this post was submitted on 02 Nov 2023
23 points (92.6% liked)
Sysadmin
7566 readers
1 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Backups serve different purposes and if encryption by malware is a threat, you have to do backups differently, as opposed to, for example, hardware failure, where your NAS is a valid approach. To protect against encryption malware, you must make your backups inaccessible. One example are read-only backup media like DVD-ROMs. Another example is to make regular backups on tapes or HDDs and lock them up somewhere. You only take them out after you have wiped all computers that were affected by malware.
What about simulated air gaps? So a backup system that turns off its own networking abilities once its done with the current backup and only turns its networking back on when it's ready to start backing up again?