Reply to post: Don't have server write to backup shares, have backup device pull data..

Scottish brewery recovers from ransomware attack

Jakester

Don't have server write to backup shares, have backup device pull data..

The approach I use for backups is to have a backup system (Linux running 'backintime') pull data from the servers. The backup systems do not have shares on them, they only attach to shares on the server. I have nightly and hourly backups - some kept locally - and at least 2 backup media kept off-site. Standard portable hard drives (currently using 2 TB) keep nightly backups for 3 weeks, then a couple months of weekly, and finally monthly backups kept. Periodically phasing in a new drive allows years of monthly data readily available. Using this approach, the chance of any backup getting infected is reduced by orders of magnitude.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021