I know, it's deprecated to use an internal hard disk as a backup target device but I'm a lazy guy. At home I don't have an always-on NAS to use as a backup target and, if I use an offline external USB drive, I will forget to connect it for backups most of times.
So I would like to find a safer way to use a secondary internal hard disk as a target and save to my C: drive as a volume backup.
My first try was to give target folder permissions to a different user, share it and point to it in Veeam configuration as it was an external shared folder. The trick did not work.
My second try was to change the target backup directory permission and now only SYSTEM can write to it. Since SYSTEM is the VEB service user of choice, backup seems running fine and I suppose that malware will not be able to have easy access to it. As a downside, I have to temporary reassign backup target permissions to the logged in user when a file level restore is needed.
Am I missing something? Is this workaround worth it or it's easy for a malware to impersonate SYSTEM?
Thank you for your suggestions.
-
- Novice
- Posts: 6
- Liked: never
- Joined: Jan 12, 2015 4:24 pm
- Full Name: Franco Fassio
- Contact:
-
- Product Manager
- Posts: 14720
- Liked: 1705 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: Backup to internal hard disk in a safer way
Hello Franco,
It’s a smart move. I bet it will stop some malware from encrypting or infecting the backup files, however the best protection so far is to keep the backup files offline on a removable device (or file share with limited permissions as you did for local volume).target backup directory permission and now only SYSTEM can write to it
Who is online
Users browsing this forum: No registered users and 20 guests