industry unlocked to follow . The username context that is used to access backup storage should be closely guarded and exclusive for that purpose .
Additionally , other security contexts shouldn ’ t be able to access the backup storage other than the account ( s ) needed for the actual backup operations . Do not use DOMAIN / Administrator for everything .
2 . Start using the 3 – 2 – 1 Rule : Veeam promotes the 3 – 2 – 1 Rule often and for good reason . It essentially states to have three different copies of your media on two different media sites , one of which is off site . This will help address any failure scenario without requiring specific technology . Moreover , to effectively prepare in the advent of a ransomware attack , you should ensure that one of the copies is air-gapped , i . e . on offline media . The offline storage options
Despite the increasing number of attacks on financial institutions , public announcements of ransomware infections are rarely made due to the grave brand integrity and consumer confidence consequences . listed highlight many options where you can implement an offline or semioffline copy of the data .
3 . Have offline storage as part of the Availability strategy : One of the best defences against propagation of ransomware encryption to the backup storage is to maintain offline storage . There are numerous offline ( and semi-offline ) storage options . These include :
• Tape : Completely offline when not being written or read from
• Storage snapshots of primary storage : A semi-offline technique for primary storage , but if the storage device holding backup supports this capability , it is worth leveraging to prevent ransomware attacks . It is important to consider that this strategy is not entirely failsafe and must be taken as only one of the key steps needed in ensuring ransomware preparedness www . intelligentciso . com | Issue 01
45