Does My SQL Data Directories need to have a share on them?

Have a basic question for you MS SQL gurus. We recently have had a ransomware scare at our small business. We currently run a few applications that use MS SQL express and MS SQL full version. We are wondering if the directory(s) where the SQL data is stored is required to have a share on it. We are thinking that if we get nailed by ransomware that locks all of our files, would not making the SQL data itself unavailable to the network keep us from losing the data to the thief? Or would a SAN benefit us that is not connected to any internet connection? We do however back up our data to a Server across town through our Comcast business fiber which is stored at our sister company and vice versa.
LVL 1
Steve WilliamsProduct Design EngineerAsked:
Who is Participating?
 
KimputerCommented:
Sorry, you misunderstood me. I didn't say users can't use email or browser. I said limit users access to executables to only those already installed (look up SRP, it's built in Windows, for free). You will cover almost ALL Malware!
0
 
KimputerCommented:
SQL servers don't need to have a shared folder/drive.
Backup is always good.
Don't have ransomware running in the first place by limiting your users to only run applications you already installed for them (Software Restriction Policy or similar).
0
 
Steve WilliamsProduct Design EngineerAuthor Commented:
@Kimputer
Thanks for the info, unfortunately, one of the apps that our employees require every day is Office 365 which uses the outlook app to check email. We also do lots of online research and require internet. The ransomware is so deceiving in that it looks like legitimate email but really is not. We have our employees trained well on what to look for and to be cautious when it comes to reading email. We use Cisco Umbrella to help minimize the bad stuff that does come our way and Malwarebytes to catch the stuff that gets through. Even tho both are good at what they do, they cannot catch 100% of the bad stuff. We have been schooled in the fact that ransomware once on a single computer can blow thru our network and can lock every file on every device.

The reason for the question is we are trying to find ways to lessen the impact should we ever be infected. The SQL data is the bulk of our intellectual data which our company runs on.
0
 
Steve WilliamsProduct Design EngineerAuthor Commented:
Thanks, Kimputer for your input. I spoke with our Server tech and he concurs, just wanted a second opinion.  He is going to start the process of investigating and then implementing an SRP GP for our systems.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.