How do we guarantee ransomware does not encrypt our backups too?
A standard SMB share as backup target is lost on encryption. Object lock or pull-based backup is safe.
Try this first
- 1Move backup target to S3 with Object Lock or Wasabi immutable
- 2Or use pull-based: backup server fetches, source has no write rights
- 3Decouple admin credentials from the domain account
- 4Test by trying to delete a test file on the backup target from production
When to bring us in
At any sign that the backup share is reachable via domain credentials
See also
- We have backups but we do not know if they workA backup that cannot be restored is not a backup. Testing matters as much as taking the backup.
- Suspected ransomware: what to do RIGHT NOWThe first 30 minutes are critical. One wrong move spreads the damage. Read before acting.
- Someone accidentally deleted an important folderUsually fine to recover. The trick: do not save anything new on that drive until you know how.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.