Solved

Exchange InformationStore Backup file security / General FileSecurity

Posted on 2011-03-18
5
248 Views
Last Modified: 2012-05-11
Hi

The SBS 2003 R2 server takes a NT backup of Exchange InformationStore to a  NAS -disk where everyone have full rights.

1. What if the NAS-disk is stolen? Can anyone recover mails from there?
2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?
3. If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Thanks in advantage,

Juha
0
Comment
Question by:RimFire007
  • 3
  • 2
5 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 35163799
>>What if the NAS-disk is stolen? Can anyone recover mails from there?

Yes, using 3rd party tools the contents of the EDB file can be recovered to PST files

>>2. What if both the SBS 2003 server and the NAS-disk are stolen? Can anyone recover mails from there?

Same as above.

>>If the SBS 2003 server is stolen propably all files from shares can easely recovered/copied/opened, right?

Yes, that's why physical security is the most important aspect of your security plan.
0
 

Author Comment

by:RimFire007
ID: 35174757
Thanks demazter:

Additionally. Any easy way to encrypt the Exchange backup files? Since the BUs are stored to NAS the TrueCrypt isn't the option here. Does the SBS 2003 include any "built in" encryption tool? I do have Symantec installed but I would love to use something else here. We copy the InformationStore BU files over Internet to a Third Party Secure Store.

Rgs, Juha
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35174824
Sadly not.  You may be able to use a 3rd party tool but I am not aware of any.
0
 

Author Closing Comment

by:RimFire007
ID: 35204638
Thanks demazter

I just wanted to have second opinion and unfortunatelly the physical security of the server area seems to be the only solution here when using MS build in solutions.

I reported the customer facts as demazter explained.

Rgs,

Juha
0
 

Author Comment

by:RimFire007
ID: 35204642
Additionally

I was able to change Windows permissions to NAS only for Domain Administrators and NAS local administrator.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
how to add IIS SMTP to handle application/Scanner relays into office 365.

774 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question