ASK NC
Anti-ransomware Backup strategy? - Printable Version

+- ASK NC (https://ask.nascompares.com)
+-- Forum: Q&A (https://ask.nascompares.com/forumdisplay.php?fid=1)
+--- Forum: Backup Solutions (https://ask.nascompares.com/forumdisplay.php?fid=16)
+--- Thread: Anti-ransomware Backup strategy? (/showthread.php?tid=8698)



Anti-ransomware Backup strategy? - BBoy - 02-25-2023

Ok, so I will have my 920+ up and running soon (4x4Tb). I was thinking to attach an external USB drive of 12TB to the NAS permanently and then setup a permanent back-up so that either instantly or weekly all changes on the NAS will be reflected in the back-up.

But if my NAS gets infected with  ransomware and the USB is permanently attached to the NAS, then I guess there is a risk that the back-ups will get infected too.
- what is the best solution to prevent the USB drive attached to NAS getting infected with ransomware?
- I guess that instant back-ups increase the risk of infection? IS it better to detach the USB and work with incremental backups and attach the USB drive only and manually during the back-ups?
- Does Synology have any software to detect ransomware, I mean not the ransomware itself, but rather the effect it will have on stored files, e.g. massive changes of extensions, heavy disk activity due to ransomware encrypting the source files etc.

any advise is appreciated,
Bboy


RE: Anti-ransomware Backup strategy? - ed - 03-03-2023

The answer could be remote snapshot replication. Similar to time machine backups, you will be able to roll back your previous versions.
https://kb.synology.com/en-id/DSM/tutorial/How_to_replicate_snapshots_to_remote_Synology_NAS

You could also play with read only folders which would not allow changes to be made https://kb.synology.com/en-id/DSM/help/DSM/AdminCenter/file_share_privilege?version=7

Also, Synology will soon roll out WORM technology that does not allow deleting data even by ransomware.

I hope this helps.


RE: Anti-ransomware Backup strategy? - kjones120320 - 07-23-2024

Ransomware can lock up your files and demand a ransom to release them. Here's a straightforward backup strategy to protect your data:

1. Regular Backups
Frequency: Backup your data daily or weekly.
Automation: Use backup software to automate the process.
2. The 3-2-1 Rule
3 Copies: Keep three copies of your data.
2 Different Media: Store backups on two different media (e.g., external hard drive and cloud).
1 Offsite Copy: Keep one copy offsite.
3. Cloud Backups
Encryption: Ensure your cloud service encrypts data.
Versioning: Choose services with file versioning to restore previous versions.
4. Immutable Backups
Use backup solutions with immutable backups that cannot be altered or deleted.
5. Regular Testing
Test Restores: Periodically restore files to ensure backups work.
Update Plans: Adjust your strategy based on test results.
6. Stay Informed
Training: Educate yourself or employees on recognizing phishing and safe practices.
Updates: Keep software and systems updated to fix security vulnerabilities.
By following these steps, you can effectively protect your data from ransomware attacks.