Keep backup server off domain

[howartp]

Hi

I was reading in Gostev's mailing this morning that "it is critically important to have your backup server outside of your production domain - otherwise you will lose it the moment your production environment is compromised".

How do you represent this in real terms?

Our backup server is on our network like any other, and joined to the domain. We do have a custom local administrator on the account that is not common name or GUID that we can use when the domain itself is off (ie disaster recovery at that point!).

Does just dis-joining it from the domain meet the proposed requirement or should I be doing more?

Peter

[Mildur]

Dis-Joining the domain is a good start. Never put the backup server in the same domain as your productive servers.
If you have a second air gapped backup copy of your data, then it's not that dangerous. But if the backup server has access to each restore point, then you backup has no value in case of a ransomware attack.

You can find much about security hardening on this link:
https://bp.veeam.com/vbr/VBP/Security/

[howartp]

We have D2D2T and we set the write-protect tab on the tapes each week.

They're gonna have to write something to interrogate and wipe the tape library - not impossible but beyond most ransoms.