- ShadowProtect SPX
- StorageCraft Cloud Services
- StorageCraft Granular Recovery for Exchange
- StorageCraft Recovery Environment
- Cloud Backup
- File Backup and Recovery
- Company Info
- How to Buy
Increase Security on Destination Server
We would like to harden our backup destination.
Source = Windows Servers --> Destination: Windows Server via SMB UNC, Image Manager runs on this server.
There is very limited access to the Destination UNC but access is via AD accounts. Assuming the AD credentials are compromised then the backup Destination is also compromised.
We are considering using an unjoined NAS as a secondary destination for separate and less frequent Full jobs. Access could be via SMB UNC or FTP. We would prefer that Source server have Write but not Read or Modify rights to the destination. We understand this would probably mean that Image Mgr would not be able to manage the chain or replicate. We would want the Source server to correctly report Job Success or Failure.
Do you see any problems, have any recommendations for this type of setup or hardening ?