What’s the point of primary and secondary backups if they can be accessed with the same credentials on the same network
They weren’t normally on the same network, but were accidentally put on the same network during migration.
What’s the correct way to implement it so that it can still be automated? Credentials that can write new backups but not delete existing ones?
I don’t know if it is the „correct“ way but I do it the other way around. I have a server and a backup server. Server user can‘t even see backup server but packs a backup, backup server pulls the data with read only access, main server deletes backup, done.
I feel really bad for everyone involved - customers and staff. The human cost in this is huge.
Yes, there’s a lot of criticism of backup strategies here, but I bet most of us who deal with this professionally have knowledge of systems that would also be vulnerable to malicious attack, and that’s only the shortcomings we know about. Audits and pentesting are great, but not infallable and one tiny mistake can expose everything. If we were all as good as we think we are, ransomware wouldn’t be a thing.
I wonder why they can’t/won’t pay.
Time and time again, data hosting providers are proving that local backups not connected to the internet are way better than storing in the cloud.
The 3-2-1 backup strategy: “Three copies are made of the data to be protected, the copies are stored on two different types of storage media and one copy of the data is sent off site.”
This is the way.
How would that work in practice? 1 medium offsite, and 2 mediums on-premises?
