Solved

Exchange InformationStore Backup file security / General FileSecurity

Posted on 2011-03-18
5
263 Views
Last Modified: 2012-05-11
Hi

The SBS 2003 R2 server takes a NT backup of Exchange InformationStore to a  NAS -disk where everyone have full rights.

1. What if the NAS-disk is stolen? Can anyone recover mails from there?
2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?
3. If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Thanks in advantage,

Juha
0
Comment
Question by:RimFire007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 35163799
>>What if the NAS-disk is stolen? Can anyone recover mails from there?

Yes, using 3rd party tools the contents of the EDB file can be recovered to PST files

>>2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?

Same as above.

>>If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Yes, that's why physical security is the most important aspect of your security plan.
0
 

Author Comment

by:RimFire007
ID: 35174757
Thanks demazter:

Additionally. Any easy way to encrypt the Exchange backup files? Since the BUs are stored to NAS the TrueCrypt isn't the option here. Does the SBS 2003 include any "built in" encryption tool? I do have Symantec installed but I would love to use something else here. We copy the InformationStore BU files over Internet to a Third Party Secure Store.

Rgs, Juha
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35174824
Sadly not.  You may be able to use a 3rd party tool but I am not aware of any.
0
 

Author Closing Comment

by:RimFire007
ID: 35204638
Thanks demazter

I just wanted to have second opinion and unfortunatelly the physical security of the server area seems to be the only solution here when using MS build in solutions.

I reported the customer facts as demazter explained.

Rgs,

Juha
0
 

Author Comment

by:RimFire007
ID: 35204642
Additionally

I was able to change Windows permissions to NAS only for Domain Administrators and NAS local administrator.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question