• m-p{3}A
    link
    fedilink
    English
    arrow-up
    64
    arrow-down
    6
    ·
    9 months ago

    If your backup can be reached by a ransomware, it’s not a backup.

      • Nomecks
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        A ton are going to object storage now so they get protocol level immutability.

      • IHawkMike@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        9 months ago

        Why name drop Veeam as if they’re part of the problem?

        They at least have good options to protect backups from ransomware with Linux hardened repos and immutable object storage.

        • Orbituary@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          9 months ago

          Because Veeam can be good, but it’s only as good as the user pays for. I do ransomware recovery and incident response management for a living. More often than not, Veeam is implemented poorly and does not do what the customer thinks they paid for.

          • IHawkMike@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            3
            ·
            9 months ago

            I still fail to see how that’s the product’s fault.

            Is there some ransomware-proof backup solution that you find most people do set up correctly?

            • Orbituary@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              1
              ·
              9 months ago

              It’s not specifically fault of the product. However, in my experience in this field, the only time client backups are encrypted is due to a false sense of security due to negligence and ignorance.

              Veeam should not be configured by an inexperienced or underfunded tech staff.