Ransomware protections

like most companies we are trying our best to NOT get infected by Ransomware, but....  assuming we do get infected.

I understand that RR core service locks the backup files from being encrypted, that's a great start.  but if it's human operated and they get into the core server... game over.  Are there any built in replication type protections that people are using?   what are people doing so they can sleep at night?  my first step was to remove both source and target RR servers from the domain and give them strong local admin passwords.  I see that these servers have Admin share and c$,d$ shares turned on, do I need those turned on for RR to function?    thanks!   Quest could put together a simple document like, "10 things to do to help prevent backup encryption". that's what I need!

Parents
  • There was a document out here for Quest just for this. I'll see if I can find it, there use to be one. 

     

    Either way you're on the right path. Keep the cores off the domain, replicate your RPs, and don't replicate within the domain. Keep a replication off your network if at all possible, so you have an onsite copy, and an offsite copy. You can also setup your archives to keep a copy offline too. 

Reply
  • There was a document out here for Quest just for this. I'll see if I can find it, there use to be one. 

     

    Either way you're on the right path. Keep the cores off the domain, replicate your RPs, and don't replicate within the domain. Keep a replication off your network if at all possible, so you have an onsite copy, and an offsite copy. You can also setup your archives to keep a copy offline too. 

Children
No Data