Bacula Systems User’s Guide

Business Continuity: Disaster Recovery and

Guarding Against Ransomware
Using Bacula Enterprise
This whitepaper explores the opportunity presented by Bacula Enterprise to safe-
guard companies against ransomware, including Disaster Recovery options and con-
siderations.

Version 1.2, December 5, 2022

Copyright ©2008-2022, Bacula Systems S.A.
All rights reserved.
Increased Ransomware Attacks
Despite numerous Cyber security incidents making international news on a regular
basis over the last few years, it was specifically the WannaCry ransomware attack
in May 2017 that brought renewed and urgent focus on what organizations need to
do to protect their businesses and services from ransomware. This attack seriously
impacted thousands of organisations worldwide, having hit more than 150 countries
and over 200,000 computers.
The frequency of ransomware attacks is set to increase dramatically in 2020 and
beyond, with increasing sophistication. For example, some malware already exist
that are more sophisticated than WannaCry and which actually looks for weak
backup systems and encrypts the backed up data itself.
Data backup and recovery are proven to be an effective and critical protection
element against the threat of ransomware. For an enterprise to become sufficiently
protected, advance preparation and thought is required. Data protection technology,
backup best practices and staff training are critical for mitigating the business-
threatening disruption that ransomware attacks can inflict on organizations.
One of the best protections against such attacks is to have a data backup solution
of correct architecture and best-practice backup strategies, and to ensure any cloud
backups are adequately protected and available. That means having up-to-date
copies of that data available elsewhere. Bacula Enterprise provides industry-
unique architectures and tools to implement these requirements and as such, is
used by some of the world’s largest security organizations as their primary backup
solution – and as a vital part of their business continuity system for a complex,
multidivisional business. For any medium to large company, having an enterprise-
grade backup solution such as Bacula is essential, because correct data backup,
storage and compliance practice can be the main difference between a company’s
survival and failure.

Business Continuity: Understand Safeguarding of Data

For any professional directly involved in Business Continuity, it will be useful to be
aware of the IT technical factors below ("Ransomware: Defense Fundamentals"),
even if a deep technical understanding is not possible. It my also be useful to discuss
these points with your organization’s Infrastructure IT manager.

Disaster Recovery for Business Continuity

Disaster Recovery is a broad and deep topic. This paper outlines Disaster Re-
covery (DR) fundamentals and an introduction to DR. But it also offers links to
Bacula Systems’ comprehensive Guide and..............
....... ...... Template1 to Disaster Recovery across
an entire organization. This comprehensive document is strongly recommended to
organizations that are reviewing their DR strategy.
Protection from Ransomware and other cyber-attacks needs consideration from a
holistic view and global level. It includes a lot of factors that involve company
personal, organization strategies and policies. Moving forward in a changing world,
the following factors need special consideration
1 https://www.baculasystems.com/download-your-disaster-recovery-plan-template
.........................................................................................................

Business Continuity: Disaster Recovery and Guarding Against Ransomware 1 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
Growth planning and contingency
As data grows within organizations, their backup and restore systems need to
backup data inside time-windows, and meet RTO’s and RPO’s. The backup
infrastructure needs to be planned for these growth and performance objec-
tives. This includes the budgetary aspect of the infrastructure, and financial
planning/forecasting for ongoing development of these considerations. Bac-
ula uniquely answers this need by providing a modern, modular architecture
that provides the flexibility to scale up in a way that fits an individual or-
ganization, while utilizing a business model that does not charge by data
volume.

Utilizing public cloud

Public cloud infrastructure as a service (IaaS) may be an additional option or even a
replacement to off-site tape storage. Public and Hybrid cloud is increasingly being
incorporated into disaster recovery strategies where suitable for purpose. Bacula
Enterprise facilitates this industry shift by being easily able back up and recover
data across an especially wide range of tapes and cloud interfaces. It also uses
a unique cloud caching architecture to provide advanced cloud backup interface
management options and much more rapid data recovery of cloud backups.

Best-practice safeguarding of the backup repositories

Organizations must implement backup architectures that follow industry best prac-
tices and provide multiple layers of defense against data loss from any source, includ-
ing intentional attacks against data availability. Bacula’s FIPS-compliant solution
ensures data privacy and security, and its architecture allows for flexible data storage
options including offline data stores to provide recovery-in-depth for the enterprise.
This, coupled with built-in threat detection and advanced support services to help
guide implementation help enterprises ensure that they can recover from any situ-
ation.

Ensure that data is correctly safeguarded, independent of its location or use

As enterprises evolve, new and additional locations are being used to situate data.
This is especially true regarding various Cloud destinations and SaaS providers,
with the added factor of many organizations planning and deploying new Edge
architectures. Data and applications in these increasingly popular locations need
similar protection. Organizations need to develop their backup and recovery strategy
to embrace these changes, and be in prepared for a future IT environment that is
more agile, diverse and changeable. Bacula Enterprise provides a ‘single pane of
glass’ view over an entire IT environment, spanning Edge, off-site, on-site, cloud,
client behind NAT, co-location hosted and other data environments.

Adjusting for new technologies

New technologies, such as deployed container environments, or use of different
hypervisors (Proxmox, for example) requires a backup and recovery strategy that
takes these new environments into account. Bacula Enterprise is the first and only
mainstream vendor that can backup and recover applications and persistent data

Business Continuity: Disaster Recovery and Guarding Against Ransomware 2 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
from Kubernetes Clusters, Docker containers, and natively integrating with many
emerging new hypervisors.

Disaster Recovery should be revisited

Disaster recovery is a key method to provide a last resort but final solution to Cyber-
threats and Ransomware attacks. Organizations need to check that their Disaster
recovery strategy is up to date and thoroughly tested. Bacula Systems provides a
comprehensive Disaster Recovery Guide and template to help organizations check
through all necessary steps.

The Role of the Cloud in Business Continuity

One strategy adopted to help protect against cyber threat is to backup certain data
to public or private cloud. However, certain safety challenges arise again when
backup data is stored in the cloud. If a company’s data is hosted by a cloud
provider, and it becomes the sole source of data that needs to be recovered, then
what guarantees does that hosting service offer you? Is there a liability issue? Is
there an time limit for the provider to inform you if your data has been compromised?
Do the SLAs work for you? Are you subject to or applying penalties as per your
contract? The US has already seen initial class actions against cloud providers who
have been hit by malware. End users are claiming against the inability to access
their data, with a resulting loss of business, combined with a failure to protect their
data.
For these reasons, as well as overall ongoing cost protection to the enterprise, Bacula
Enterprise has unique, industry-leading Cloud backup ................
........ .......... architecture .....
and........
tools built-in,
to provide its users with state of the art control, protection and choice regarding
maximizing the security and minimizing the risk of Cloud-based backup. It provides
granular control over data that needs to be restored from the cloud, significantly
reducing operational exposure to cloud costs and boosting business agility. With
Bacula, backing up data to and from cloud providers and keeping local caches of
important data ensures that data can be recovered in the event of a loss of any site.

Content separation is necessary. Right now.

Content segregation is critical for dealing with the risks presenting themselves to
today’s enterprise. Many organizations are fearful of, or prohibited from, placing
data in certain physical servers or cloud storage due to restrictions on data access or
compliance with government or industry regulations. These are often referred to as
data residency or data sovereignty regulations. For example, in the US, ITAR/EAR
regulated data cannot be stored, backed-up or transferred through a server physically
located outside of the US. Similarly, European data protection laws prohibit personal
data from moving outside of the European Union (EU) or even specific country
borders. These regulations are different from the well-known and well understood
access control rules. The problem these data owners and security architects are
facing is not around access controls, but around physical storage of data when
created, caching of data when accessed, and storage of data in transit. Bacula
Enterprise has specific customization features, such as multiple Storage Daemons

Business Continuity: Disaster Recovery and Guarding Against Ransomware 3 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
and distinct Pools linked to particular Storage Devices which allow its data backup
to be segregated on both on-premises and off-site storage systems. Bacula’s unique
modular approach means that each agent’s data can be stored in a separate silo that
only it can access, on a separate data store, and even that access can be controlled
so that data loss potential can be minimized. Data can be further replicated to
secondary storages to add layers of protection. Remember too that the value of
tape for offline storage – and Bacula’s advanced tape backup and recovery abilities
- should not be underestimated.

Ransomware: Defense Fundamentals

Here are some specific technical considerations for your enterprise IT environment,
to protect against future ransomware attacks:

Use different credentials, uniquely for backup storage

This is a basic best practice and with the increasing amount of ransomware attacks,
it is as necessary as ever. The user context that is used to access the backup storage
should be completely confidential and only used for that purpose. Additionally,
other security contexts shouldn’t be able to access the backup storage except for
the account(s) needed for the actual backup operations. Avoid working as root
or Administrator. Use service accounts that are restricted as much as possible,
whenever possible. By default, Bacula builds authentication in the design and
enables the user to implement as much separation as possible from production
workloads. For example, its default installation ensures that its daemons run with
dedicated service accounts.

Make offline storage part of the backup strategy

Offline storage is one of the best defenses against propagation of ransomware en-
cryption to the backup storage. There are a number of offline (and semi-offline)
storage options that can be employed:

Media Type What’s Important

Cloud target backups These use a different authentication mechanism.
Are not directly connected to the backup system.
Primary storage Snapshots Better that they have a different authentication
framework. These snapshots can be used for re-
covery.
Replicated VMs Best when controlled by a different authentication
framework, such as using different domains for say,
vSphere and Hyper-V hosts, and Powered off.
Hard drives/SSD Detached, unmounted, or offline unless they are
being read from, or written to.
This table continues on the next page

Business Continuity: Disaster Recovery and Guarding Against Ransomware 4 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
 Media Type What’s Important

Tape You can’t get more offline than with tapes which
have been unloaded from a tape library. These are
also convenient for off-site storage. Tapes should
be encrypted.
Appliances Appliances, being black boxes, need to be prop-
erly secured against unauthorized access. Stricter
network security than with regular file servers is ad-
visable, as appliances may have more unexpected
vulnerabilities than regular operating systems.

Use Backup Copy Jobs to help mitigate risk

The Backup Copy Job is a great mechanism to have restore points created on
different storage and with different retention rules than the regular backup job.
When the previous points above are incorporated, the backup copy job can be a
valuable mechanism in a ransomware situation because there are different restore
points in use with the Backup Copy Job.

Do not rely on different file systems to protect backup storage

Although having different protocols involved can be another way to prevent ran-
somware propagation, be aware that this is certainly no guarantee against ran-
somware attacks. Even if today’s ransomware or viruses could not work on, say,
ext4 file systems, tomorrow’s will be able to. So, rely instead on proper secu-
rity: backup storage should be inaccessible as far as possible, and hopefully follow
Bacula’s example where there’s only one service account on known machines that
needs to access them. File system locations used to store backup data should be
accessible only by the relevant service accounts. There is no reason why end users
from different systems should ever have permission to access them. Bacula does
not require to allow remote access to its storage, and our best practices recommend
dedicated file systems or shares, well protected.
Using another set of credentials to allow access to shared file systems, for example
for snapshots, offline shares, or cloud storage is an inherently insecure approach -
all those should be restricted exclusively to the backup service account.

Be sure to use the 3-2-1-1 rule

Following the 3-2-1 rule means having three different copies of your data, on two
different media, one of which is off-site. The power of this approach is that it can
address nearly any failure scenario and doesn’t require any specific technology. In
the ransomware era, Bacula recommends adding another “1” to the rule where one
of the media is offline. The offline storage options listed above highlighted a number
of options where you can implement an offline or semi-offline copy of the data. In
practice, whenever you backup to non file system targets, you’re already close to
achieving this rule. So, tapes and cloud object storage targets are helpful to you.
Putting tapes in a vault after they are written is a long-standing best practice, fully

Business Continuity: Disaster Recovery and Guarding Against Ransomware 5 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
supported by Bacula with a variety of special tools to give you as many options as
possible.
Cloud storage targets can act as semi-offline storage from a backup perspective.
The data is not on-site, and access to it requires custom protocols and secondary
authentication. Some cloud providers allow object to be set in an immutable state,
which would satisfy the requirement to prevent them from being damaged by an
attacker. As with any cloud implementation, a certain amount of reliability and
security risk is accepted by trusting the cloud provider with critical data, but as a
secondary backup source the cloud is very compelling and fully supported as part
of a secure Bacula Enterprise implementation.

Beware of using storage snapshots on backup storage

Storage snapshots are useful to recover deleted files to a point in time, but aren’t
backup in the true sense. Storage snapshots tend to lack advanced retention man-
agement, reporting, and all the data is still stored on the same system and is
therefore may be vulnerable to any attack that affects the primary data.

Ensure you can recover all systems from bare metal

Bacula Enterprise provides Enterprise-grade Bare Metal Recovery capabilities. Al-
though Bacula Systems also provides provides advanced, comprehensive Linux Bare
Metal recovery, this section introduces Bacula Systems’ approach to do Bare Metal
Recovery of Windows operating systems as an example of an effective response to
ransomware damage in certain situations. It touches on how to prepare the Bare
Metal Recovery Procedures, how to create a custom emergency boot media, and
how to test a Bare Metal Recovery situation. It focuses on Intel based Windows
systems, from XP up to Windows Server 2016 that have been installed using a
standard procedure.

Bare Metal Recovery as part of a Disaster Recovery strategy

Bare metal recovery is accomplished in many different ways. Many enterprises simply
deploy a standard image, provision software, and then restore data and/or user
preferences. In many cases, all data is already stored remotely and the system itself
is largely unimportant. However, in many cases this is not a practical approach and
the ability to completely restore a machine to a point in time is a critical function of
the disaster recovery implementation. The ability to restore a ransomware-encrypted
computer to a recent point in time, including any user data stored locally, may be a
necessary part of a layered defense. The same approach can be applied to virtualized
systems, although there are usually preferable options available at the hypervisor-
level that Bacula can leverage for system-level recovery.

File-Based or Image-Based
For any sort of Bare Metal Recovery, a complete backup of the original system is
required. This is usually accomplished either by a filesystem-level backup of all files,
partitions, and data, or by a block-level image backup of the disk(s). While both
approaches have their pros and cons, we focus on the file based approach here.

Business Continuity: Disaster Recovery and Guarding Against Ransomware 6 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
Regarding image level backups, additional information can be found in the Bacula
Systems whitepaper “VMware Virtual Machine Backup with Bacula Enterprise”.
File based backups are typically smaller, and allow an easy capture of differential
and incremental backups. Correspondingly, it’s easily possible to restore individual
files (which, for many organizations, is still the most common scenario requiring
restore operations).
Bacula Enterprise Director and Storage daemon components, used in the backup
and restore of your Windows system, can run on any supported platform. Note that
you will need to modify the Bacula Director configuration, so it may be reasonable
to set up a test installation in your network and use that until you are satisfied that
your production backup system will not be negatively affected by your work.
Users should already have Bacula Enterprise installed, including the required network
connectivity, i.e. all routers and firewalls involved should allow Bacula traffic as
needed. In particular, this means that you may need to allow connections from all
machines you consider valid targets for BMR to the Bacula Director.
Since Bare Metal Recovery is used as a means to get critical systems up and running
quickly, it is important to ensure that the procedures planned actually work. A good
deal of this testing and fine-tuning today can be done in virtualized environments;
however, Bacula Systems recommends to test on your physical hardware as well –
only then can you be sure of your procedures. Full solution installation details are
available with a Bacula Systems Subscription.

How the WinBMR Works

During backup, the WinBMR plugin analyzes host disks and partitions. It creates
the directory C:/Bacula/winbmr and copies certain files and directories needed at
restore time to that location (only a few MB). If a “Recovery” or a “System Re-
served” partition is found, the plugin assigns an unused drive letter (usually the first
free letter starting at T:) to it for the time of the backup. This letter is released at
the end of the backup. If the system is EFI-enabled, the EFI partition is automat-
ically mounted, its contents copied to C:/Bacula/winbmr/partitions/EFI, and the
partition then unmounted. The BMR feature adds all static volumes that have a
drive letters to the backed-up File Set. As mentioned above you may exclude some
drive letters using the “exclude” option, but be careful to not exclude an impor-
tant drive or an unused letter (like T:) that the plugin might use for the “hidden”
partitions.
Bacula’s Bare Metal Recovery tool provides both a CDROM and an ISO image.
For testing purposes, on physical servers, the CD-ROM is the best choice, while
in virtual machines, the ISO image should be used. It is also possible to create a
bootable USB flash drive from the ISO.

Creating a bootable USB flash disk

If you need a bootable USB device, this is quite straightforward. To create a
bootable USB device from the ISO, you must first prepare your USB key using
diskpart. You must create a single partition and activate it to make it bootable,
then format the partition as FAT32 and assign it a drive letter, to copy the content
of the CDROM on it.

Business Continuity: Disaster Recovery and Guarding Against Ransomware 7 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
Doing the Recovery
Bacula’s Bare Metal Recovery tool allows for rapid and easy data recovery, via a
comprehensive GUI that allows review and modification of the configuration stored
on the recovery media, network configuration, client selection, and where to restore
to. You are able to manage disk drives, create partitions, format them and select
to which of them the data will be restored. Disk Matching, manual portioning
and Volume Matching functions are all provided. After working through the restore
wizard, the restore can be started. Using the wizard, you can “Cancel” the process
and go back to make further changes, or simply start a new restore process. When
restore is completed, the screen shows the status of the restore and the status of
the process making the host bootable.
If your setup includes dynamic disks, you must import them in the freshly restored
system after the reboot. This can be done via Bacula’s inbuilt tools.

Disaster Recovery Planning – an Overview

Approaches outlined above, such as Bare Metal Recovery, are important individual
technical measures an IT department can utilize to protect an organization against
Ransomware attacks. However, they need to be part of a wider, deeper contingency
plan that spans the entire organization – Disaster Recovery.
Having a sound Disaster Recovery Plan is one of the cornerstones of cyber security,
and one of the best ways to effectively protect your organization as a last resort. This
is equally true when it comes to implementing ransomware protection strategies, and
must not be ignored.
Developing an IT disaster recovery plan involves choosing the right people to be
involved, assigning appropriate roles, selecting the technologies to use, as well as
developing, implementing, testing, and documenting the recovery process.

What is an IT Disaster Recovery Plan?

An IT disaster recovery plan documents:
◾ the company’s leadership’s objectives for disaster recovery
◾ members of the recovery team and their roles and responsibilities

◾ detailed procedures for protecting and recovering required technical services

after a disruptive event such as a flood or fire
An IT disaster recovery plan aims to:
◾ provide critical IT services after an incident.

◾ ensure that critical business functions continue within a sufficient period of

time.

Business Continuity: Disaster Recovery and Guarding Against Ransomware 8 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
Who Is Involved in IT Disaster Recovery Planning?
The company’s IT manager should lead the planning. He or she usually works with
the IT department to determine specific steps within the disaster recovery process
and to develop and test the resulting recovery plan.
In addition, it is also important to involve other stakeholders outside of the IT
department, including senior leaders, CTO and CEO office representatives, and
board members (if applicable) to ensure the entire organization’s needs are met.

The Disaster Recovery Planning Process

Disaster recovery planning is an ongoing and iterative process. Each step includes
several activities to be performed. During initial development of the disaster recov-
ery plan, certain stages are repeated several times, each time focusing on developing
and testing recovery plans for a different service or a set of services.
After obtaining leadership commitment to the disaster recovery planning program
in stage 1, stages 2 through 5 are repeated periodically. IT services are dynamic:
new services are created and obsolete services are retired. Remember that priorities
and disaster recovery plans must be reviewed and revised periodically to ensure that
they are current.
Bacula Systems offers a comprehensive Disaster Recovery Guide and Template avail-
able here, that shows you how to create a simple disaster recovery plan for your
company that can be further expanded, based on your company’s needs. The doc-
ument contains two sections:
◾ IT Disaster Recovery Planning Guide – Walks you through the process
of obtaining the required authorization, establishing planning priorities, de-
termining the technical approach, as well as developing, implementing, and
testing the disaster recovery plan.
◾ IT Disaster Recovery Plan Template – Provides sample content that you
can use while developing a disaster recovery plan for your organization.
The Bacula Disaster Recovery Guide documents the following planning factors in
great detail:
◾ Obtaining Authorization and Commitment
– Gathering Background Information
– Determining how to proceed
◾ Defining Priorities
– Identifying Critical Services
– Assessing Impact of Service Outage
– Risk Assessment
– Prioritization
– Deciding extent of action
◾ Deciding on Technical Methodology

Business Continuity: Disaster Recovery and Guarding Against Ransomware 9 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
 – Determining a technical methodology for each service
– Developing Facility and Infrastructure Plan
– Estimating Costs and Developing a Schedule
◾ Developing and Implementing the Plan
– Roles and Responsibilities
– Determining disaster response process
– Developing detailed service recovery plans
– How to Test
◾ Authorization
– Policies and Administrative Regulation
– Objectives
◾ Services and Their Priorities
– Services List
– Assessing Impact of Service Outage
– Assessing Risks
– Prioritize
– Set Scope
◾ Facility and Infrastructure Plan

– Determining technical approach for each service

– Facility Plan
– Infrastructure Plan
– Estimating Costs and Developing a Schedule
◾ Plan Implementation

– Roles and Responsibilities

– Disaster Response Processes
– IT Services Recovery Plans
– Testing the DR Plan

The above strategic factors are Bacula’s recommended approach to organizational-

wide DR planning. Download the Bacula Systems Disaster Recovery Guide and
Template ......
Here2
2 https://www.baculasystems.com/download-your-disaster-recovery-plan-template
.........................................................................................................

Business Continuity: Disaster Recovery and Guarding Against Ransomware 10 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
How Secure Is Bacula Enterprise?
One of the fundamental reasons Bacula is especially strong against cyber-attack is
that its core components run on Linux. This tends to give it a strong advantage over
many other solutions that do not, or other proprietary solutions that cannot offer
dedicated encryption to their different components. Furthermore, many backup
systems are not even modular enough to offer sufficient encryption configurations
and options to be truly secure.
Another way Bacula offers security is that it is typically able to back up all of
the many applications, databases and file-types found in todays most complex IT
departments. Being able to back up everything from a single platform helps to
significantly reduce the risk of mistakes from using multiple backup solutions, or
combining a principle backup system with a secondary, less secure solution. It is
not only Bacula’s core architecture that brings inherent superior security; it also has
specific security features, many of which that are highly customizable:
Bacula is unparalleled in the backup and recovery industry in providing for extremely
high security levels. This ability spans specific elements regarding its architecture,
features, usage approaches and customizability Bacula’s critical components run
on Linux. Bacula has state of the art security built into each of its software layers.
Some other features are:

◾ FIPS 140-2 compliant

◾ Verify the reliability of existing backed up data
◾ Detect Silent Data Corruption

◾ Data encryption cipher (AES 128, AES192, AES256 or blowfish) and the
digest algorithm
◾ Automatic use of TLS for all network communications (can be turned off)
◾ Verification of files previously catalogued, permitting a Tripwire-like capability
(system break-in detection)
◾ CRAM-MD5 password authentication between each component (daemon)
◾ Configurable TLS (SSL) communications encryption between each component
◾ Configurable Data (on Volume) encryption on a Client by Client basis

◾ Computation of MD5 or SHA1 signatures of the file data if requested

◾ Windows Encrypting File System (EFS)
◾ Unique system architecture for especially strong protection against ransomware

◾ Immutable disk volume feature

◾ bconsole option to connect to an Active Driectory or LDAP server in order
to protect its access
◾ Advanced Rasomware detection tools

Business Continuity: Disaster Recovery and Guarding Against Ransomware 11 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
 ◾ One-Time Password (OTP) authentication allowing use of smartphones with
bio-metric functions to access Bacula’s web GUI

◾ Storage Daemon Encryption

◾ Security Information and Event Management (SIEM) Integration
◾ Security module dedicated to Windows
◾ Automatic malware protection (backup, restore, verify)

◾ Improved & enriched security metrics

◾ SNMP Monitoring integration module
◾ NFS Immutability support (Netapp SnapLock)

Conclusion
Bacula Enterprise offers a modern, modular, high-value solution for backing up
and recovering data fast and effectively after a Ransomware attack. Its common
interface and policy engine gives the required level of safety, speed and control
needed for correctly protecting today’s - and tomorrow’s IT environments.
For maximum protection against ransomware and similar threats, Bacula Systems’
strong advice is that your organization fully complies with data backup and recovery
best practices. Bacula Systems offers professional and advanced level professional
training to provide exactly this.
The methods and tools outlined in this paper - and other Bacula Enterprise features
- are used by Bacula Systems’ customers on a regular basis. For companies without
advanced-level data backup solutions, Bacula Systems urges these organizations to
conduct a full review of their backup strategy, and their Disaster Recovery strategy,
and evaluate a modern backup and recovery solution such as Bacula Enterprise.

Bacula – Ease of Integration

Bacula Enterprise allows organization to back up and recover from Ransomware
attacks by providing a ’single pane of glass’ view over backup and recovery of the
entire IT environment. Its especially broad feature-set enables native integration
with a very wide range of technologies. This in turn allows users to also apply best
practices across their entire infrastructure. Please see the diagram below for an
overview of Bacula Enterprises’ wide fit into your complex IT environment.
Bacula Enterprise Free Trial: https://www.baculasystems.com/try
................................................

Business Continuity: Disaster Recovery and Guarding Against Ransomware 12 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
 AZURE VIRTUAL GOOGLE S3
MACHINE WORKSPACE OBJECTS

Figure 1: Bacula Enterprise: Broad Compatibility Set

Business Continuity: Disaster Recovery and Guarding Against Ransomware 13 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners
For More Information
For more information on Bacula Enterprise Edition, or any part of the broad Bacula
Systems services portfolio, visit www.baculasystems.com.

Business Continuity: Disaster Recovery and Guarding Against Ransomware 14 / 14

Copyright © December 2022 Bacula Systems SA www.baculasystems.com/contactus
.................................................
All trademarks are the property of their respective owners