i like to know, if someone has an idea for that. The current crypto-locker viruses also encrypts files on attached devices, i.e. my backup disk (or a NAS-share..)
So, my idea is for a better protection of this disk. Create a backup job which runs with a special user for backup (i.e. "VBACK" with Full Admin rights). Set on the backup drive a "deny write" permission for every user except my backup account. The sheduled task runs with under the permissions of my backup user, writes the backups etc.
If a crypto-virus tries to access the attached backup-disk, (with my credentials, or even worse, local admin), the virus cannot corrupt the backup-directory where the veeam backups are placed (IF the crypto-virus does not reset the permissions..)
I know, the best is to detach the disk after the backup, but sometimes it happens, that the disk is still connected
Or, does another solution works better ? I didn't check, if my idea would work... just thinking about.
Thanks for your input