The Lemon Fool

I am setting up my backup plans using Macrium Reflect and noticed that their product comparison does not show the free version has providing protection against ransomware (see https://www.macrium.com/product-comparison). Reading their link about ransomware it says that ransomware attacks are becoming more sophisticated and disrupting backups, which their paid versions protect from. Is that marketing hype?

Given that I am setting up from scratch again, I would like to take reasonable precautions against data loss and ransomware. Would having a weekly full backup, with daily differentials not give fairly good protection against ransomware, perhaps keeping the full backups for 4 weeks or more? In addition, I could use MS OneDrive synchronisation as further protection.

Thanks
C

I dont anything about the alleged protection mentioned but I woud say this...

... backup, back, backup./.. and whatever you backup to, ensure that wherever possible apnly attach the backup device/solution when appropriate ie disconnect it after the backup is complete and only connect it when its time to backup again eg usb drive, network/cloud drive. That way the backup canmnot get infected by any actual ransomware attack. It deosnt prevent the OS etc and hard drive files from being attacked of course but does ensure you have a clean copy somewhere

didds

Windows 10 can protect your files from ransomware and other malicious programs, and this guide outlines the different ways to enable the security feature.

Cont.
https://www.windowscentral.com/how-enab ... ors-update

I've got paid for MR and have Image Guardian enabled as well as the W10 option.
Likewise paid for MR will give you the option of folders and files backup on a schedule independent of any full/incremental/differential backups, but again you can do that via W10 File History (it's not on by default).

Cryptoprevent is the one thing I make sure I do:
https://www.d7xtech.com/cryptoprevent-anti-malware/

Just the basic option that sets the permissions on execution for your download folders; seems worth it

-sd

didds wrote:I dont anything about the alleged protection mentioned but I woud say this...

... backup, back, backup./.. and whatever you backup to, ensure that wherever possible apnly attach the backup device/solution when appropriate ie disconnect it after the backup is complete and only connect it when its time to backup again eg usb drive, network/cloud drive. That way the backup canmnot get infected by any actual ransomware attack. It deosnt prevent the OS etc and hard drive files from being attacked of course but does ensure you have a clean copy somewhere

didds

+1

I do a weekly backup onto an encrypted USB hard drive that lives in my desk drawer.
Anything I am working on goes on OneDrive and added to the weekly USB backup.

A friend of mine who works in IT does similar but goes one further. He keeps extra encrypted hard disks in his car in case the house burns down. A bit much I think.

absolutezero wrote:A friend of mine who works in IT does similar but goes one further. He keeps extra encrypted hard disks in his car in case the house burns down. A bit much I think.

its the ultimate belt and braces approach - and may reflect the data involved rather than just "ordinary files" . Of course he could just be uber paranoid

didds

I think the only 100% safe way to protect is to have a series of historical backups that are physically disconnected from your PC. Imagine a stealthy ransomware that encrypts your data bit by bit over a period of days or even weeks so that by the time you notice, your backup contain malware-encrypted files. If that happens, your only recourse is an older backup. A clever ransomware might also spot Macrium (or other backup) files on a connected USB drive and try to corrupt or encrypt them in order to make them useless - preventing this is the feature in paid-for Macrium of course.

The fully paid up Macrium is only £50 so if you value the protection, just pay up is my advice. It's not a lot. It works to the extent that if I try to manually delete an old backup image file, I cannot do so unless I disable the protection feature.

Another defence is to use multiple backup programs. Macrium is great, but on one occasion I accidentally de-selected an important partition without noticing, so my backups were incomplete. I have had Acronis backup images be unreadable for no obvious reason.

I''ve recently come across and started using Duplicati, which is totally free. It does file-based backups, not whole disk images, but it can backup to local drives, as well as cloud destinations such as Onedrive, Google drive etc. I'm quite a fan of it, but I won't stop using Macrium Reflect as well, because I'm sure Duplicati is capable of failing too. It says it's still a beta product, but the current version seems stable and reliable.

Clariman wrote:I am setting up my backup plans using Macrium Reflect and noticed that their product comparison does not show the free version has providing protection against ransomware (see https://www.macrium.com/product-comparison). Reading their link about ransomware it says that ransomware attacks are becoming more sophisticated and disrupting backups, which their paid versions protect from. Is that marketing hype?

I have both the paid and free versions. Yes, Image Guardian which protects against ransomware is a paid-for Premium feature - but it just protects your Macrium images from being modified or deleted by anything other than Macrium itself.

What it does not do is protect the rest of your system from being affected by ransomware. Your Macrium images are there to do that. As long as you keep your images on an external drive that is physically disconnected when not making images then the Free version is 'safe' from ransomware.

Windows 10 has its own built in ransomware protection for your user folders and documents called 'Controlled folder access'. To turn it on open Windows Security > Virus & threat protection > Manage ransomware protection.

A bit of a catch-22 here, with 2 conflicting demands. To have a fully automated backup solution, I need to backup to a device that is visible to my laptop when I am not there. However, to remove the risk of ransomware infecting my backups, my backup device should be offline except during backups!

Anyway, I have a specific question to see if my plan addresses this. I have set Macrium up to do a daily backup to a USB-attached hard drive, so this backup will happen automatically. Could I then manually copy the backup-set to a second USB-attached drive which I immediately disconnect after doing so? Would Macrium recognise it if I wanted to restore from the (normally) disconnected drive?

Thanks
C

Clariman wrote:Could I then manually copy the backup-set to a second USB-attached drive which I immediately disconnect after doing so? Would Macrium recognise it if I wanted to restore from the (normally) disconnected drive?

Yes, macrium doesn't care about which drive or folder the image you ask it to restore is located. It just checks that the image file is a valid image or backup set.

Macrium Reflect goes on steep discount (50%) once a year or so (Black Friday period last year) and lesser discounts (20%) several times throughout....viewtopic.php?f=39&t=20184&hilit=macrium+reflect
So start off with free, get used to it, and then if you really need the extra paid for features wait for the annual big discount.

I might not have the most robust backup regime but I do have three removable hard drives that I use in rotation. (I can also get at least three backups on each.) If one gets encrypted by ransomware or destroys itself, I still have the previous two backups.

Julian F. G. W.

What do people think about using OneDrive, Dropbox, etc. as permanent backup? Would it/does it slow the PC down to much if everything is backed up to the cloud? At present I use Macrium Reflect and back up once a month to an external drive which I keep in the garden shed. I use Dropbox to share files with other PCs and OneDrive to back up important files in the Personal Vault, but just when they change.
As mentioned, if the backup device is permanently connected to the PC then one is at risk of fire, thieves or a ransomware attack on the PC or device.

Midsmartin wrote:I think the only 100% safe way to protect is to have a series of historical backups that are physically disconnected from your PC.

Even so I think the 80/20 rule applies here. Or it might even be 95/5 in this case.

To get 100% protection involves a lot of faffing about remembering to plug drives in and out, but 95% protection can be had for 5% of the effort, just use proprietary backup software.

An easy 95% protection is a whole bunch better than the no protection many computer users are likely to revert to when they realise the amount faffing about needed for 100%, and give up trying.

Nocton wrote:What do people think about using OneDrive, Dropbox, etc. as permanent backup? Would it/does it slow the PC down to much if everything is backed up to the cloud? At present I use Macrium Reflect and back up once a month to an external drive which I keep in the garden shed. I use Dropbox to share files with other PCs and OneDrive to back up important files in the Personal Vault, but just when they change.
As mentioned, if the backup device is permanently connected to the PC then one is at risk of fire, thieves or a ransomware attack on the PC or device.

I susbscribe to Dropbox and have, for the last couple of years, put all my stuff in dropbox. I haven't noticed any delays or problems. Once every 6 months I do a Macrium clone of my C drive. So in the event of catastrophe/ransomware, I can always go back to the disk clone and dropbox to recover completely. I do also have a NAS and use Acronis to back up to that but it is really redundant.

re Dropbox, there is a delay when initially setting it up as all one's stuff is uploaded to the net, but after that it is not a problem. The only slight problem I have with Dropbox is that one or two really old apps give file conflict messages as they don't like Dropbox accessing the files whilst they are. Easy to get round this by suspending the Dropbox Syncing temporarily whilst I use the old programs.

Nocton wrote:What do people think about using OneDrive, Dropbox, etc. as permanent backup? Would it/does it slow the PC down to much if everything is backed up to the cloud? At present I use Macrium Reflect and back up once a month to an external drive which I keep in the garden shed. I use Dropbox to share files with other PCs and OneDrive to back up important files in the Personal Vault, but just when they change.
As mentioned, if the backup device is permanently connected to the PC then one is at risk of fire, thieves or a ransomware attack on the PC or device.

Surely a major problem with DropBox et al is that ransomware will encrypt your files in DropBox as easily as anywhere else.

Do DropBox make any claims to protect from this?

Mike4 wrote:

Nocton wrote:What do people think about using OneDrive, Dropbox, etc. as permanent backup? Would it/does it slow the PC down to much if everything is backed up to the cloud? At present I use Macrium Reflect and back up once a month to an external drive which I keep in the garden shed. I use Dropbox to share files with other PCs and OneDrive to back up important files in the Personal Vault, but just when they change.
As mentioned, if the backup device is permanently connected to the PC then one is at risk of fire, thieves or a ransomware attack on the PC or device.

Surely a major problem with DropBox et al is that ransomware will encrypt your files in DropBox as easily as anywhere else.

Do DropBox make any claims to protect from this?

The point is that you can go back to any version of your files at least 30 days, so you can recover from the ransomware attack as long as you realise you have been attacked within 30 days

scrumpyjack wrote:

Mike4 wrote:

Nocton wrote:What do people think about using OneDrive, Dropbox, etc. as permanent backup? Would it/does it slow the PC down to much if everything is backed up to the cloud? At present I use Macrium Reflect and back up once a month to an external drive which I keep in the garden shed. I use Dropbox to share files with other PCs and OneDrive to back up important files in the Personal Vault, but just when they change.
As mentioned, if the backup device is permanently connected to the PC then one is at risk of fire, thieves or a ransomware attack on the PC or device.

Surely a major problem with DropBox et al is that ransomware will encrypt your files in DropBox as easily as anywhere else.

Do DropBox make any claims to protect from this?

The point is that you can go back to any version of your files at least 30 days, so you can recover from the ransomware attack as long as you realise you have been attacked within 30 days

With DropBox specifically? That seems an excellent solution then!

I use 'Dropbox Plus' which gives 2,000 gb of storage and keeps all versions of files for 30 days. The version history does not count to your storage limit.
It has a 'Rewind' facility specifically to recover from ransomware attacks.

There are other Dropbox plans that store for 180 days.

With the free cloud accounts just be careful about shifting goal posts on the features front as they try and edge you into the 'advantages' of paying...
I have a few free Dropbox accounts which I use for a small number of shared documents and they changed the maximum number of registered client devices from five to three. Not a catastrophe but I was already at five so a bit of a pain.