There are a few questions I have about a connection I want to make to a shared folder that's on an NTFS volume. What I wanted to achieve was to have a single, non-admin user account on that target machine to which I only know the password. The shared folder would give that user account full control while denying full control to all other accounts including administrators. In other words, if you forget the password, you cannot access the data unless you remove the hard drive itself from the machine. I would think that this would make it difficult for the likes of Ransomware to encrypt the contents and my backups would be relatively safe.
Next would be to program a backup software to perform nightly backups to this folder. In this example, I'm using Veeam Endpoint Protection. The software is programmed with said user account and performs backups nightly. I'm assuming that while Veeam uses the username and password to open a connection, other programs and users on that originating computer cannot. In other words, Veeam has a private connection using said credentials.
Is this correct? Please let me know what you think.