Backup Security using a NAS

Posted by: Huge on 05 December 2015

I've been investigating how to improve my backup security to defeat 'ransom-ware' viruses; and I have an answer that works...

It relies on using a volume in a NAS that deliberately isn't accessible from any computer on the network (either not visible, or because of security settings).  It is however accessible to the NAS OS itself.

Arrange a backup from the required computers to write to a normal volume on the NAS.  Then use the NAS's own backup routine to backup the computer backup area to the NAS backup area (this can access volumes that aren't accessible to the computers on the network).

Should a ransom-ware virus attack the system it will encrypt all the data files that are accessible to the computer.  However the backup files in the inaccessible area of the NAS will be unaffected.  After the computer(s) have been cleaned (e.g. format the disks and reinstall the OS), the hidden NAS backup can be restored to the accessible area of the NAS; and from there restored to the (now cleaned) computer(s).

Posted on: 05 December 2015 by Huge

I forgot to add:  One of the backups (preferably the NAS one) needs to be an incremental backup to deal with the time delay inherent in the operation of the ransom-ware virus.