Recent Posts



Gotchas for Backups

Based off article "What are "Good Backups" when it comes to Ransomware" by Third Tier

You need to review your backups before you are hit with ransomware. If your backup gets encrypted, you might have to pay or lose weeks or months of data. You should review how much loss of data or time can your business handle too as it will help determine your backup strategy.

You should avoid backing up to a network share (ie mapped drive) on a domain computer. Especially if everyone has access to it or it uses a domain account. Some older versions of Jungle backup did this.

I'm not a fan of backing up to USB based external drive. You would have to be militant about only hooking up when doing a backup and then ejected when done. Else you risk encryption. And you should have multiple drives so you can take a least 1 offsite. And, most importantly, USB drives fail a lot. Most times, you may only get 1 alert in event viewer before it fails. And if you aren't monitoring for that, you will miss it.

Your best option - would be to backup locally to a NAS (Synology or others) with a share that only 1 non-domain user has access to and only used by the backup software. And for safety/redundancy, you should replicate offsite (Amazon or others). The local backup is for faster restores.