- Oct 17, 1999
- 8,883
- 107
- 106
Just wanted to tell a story that is still unfolding about an office whose accounting data was set to only back up using windows backup and my coworker who set it up a while ago did not realize that windows backup does not purge old backups so it just fills the backup target up until it can't back up without logging errata so windows backup still shows that it backs up. One has to use a registry change and a scheduled task to prune old backups with windows backup. So the result is that this particular computer acting as the 'server' was hit by Zepto/locky/Thor and the ransom was paid and the decrypter tool fails to restore the accounting data and the latest backup is from June.
No matter your backup solution, heed this story and periodically restore a file from backup to verify functionality because this seems worse than not having backups at all. Especially because my coworker whom thought everything was fine and restored initially what he thought was the previous days backup which complicated decryption or file recovery (writing to the original drive).
Bonus Tip!
Rename the vssadmin.exe to thwart routine deletion of shadow copies. Shadow copies are no replacement of backups but could be the quickest and easiest way to restore files.
No matter your backup solution, heed this story and periodically restore a file from backup to verify functionality because this seems worse than not having backups at all. Especially because my coworker whom thought everything was fine and restored initially what he thought was the previous days backup which complicated decryption or file recovery (writing to the original drive).
Bonus Tip!
Rename the vssadmin.exe to thwart routine deletion of shadow copies. Shadow copies are no replacement of backups but could be the quickest and easiest way to restore files.
Last edited:
Facebook
Twitter