• Alessandro Marzini
    0
    Hi to everyone,
    this is my first post in this forum, I'm a happy user of msp360 for my customers and I've this think in my mind: "what happen in the worst data loss scenario where a hacker gets control of my customer's computer and, other than crypting/deleting everything, he also open CloudBerry Backup and try to delete all backups from Backup Storage tab?" What type of protection I can give to my customer in this scenario? Is there something I can do at CloudBerry Backup side or do I have to do something at BackBlaze level (I use B2B for storage)?
    I understand the retention policies but can these be changed in a distruptive way by the hacker?
    Thank you for your kind reply.

    Regards,
    Alessandro Marzini
  • David Gugick
    86
    You should disable the agent from Global Agent Options and protect the agent and CLI with a master password from Remote Deploy.
  • Steve Putnam
    11
    We don't disable the agent console on the client devices as there times that we need to utilize it.
    Here is what we do:
    1. Protect the agent/CLI with a password (as David suggested)
    2. Disable the ability to delete backups from storage from the console (it is now disabled by default in the latest version). This necessitates using Cloudberry Explorer or the BackBlaze web portal to delete unwanted backups, but it is significantly better from a security standpoint.
    3. Disable the ability to change backup/restore plans (which protects retention policies) using the console. There are rare times when we need to edit plans on the device console itself, so we change the company agent settings to allow it and push/install an updated agent on the machine. 99% of the time we edit the plans from the web portal.
    Prior to these features being implemented in MSP360, we had that worst case actually happen. What saved us is they forgot to delete one of our three backups.
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment

Welcome to MSP360 (CloudBerry) Forum!

Thank you for visiting! Please take a moment to register so that you can participate in the discussions!