Our Insights

Valuable information we share.

Protect your Backups from Ransomware

Posted by Nino Vales | Jun 22, 2018 10:48:02 AM

Ransomware scans network locations where the infected user has read and write access. Files under documents, desktop, and the shared folders you have access are examples of locations vulnerable to getting encrypted.

Imagine if an administrator account or someone using an account that has full read and write access to the server gets infected. Easily, everything on the server and the network will be affected. It can halt the operations and affect the productivity of not just one person but the entire organization.

Yes, there is a reliable backup solution. So why worry about it? 

Leaving the backup storage with incorrect permissions will put the backups at risk of getting infected and unauthorized access.

The objective is to isolate the backup location from unauthorized access and Ransomware. This can be achieved by enforcing strict permissions to the backup storage and only be limited to the backup administrator account. By implementing a separation of duties approach, we secure the backup location by removing all unnecessary write permissions for all other accounts except the backup administrator account. 

It’s like installing multiple locks with different and unique keys for each.

Some of the commonly used backup storages and security concerns about them:

  • Internal hard drive – As long it is on a separate physical drive and file or sharing permissions are secured. 
  • Network Attached Storage – Supports secure folder access. Network based storage, recommended for home or small office use. Lock down file sharing permissions as well.
  • Portable USB hard drives  Prone to getting infected. Best practice is to disconnect every successful backup. Some backup software supports automatically disconnecting the drive each the time a backup job is completed.
  • Cloud storage repository  Requires a paid subscription but isolates your backups from unauthorized access. Benefits includes availability during disasters like theft or calamities. This however relies on the speed of your internet connection. OneDrive, DropBox, etc. are different from backup Cloud repositories.
  • Tape drives  The tape drive itself is pricey. It is considered to be "safe" since the tape media is offline.
  • Optical drives, CD/DVD – Read-only. It is tedious, especially for backing up large amounts of data.

If you are unsure of the status of your backup routine or interested to know more about best practices on protecting your data against cyber attacks, let us know and we'll be happy to assist!

Topics: Ransomware, Backup

Written by Nino Vales

Nino regularly writes about tips and articles about Cyber Security. He currently holds CCNA certifications in Routing and Switching, and CyberOps. During his free time, he loves to go fishing and play basketball. He is a huge NBA fan and loves to collect limited edition basketball sneakers and jerseys.


Clear Concepts is a team of passionate professionals, proud of what we do — we want to make a positive impact on your operation.

Let us hear your technology challenges and opportunities so we can help you get the most out of your technology investment, on-premise and in the cloud. Contact us today.