- ShadowProtect SPX
- StorageCraft Cloud Services
- StorageCraft Granular Recovery for Exchange
- StorageCraft Recovery Environment
- Cloud Backup
- File Backup and Recovery
- Company Info
- How to Buy
Ransomware - File and Folder permissions
We've had issue with ransomware. Interesting how it knew to go to our NAS and delete all the folders with the local backups when there was no mapped drive to follow. Seemed to us they know how to analyze Shadowprotects config (and probably many others) and knew exactly where to go. Since there was no mapped drive to that device we mistakingly thought it was safe. Well, live and learn.
I want to harden these folders against access by any account except the one ShadowProtect is using that way if they compromise a user account they have no access. How can I determine what account it is using to manage those files? It's using the Local System Account for the service, can I change that to another account without it freaking out?
Is there a best practices doc that outlines what to do to protect these backups from unauthorized access?
The reseller learned the hard way to manage their uploads to the tune of 5 bitcoin. (And yes I tested a downloaded file for restore, it was all the files after that that were missing...)