Security Basics mailing list archives
RE: Secure Backups
From: "Lee Clemens" <security () leeclemens net>
Date: Fri, 30 Jun 2006 16:54:38 -0400
I've been seeing similar issues where I work. Unfortunately the administrator responsible for it has not being doing things quite the 'proper' way. I would use the rule of least privilege. If you make it a domain user, just add it to a Backup group or something and give that group the appropriate rights in the GPO to allow it to execute properly. Plus it will need some NTFS permission on the appropriate directories/files. I think it will need at least Write permission if it is going to be setting the Archive attribute (differential backups). It will depend on what you're using to do the backups, so some trial and error may be required. Or checkout the release notes or something that may tell you what permissions the backup account will require with your particular software. Regards, Lee Clemens -----Original Message----- From: rolando_ruiz () jetaviation com [mailto:rolando_ruiz () jetaviation com] Sent: Thursday, June 29, 2006 4:34 PM To: security-basics () securityfocus com Subject: Secure Backups Hello security world, I'd like to establish a secure and reliable backup procedure. Currently, the person whom had this responsibility has not been using standard procedures throughout our network. Things I'm looking for include account type to use (local or domain - admin or not), and what rights should this account have in each server? I'm assuming that the account should hold enough admin rights on each box to be able to run the job but I'm unsure if it should hold complete administrator rights. Your comments and suggestions are greatly appreciated. With best regards, Rolando Ruiz --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Secure Backups Dan Bogda (Jul 04)
- RE: Secure Backups rolando_ruiz (Jul 04)
- <Possible follow-ups>
- RE: Secure Backups Dan Bogda (Jul 04)
- RE: Secure Backups Lee Clemens (Jul 04)