Quote:
Originally Posted by Rathji
The offsite (edit: Cloud) backup should have versioning, which prevents the encrypted file from overwriting the good data.
Otherwise, unless the virus is stealing your credentials for your backup and logging into the backup site and actually deleting your old versions, there is no way for the virus to encrypt those versions. They simply don't exist in a form that they can be accessed like a Network share does
|
In that case if you require a set of credentials to access the Synology that are not used anywhere else to login, the ransomware shouldn't be able to get there either. I think that is what we are doing as of a couple weeks ago. Before the person looking after the backups had access to the synology on his workstation with his own login but we have since removed that.
Our workstations have sharing rights to the main file server, so should one of those stations be infected, obviously it would spread over to those mapped network drives as well.
Just wondering how it all works in our situation.