIN said:
OK, can a restore point decrypte the ransomed data ??
Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.
If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.
for this reason it is very recommended to store your system images in another physical storage not on the same machine
Correct, but it would need to be one that is decoupled, which is very difficult to do.
-
@Jason said:
@IT-ADMIN said:
@scottalanmiller said:
@IT-ADMIN said:
OK, can a restore point decrypte the ransomed data ??
Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.
If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.
for this reason it is very recommended to store your system images in another physical storage not on the same machine
Not just that but preferably with a system that can lock it as read-only once it's backed up. Which is great for audits as well.
Decoupled or locked, as Jason points out. It needs to be read only or it will get ransomed too.
-
i guess setting up an account on the backup destination so that veeam authenticate against will make the backup decoupled
-
@IT-ADMIN said:
i guess setting up an account on the backup destination so that veeam authenticate against will make the backup decoupled
No, if ANYTHING running on your server can talk to the storage, it is not decoupled. That is tightly coupled. Things like Unitrends appliances stand BETWEEN your systems and the backup storage. That's lightly decoupled. Tapes are fully decoupled.
-
I have heard that a lot of the ransoms are on the low side. Under $1000. Which is a lot of money, but not crippling. Generally a no brainer to a business.
-
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
-
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
-
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
-
@Dashrender said:
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
I'm having a bit of Dejavu here.
-
@coliver said:
@Dashrender said:
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
I'm having a bit of Dejavu here.
Well I'm not going to say it can't be scheduled.. so there
-
@Dashrender said:
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
Not decoupled AFAIK, in any way.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
Not decoupled AFAIK, in any way.
The risk though can be reduced by using a different user account and only using it for this one application.
-
@coliver said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
Not decoupled AFAIK, in any way.
The risk though can be reduced by using a different user account and only using it for this one application.
Yes, but that is the only gap that there is. It is fully coupled to the network.
-
@scottalanmiller said:
@coliver said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Jason said:
Many look into Dell Appassure for backups. I don't think you pay for windows though so not sure you would for this.
That's going to be an issue. Everything that does decoupled backups is going to be non-free or require virtualization at least.
What about Veeam End Point Protection?
Not decoupled AFAIK, in any way.
The risk though can be reduced by using a different user account and only using it for this one application.
Yes, but that is the only gap that there is. It is fully coupled to the network.
Yes, that adds a huge amount of risk.
-
can i have 2 scheduled backup with veeam or it is limited to one schedule backup ??
i ask this question because i want to setup 2 schedule backup : one for data and one for system image ,
any thoughts ?? -
If you are using the Veeam Endpoint Recovery Free, it looks like only a single schedule.
-
thank you Dear @dafyre for the info