We help IT Professionals succeed at work.

Backup solution safer for Crypto Lockers

145 Views
2 Endorsements
Last Modified: 2019-03-04
Backing up a Windows 2016 physical server on local USB drive

Hello

I need to backup a Windows 2016 physical server on a local UBS drive
(Of course this is not my only backup as data is also backed up online)

My 2 options:
- Windows Backup 2016 integrated tool
- VEEAM agent for Windows (old name: VEEAM Endpoint Backup)

Question:
Witch solution is safer for crypto lockers?
Since our worst scenario would be that the backup USB drive will be crypted also!!

Thank you for your answer
Regards
Comment
Watch Question

AlexA lack of information provides a lack of a decent solution.
CERTIFIED EXPERT

Commented:
backup to tape and then take the tape offsite.

To be honest, you're just as likely to get encrypted backups on either, neither one of them will go "Oh this is encrypted, I won't do anything". once the machine is encrypted if you then back it up, you've got an infected backup.

Common sense is paramount here to be fair.
Andy MIT Systems Manager
CERTIFIED EXPERT

Commented:
Depends on the cryptolocker virus/malware/ransomware (whatever term you wish to use). Older versions didn't even touch backup files unless it was a flat file copy to a network accessible location or on a local drive. These days some of the more complex variants will actively seek out the backups to remove them.

Generally, the safest backup is the one that is not available on the network at the time the virus hits. For this you should ensure you always have an off-site (off-network) copy of your backup that can be used if worse comes to worse. This can be on tape, a USB drive, an offline server, or even secure in the cloud. Providing nothing on your network can access the backup files directly at the time the virus hits, neither can the virus.

Either backup solution is fine providing you rotate the USB drives and keep one copy offline. Worse case scenario - you lose a day of work if the most recent backup is encrypted.
Gad SAADIAManager

Author

Commented:
In both solutions (Windows Backup or Veeam Agent) UBS drives will be rotated and 1 copy will be kept offsite

My question was related to the fact that 1) Windows Backup makes a special format on the UBS drive, no accessible in Windows through the explorer or a drive letter, meanwhile 2) VAW (Veeam Agent for Windows) is just in plain NTFS format so will be immediately crypted as a local drive. That is the reason Windows Backup is more secure than VAW

BUt I am not sure that this is right. Can you confirm ?
Senior Systems Engineer
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Gad SAADIAManager

Author

Commented:
Very nice feature!  But I guess scheduled backups will stop until we reconnect manually the USB drive. Is it right?
AlanConsultant
CERTIFIED EXPERT

Commented:
Hi Gadsad,

Yes - you are correct, but that should not matter, since you would expect to be removing the USB drive, and rotating it with the next daily, weekly, monthly etc drive, and taking the one from last night off-site.

When you connect the new drive, it will then be available via USB to Veeam (and anything else on your machine, including Crypto-Malware).

I would have to say that the Windows Backup is pretty good - I have never had it fail on me, but if you have already paid for Veeam, and are not paying for an upgrade and / or ongoing fees, then it is also a good choice.


Alan.
DanOwner
CERTIFIED EXPERT

Commented:
and you can install this on your servers.

https://www.d7xtech.com/cryptoprevent-anti-malware/
Gad SAADIAManager

Author

Commented:
thanks to all

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.