Standalone backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)
Post Reply
ciarpame
Novice
Posts: 6
Liked: never
Joined: Jan 12, 2015 4:24 pm
Full Name: Franco Fassio
Contact:

Backup to internal hard disk in a safer way

Post by ciarpame »

I know, it's deprecated to use an internal hard disk as a backup target device but I'm a lazy guy. At home I don't have an always-on NAS to use as a backup target and, if I use an offline external USB drive, I will forget to connect it for backups most of times.
So I would like to find a safer way to use a secondary internal hard disk as a target and save to my C: drive as a volume backup.

My first try was to give target folder permissions to a different user, share it and point to it in Veeam configuration as it was an external shared folder. The trick did not work.

My second try was to change the target backup directory permission and now only SYSTEM can write to it. Since SYSTEM is the VEB service user of choice, backup seems running fine and I suppose that malware will not be able to have easy access to it. As a downside, I have to temporary reassign backup target permissions to the logged in user when a file level restore is needed.

Am I missing something? Is this workaround worth it or it's easy for a malware to impersonate SYSTEM?

Thank you for your suggestions.
Dima P.
Product Manager
Posts: 14396
Liked: 1568 times
Joined: Feb 04, 2013 2:07 pm
Full Name: Dmitry Popov
Location: Prague
Contact:

Re: Backup to internal hard disk in a safer way

Post by Dima P. » 1 person likes this post

Hello Franco,
target backup directory permission and now only SYSTEM can write to it
It’s a smart move. I bet it will stop some malware from encrypting or infecting the backup files, however the best protection so far is to keep the backup files offline on a removable device (or file share with limited permissions as you did for local volume).
Post Reply

Who is online

Users browsing this forum: Bing [Bot], emil.davis and 34 guests