01-05-2016 01:30 PM
Hi folks...
I post this with the disclaimer that we've only recently obtained DLO for our desktops. I noticed that the default method of installation opens up a few network shares, and I'm guessing--based off of my experiences so far--that clients push the backed-up data to the server hosting the shares. Now, if I recall right, there are variants of cryptolocker/cryptowall that can crawl the network for shares and infect that way.
Is there a good guide out there to help me secure our installation better? And/or, is there a way to configure the DLO server to *pull* the data from each client, so as to *not* have to have extra shares open that could be a source of data corruption?
Thanks!
Solved! Go to Solution.
01-05-2016 10:36 PM
Data is encrypted during the network transfer.
Additionally, the data present in the network shares cannot be accessed by unauthorized users since -
1) Appropriate NTFS security & sharing permissions are set on the shares as follows -
Share Permissions on the root NTFS folder defined as the NUDF
Administrator: Full Control
Everyone: Full Control
Administrator: Full Control
UserID: Full Control
2) User data present in the shares are encrypted with a 256-bit algorithm. Apart from the DLO Administrator no one else can open those files. Additionally, if the DLO profile permits, the user can access only his/her files, but not others.
Would recommend a read of the DLO Administration Guide & network shares are required. Cannot be disabled for DLO.
01-05-2016 10:36 PM
Data is encrypted during the network transfer.
Additionally, the data present in the network shares cannot be accessed by unauthorized users since -
1) Appropriate NTFS security & sharing permissions are set on the shares as follows -
Share Permissions on the root NTFS folder defined as the NUDF
Administrator: Full Control
Everyone: Full Control
Administrator: Full Control
UserID: Full Control
2) User data present in the shares are encrypted with a 256-bit algorithm. Apart from the DLO Administrator no one else can open those files. Additionally, if the DLO profile permits, the user can access only his/her files, but not others.
Would recommend a read of the DLO Administration Guide & network shares are required. Cannot be disabled for DLO.