Re: [EXTERNAL]Re: [SECURITY] Offline Backups for Ransomware Protection

["McCain, Alan" <mccaina () CEDARVILLE EDU>]

We're looking at using iland, a Cloud Connect service provider, in
combination with Veeam for air-gapped cloud storage, but they only keep the
data for 7 days after it's deleted from Veeam.  That seems like a pretty
short period of time to get your data back from a ransomware attack.
Anyone have any experience using iland?

And has anyone done a cost comparison between using a Cloud Connect service
provider vs. rolling your own using Cloud Connect with AWS or Azure?  I
like the simplicity of using a service provider but I haven't done a cost
analysis yet using AWS or Azure and what the pros and cons might be.
-----
Alan McCain

*Director of Networking and Infrastructure*
Information Technology
*Cedarville University*
o: 937-766-7905
cedarville.edu
<https://twitter.com/cedarville>
<https://www.youtube.com/user/cedarvilleu>
<https://www.facebook.com/cedarville>
<https://www.instagram.com/cedarville/>



On Thu, Aug 26, 2021 at 12:36 PM Holley, Brian <bholley4 () samford edu> wrote:

> If you are running VEEAM, you can also tier backups to AWS and make the
> AWS storage immutable with a defined retention plan.  This gets it offsite
> and read-only in one swell foop!
>
>
>
> *Brian Holley, MBA, CISSP*
>
> *Senior Security Analyst*
>
> *Technology Services*
>
>
>
> 205-726-4903 <+1205-726-4903> | office
>
> bholley4 () samford edu
>
> www.samford.edu
>
> 800 Lakeshore Drive
> Birmingham, AL 35229
>
>
>
> *From:* The EDUCAUSE Security Community Group Listserv <
> SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Powell, Andy
> *Sent:* Thursday, August 26, 2021 9:57 AM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* [EXTERNAL]Re: [SECURITY] Offline Backups for Ransomware
> Protection
>
>
>
> Hi Jeremy,
>
>
>
>   I had set my sights on "old-school" offline backups as well, until I
> learned about immutable backups. We're currently working with Backblaze and
> Wasabi in this regard, but there are other vendors out there.
>
>
>
>   I'd strongly suggest this approach, as offline is just too much (both in
> dollar cost and in management overhead) to swallow.
>
>
> Andrew F. Powell Jr., CISSP, CCSP
>
> Information Security Director
>
> Williams College
>
> 22 Lab Campus Drive, Williamstown, MA, 01267
>
> O - (413) 597 - 4340
>
> C - (978) 502 - 0086
>
> (he/him/his)
>
>
>
>
>
> On Thu, Aug 26, 2021 at 10:42 AM Pelegrin, Jeremy J <jpelegrin () tulane edu>
> wrote:
>
> All,
>
>
>
> As we work to improve our ransomware posture, what are others doing for
> offline backups for recovery? Is it a subset of systems/data only? What
> technologies are being used?
>
>
>
> Happy to discuss offline if preferred.
>
>
>
> All the best,
> Jeremy
>
>
>
>
>
> *Jeremy Pelegrin, MBA *(He/him/his)
>
> *Interim CISO *| Information Technology
>
> Tulane University | 504-988-8548 (o) | 504-444-3536 (c)
>
>
>
> *Collaborate | Innovate | Deliver*
> <https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fts.tulane.edu%2F&data=02%7C01%7Cjpelegrin%40tulane.edu%7Cf7ee7c278f344b3b626408d6f3f3fdbf%7C9de9818325d94b139fc34de5489c1f3b%7C0%7C0%7C636964626586789548&sdata=ydqhqGZcX74Xk68VTKF8F8uEgE4CV2CyHao77q5ZzdA%3D&reserved=0>
>
>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
> <https://secure-web.cisco.com/1e6O2yadLcRd6zxzWEQS0hIakkZPX5Lo89yTe1Xq-JqOr2vIqnUbNN1UsyKtmmdbIvbsDtCeK0Yt6zU9-ocRH7CqNPmRYir9my85_9akY4DTMYRVkA6VDxFOqAIegb1nuln_oOHWQpmQ0U2o1XQ7N6H905l4SjF-cwFyPVti5C1xIbFwq2HMFI-1eajXBkOO4dlf2RnDabP5pZJ2u6cWLiHiuTS-XFpQWp7XgfnKOVRoJCm-ZlW9HXGw6T1fBIFDo6JjoIchWvc5G_KzkJqqBWpGhkupaq9L3t34h4gwW2xZ3Uk21zxRKPwaD8vaKvdLkn-BbtGbtXnsXWcTSWAYL_A/https%3A%2F%2Fwww.educause.edu%2Fcommunity>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
> <https://secure-web.cisco.com/1e6O2yadLcRd6zxzWEQS0hIakkZPX5Lo89yTe1Xq-JqOr2vIqnUbNN1UsyKtmmdbIvbsDtCeK0Yt6zU9-ocRH7CqNPmRYir9my85_9akY4DTMYRVkA6VDxFOqAIegb1nuln_oOHWQpmQ0U2o1XQ7N6H905l4SjF-cwFyPVti5C1xIbFwq2HMFI-1eajXBkOO4dlf2RnDabP5pZJ2u6cWLiHiuTS-XFpQWp7XgfnKOVRoJCm-ZlW9HXGw6T1fBIFDo6JjoIchWvc5G_KzkJqqBWpGhkupaq9L3t34h4gwW2xZ3Uk21zxRKPwaD8vaKvdLkn-BbtGbtXnsXWcTSWAYL_A/https%3A%2F%2Fwww.educause.edu%2Fcommunity>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community