Solved

Exchange InformationStore Backup file security / General FileSecurity

Posted on 2011-03-18
5
270 Views
Last Modified: 2012-05-11
Hi

The SBS 2003 R2 server takes a NT backup of Exchange InformationStore to a  NAS -disk where everyone have full rights.

1. What if the NAS-disk is stolen? Can anyone recover mails from there?
2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?
3. If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Thanks in advantage,

Juha
0
Comment
Question by:RimFire007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 35163799
>>What if the NAS-disk is stolen? Can anyone recover mails from there?

Yes, using 3rd party tools the contents of the EDB file can be recovered to PST files

>>2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?

Same as above.

>>If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Yes, that's why physical security is the most important aspect of your security plan.
0
 

Author Comment

by:RimFire007
ID: 35174757
Thanks demazter:

Additionally. Any easy way to encrypt the Exchange backup files? Since the BUs are stored to NAS the TrueCrypt isn't the option here. Does the SBS 2003 include any "built in" encryption tool? I do have Symantec installed but I would love to use something else here. We copy the InformationStore BU files over Internet to a Third Party Secure Store.

Rgs, Juha
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35174824
Sadly not.  You may be able to use a 3rd party tool but I am not aware of any.
0
 

Author Closing Comment

by:RimFire007
ID: 35204638
Thanks demazter

I just wanted to have second opinion and unfortunatelly the physical security of the server area seems to be the only solution here when using MS build in solutions.

I reported the customer facts as demazter explained.

Rgs,

Juha
0
 

Author Comment

by:RimFire007
ID: 35204642
Additionally

I was able to change Windows permissions to NAS only for Domain Administrators and NAS local administrator.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question