Avatar of aando

asked on 

How to backup TB of individual files that change often while protecting from Ransomeware?

Looking for suggestions on how to backup NAS devices or SAN with 20+ TB of data that can help to protect from Ransomeware. I have been just using replication to backup to other storage solutions. However if I get hit with Crypto then it will encrypt the other storage as well. This is a photography studio and they add tons of images weekly. So I'm looking for backups solutions and ideas. 

StorageStorage Software

Avatar of undefined
Last Comment
Philip Elder
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of nobus
Flag of Belgium image

i would use a separate pc with no internet connection for backup - then you are sure
Avatar of Kimputer

Any server that uses agents or pull requests, can do full and incr/diff backups on intervals, are also safe from Cryptoware.
You may backup encrypted files in the last few runs, but the full and incr/diff from BEFORE the attack, are still there to be restored easily.
Use this BESIDES your replication solution for the fastest way to restore. That's because the replication probably won't be all attacked at once, only single departments. So restoring only those departments will be the fastest way.
Avatar of rindi
Flag of Switzerland image

If tape is not an option for you, make sure you backup to detachable Storage (USB disks, or external SATA disks for example). After the backup is complete, remove those disks. For the next backup use other disks. Make sure you have enough of them to make several sets of backups before you use them again for a new backup.
Avatar of Philip Elder
Philip Elder
Flag of Canada image


Set up for the required amount of backup space on a dedicated NAS plus growth.

Set up a Scale-Out Backup Repository (SOBR) in Veeam that includes the above as well as a BackBlaze B2 bucket pair:
 Bucket 1: Immutable for 30 to 90 days (you choose based on requirements)
 Bucket 2: Not Immutable

Configure your backups for local storage.
Configure your cloud tier copies based on what needs to be protected from ransomware encryption.

B2 is the best cost and the best business model for cloud backup storage IMNSHO.
Avatar of aando


Very helpful information that will help me build my solution. Headed to Cybernetics to check out their Tape Solutions. Thanks Everyone. 
Avatar of sword12

use backup repository which support snapshot
snapshot hackers can't encrypte
Avatar of Philip Elder
Philip Elder
Flag of Canada image

@sword12 Perps are known to delete Previous Versions (Volume Shadow Copy) snapshots along with any backup files/server(s) they find. Usually, they work their way from oldest to newest during the delete process.

Once they have everything "cleaned up" they then fire off the encryption malware.

Things are pretty sophisticated on that end now.

Some are even going so far as to copy data off and use that as hostage instead of encryption.
Avatar of sword12

last month we got a attack and they encrypte everything also our storage
but because i did configured snapshot shot on our backup storage
i manged to recover 98% of our systems and data

shadow copy Microsoft is not a good idea here
Avatar of Philip Elder
Philip Elder
Flag of Canada image

One can enable the recycle bin on a NAS device. The catch is the amount of free space on NAS storage needs to be enough to allow for the originals to stand there.

You got lucky. Perps are getting very skilled at gaining access to storage to delete snapshots.

The other aspect is they make changes based on file access dates killing the older stuff first that no one would notice. Then, the snapshot copies to another NAS/SAN are toast over time.

There's no foolproof way out of this short of immutable. We do so with a Veeam Scale-Out Backup Repository setup as mentioned above.

Computer data storage, often called storage or memory, is a technology consisting of computer components and recording media used to retain digital data. In addition to local storage devices like CD and DVD readers, hard drives and flash drives, solid state drives can hold enormous amounts of data in a very small device. Cloud services and other new forms of remote storage also add to the capacity of devices and their ability to access more data without building additional data storage into a device.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo