?
Solved

What is a simple way for a home user to backup and be able to recover from a future ransomware incident?

Posted on 2016-08-18
7
Medium Priority
?
69 Views
Last Modified: 2016-09-12
I have all my business clients on systems that work to prevent the issue and recover easy if the prevention was unsuccessful.
But say you have many home users (friends, family etc) with a single backup drive and no budget.
Currently I've experimented with setting the permissions on their backup drives to the "administrator" account only, so that even the people that insist on being a local admin user can't access the backup drive (cryptolocker won't be able to also).

But in the case of an RDP attack the scammer will just reset passwords/permissions or nuke the backup drive.

What to do ?
0
Comment
Question by:Lee Hux
6 Comments
 
LVL 12

Accepted Solution

by:
Benjamin Voglar earned 332 total points (awarded by participants)
ID: 41762019
The simples way for home users is Cloud. Cloud product have previus versions. And for Companies, files server 2012 or later with privius versions enamblet on it.

Oh and NO, you can not make access only for backup SW and not for local admins.
0
 
LVL 20

Assisted Solution

by:Mal Osborne
Mal Osborne earned 332 total points (awarded by participants)
ID: 41762026
For home users, I sometimes just advise them to obtain a couple of $10 USB keys, and try to get in the habit of copying anything important to them manually. Optimally, one should be kept in a separate building.  Only works for somewhat computer literate users, and requires a little work of course.

Hackers will not be able to do much to a copy kept in the users drawer at work.
0
 
LVL 13

Assisted Solution

by:akb
akb earned 332 total points (awarded by participants)
ID: 41762041
Using Dropbox will keep versions - one month for the free version.
The problem with a single backup device is that if it is plugged in when the ransomware strikes you will lose your backups as well.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
LVL 50

Assisted Solution

by:dbrunton
dbrunton earned 332 total points (awarded by participants)
ID: 41762146
There are two questions here although it may not seem so.

In the case of data (My Documents and such) external backup drives (or flash drives) that are rotated and kept off site.  Say three drives (two off site and one local) and change them over once a week.  Off site could be at home or in the garage in a fireproof lockable box but as long as not in the same building as computer system.  But preferable another building in another locality.  You then have to arrange an easy method to update the backup disk which could be as easy a couple of batch files or purchasing a backup utility.

Now for the computer system.  An image should be taken of the whole drive and stored off site.  If the computer is hacked badly then the image can be restored to the computer system and then the data transferred back.  You should think of offering this as a service to your clients.
0
 
LVL 88

Assisted Solution

by:rindi
rindi earned 336 total points (awarded by participants)
ID: 41762152
Have them get at least another disk to backup to. Personally I recommend using a USB dock rather than buy a USB disk. Docks aren't expensive, and they are flexible in the type of disks they accept (most of them can take both, 2.5" laptop disks, as well as 3.5 desktop disks):

http://www.newegg.com/Product/Product.aspx?Item=N82E16817182307&cm_re=usb_disk_dock-_-17-182-307-_-Product

Then get a couple of cheap 2nd hand disks through an auction site like ebay. That should be affordable even for low budget users.

Then teach them rotate between those disks after every backup. Also teach them to remove the disk from the dock after the backup has finished, or power off the dock, so should something happen to the PC, the backup can't get touched.
0
 
LVL 27

Assisted Solution

by:tliotta
tliotta earned 336 total points (awarded by participants)
ID: 41768565
Cheap 2nd-hand/refurb disks are useful. Every once in a while, one goes bad; but they can be cheap enough to buy multiples. I've used many over many years and only had one problem. Whenever I want one, I always buy two; so I've built up a small inventory. Handy for keeping spare images in addition to having emergency spares.

But "home users (friends, family etc)"? I've had far more problems getting them to grasp and implement various safe practices than I've had with 2nd-hand drives. And I've had far better luck getting some of them to convert completely to Linux Mint than getting them to stop some of their habits. None that I've converted in the past couple years have asked to go back to Windows. One was set up with a Windows/Mint dual boot a couple years ago. Except for showing how the dual boot works, the Windows partition has never been used since.

With either Wine or Windows in a VM, even a case where a Windows app is required can be handled. Linux Mint is about as easy as it currently gets for conversion for basic Windows users.

Best of all, I haven't been bothered every month or two by any of the converted ones to fix some Windows problem caused by poor practices. The worst problem I've had to address is giving one more demo of how the Mint update manager works and assuring that it really doesn't need to be shut down and rebooted just to get updates applied.

Anyway, aside from that, the question is how to do safe backups with small, or zero, budget. Well, Linux is a good start since it can be installed and kept up to date with zero budget. And backups can have the same zero cost (except hardware, as with anything). Backups can scheduled as needed. Also, access to backups and backup software can require manual input of the admin password.

Although there has been at least one ransomware threat seen in the wild that affects Linux, it seems only to affect web servers, so most home users wouldn't likely be affected much (even if they're infected).

In short, best I'd do for "home users (friends, family etc)" to protect against ransomware and most other viruses, trojans, etc., and to allow decent backups and to keep costs to a minimum is convert them to Linux Mint. Another distro might work out better for you
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it'…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

599 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question