Thomas Anthony
asked on
Securely save Hyper-v backups on local NAS
We have a small Hyper-V host with two VMs. Our backup strategy currently is to backup to a USB3.0 RDX drive with removable cartridges. It works great but there are times we would like to not have someone on location to switch cartridges.
We have a Synology NAS that I could use to backup to but I don't want to have it susceptible to ransomware if the server gets infected, therefore having my backups infected. Is there a way to still backup to my NAS on a local LAN but not have it seen by ransomware?
We have a Synology NAS that I could use to backup to but I don't want to have it susceptible to ransomware if the server gets infected, therefore having my backups infected. Is there a way to still backup to my NAS on a local LAN but not have it seen by ransomware?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Maybe, It's always better to prevent to get infected (some good AV software on workstations) than realize you're infected, but as long as users will have no rights to write to SAN, then risk of infecting SAN from some infected workstation is minimal.
The account that you use for backing up should not be used to execute ransomware - that's all. Only grant access to one single account.
For example: if you take an extra account for the backup: how do you think would ransomware get that account's name and password?
For example: if you take an extra account for the backup: how do you think would ransomware get that account's name and password?
ASKER
Thanks for the fast response and excellent advise. After trying, it is the best solution for a difficult issue.
ASKER
Maybe what I seek isn't realistic?