?
Solved

Exchange InformationStore Backup file security / General FileSecurity

Posted on 2011-03-18
5
Medium Priority
?
272 Views
Last Modified: 2012-05-11
Hi

The SBS 2003 R2 server takes a NT backup of Exchange InformationStore to a  NAS -disk where everyone have full rights.

1. What if the NAS-disk is stolen? Can anyone recover mails from there?
2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?
3. If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Thanks in advantage,

Juha
0
Comment
Question by:RimFire007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 2000 total points
ID: 35163799
>>What if the NAS-disk is stolen? Can anyone recover mails from there?

Yes, using 3rd party tools the contents of the EDB file can be recovered to PST files

>>2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?

Same as above.

>>If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Yes, that's why physical security is the most important aspect of your security plan.
0
 

Author Comment

by:RimFire007
ID: 35174757
Thanks demazter:

Additionally. Any easy way to encrypt the Exchange backup files? Since the BUs are stored to NAS the TrueCrypt isn't the option here. Does the SBS 2003 include any "built in" encryption tool? I do have Symantec installed but I would love to use something else here. We copy the InformationStore BU files over Internet to a Third Party Secure Store.

Rgs, Juha
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35174824
Sadly not.  You may be able to use a 3rd party tool but I am not aware of any.
0
 

Author Closing Comment

by:RimFire007
ID: 35204638
Thanks demazter

I just wanted to have second opinion and unfortunatelly the physical security of the server area seems to be the only solution here when using MS build in solutions.

I reported the customer facts as demazter explained.

Rgs,

Juha
0
 

Author Comment

by:RimFire007
ID: 35204642
Additionally

I was able to change Windows permissions to NAS only for Domain Administrators and NAS local administrator.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month12 days, 12 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question