With all the ransomware going on in the world, how can we protect our backups even more? I have two NAS systems in two different physical locations. They both utilize hyper backup and send a complete backup to the opposing NAS. For each hyper backup task, you need to specify the target and a user name and password. I use a separate user name and password for my hyper backup task, although this user name and password is the same at both locations. This HB user's permissions is deny all folders and applications, with the exception of the shared folder of where the backups are going to and access to hyper backup vault.
I'm not sure how hyper backup is coded, but I would assume this user needs read/write permission to the destination shared folder. If that is the case, and this HB user is ever compromised, doesn't it have the authority to delete the backups too? If the HB was ever compromised, since it has read/write permission, couldn't a ransomware attack also take down the backup?
How are you set up?
I'm not sure how hyper backup is coded, but I would assume this user needs read/write permission to the destination shared folder. If that is the case, and this HB user is ever compromised, doesn't it have the authority to delete the backups too? If the HB was ever compromised, since it has read/write permission, couldn't a ransomware attack also take down the backup?
How are you set up?