Skip to main content

How to secure backups from deletion

Thread solved
Beginner
Posts: 1
Comments: 1

Hi,

I'm wondering how to secure backups made with Cyber Protect v15 from deletion. It's really easy to delete the backups by just opening the web console, going to the storage section, selecting the storage and clicking on 'delete'. There's absolutely no password or whatsoever needed for this operation. Good for hackers, bad for me.

Is there any way to secure the backups from deletion? I was hoping it would at least ask for the encryption password but it doesn't.

0 Users found this helpful
Frequent Poster
Posts: 14
Comments: 555

Hello Christian!

What do you mean there is no password? You might be using windows authentication and don't need to explicitly specify, but it's still there. Other than that there is no additional security measure to prevent deletion. You'll just have to safeguard access credentials like any critical systems. Also don't give access to the console for people who don't know what they are doing.

The encryption password is more about securing the contents of the backup, not the backup itself.

-- Peter

Beginner
Posts: 1
Comments: 1

Hi Peter,

yes I know you'll have to logon successfully to open the backup console. I'm concerned about those hackers that encrypt the drives. Usually they have a foothold as an admin on the system, that's nowadays happening more or less automatically.

They can't encrypt the backup location because it is stored on a NAS device which is using separate credentials. But it will be very easy for them to just open the console with their admin account and click on 'delete'. That wouldn't be possible if the system would ask for a separate password to do that. And as there's already an encryption password set, that would be highly suitable for that case. 

Ok, it is like it is. Thanks for the confirmation :-)

Frequent Poster
Posts: 14
Comments: 555

You could create a script that uses acrocmd to replicate backups to another storage secured with another credential. You'll have to specify credentials here, but these won't be reusable from the console for the attacker. So you don't lose all backups at least.