Does My SQL Data Directories need to have a share on them?

Have a basic question for you MS SQL gurus. We recently have had a ransomware scare at our small business. We currently run a few applications that use MS SQL express and MS SQL full version. We are wondering if the directory(s) where the SQL data is stored is required to have a share on it. We are thinking that if we get nailed by ransomware that locks all of our files, would not making the SQL data itself unavailable to the network keep us from losing the data to the thief? Or would a SAN benefit us that is not connected to any internet connection? We do however back up our data to a Server across town through our Comcast business fiber which is stored at our sister company and vice versa.
LVL 1
Steve WilliamsProduct Design EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KimputerCommented:
SQL servers don't need to have a shared folder/drive.
Backup is always good.
Don't have ransomware running in the first place by limiting your users to only run applications you already installed for them (Software Restriction Policy or similar).
0
Steve WilliamsProduct Design EngineerAuthor Commented:
@Kimputer
Thanks for the info, unfortunately, one of the apps that our employees require every day is Office 365 which uses the outlook app to check email. We also do lots of online research and require internet. The ransomware is so deceiving in that it looks like legitimate email but really is not. We have our employees trained well on what to look for and to be cautious when it comes to reading email. We use Cisco Umbrella to help minimize the bad stuff that does come our way and Malwarebytes to catch the stuff that gets through. Even tho both are good at what they do, they cannot catch 100% of the bad stuff. We have been schooled in the fact that ransomware once on a single computer can blow thru our network and can lock every file on every device.

The reason for the question is we are trying to find ways to lessen the impact should we ever be infected. The SQL data is the bulk of our intellectual data which our company runs on.
0
KimputerCommented:
Sorry, you misunderstood me. I didn't say users can't use email or browser. I said limit users access to executables to only those already installed (look up SRP, it's built in Windows, for free). You will cover almost ALL Malware!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Steve WilliamsProduct Design EngineerAuthor Commented:
Thanks, Kimputer for your input. I spoke with our Server tech and he concurs, just wanted a second opinion.  He is going to start the process of investigating and then implementing an SRP GP for our systems.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Ransomware

From novice to tech pro — start learning today.