As a small SME I would make backups and keep them offline. On a series of USB disks that you exchange, for example. Make sure that when they come on your network, you can never reach those disks.
Provide virtualization and backup on that layer, then you have the simple and fastest restore.
Keep everything in terms of software, licenses and documentation of your environment on the same USB disks.
I have no idea how small you are, but it quickly comes in handy to think in advance about who will help you with recovery and also to save that data well, such as on your phone and those USB disks.
Think of a ransomware recovery party and the rental of compute and storage from your internet providers, etc.
Create a runbook containing your steps and test it at least once a year and after changes to your backup software.
Turn on mfa on your backup server and if possible the software. Disable rdp or ssh on this system. Do not hang the system in the domain and give it external ntp servers if your backup software based on ntp will expire.
[Reactie gewijzigd door R3m3d7 op 9 augustus 2022 20:06]