When your Unit is providing File Share Services to your clients (Home Drive, Shared Drive)
- Ensure file server is only accessible from known networks. File servers should not be accessible from the public Internet except through a VPN
- Ensure file server permissions are correctly set to ensure user accounts only have limited access to a subset of files. This limits damage if an account is compromised.
- Ensure file services have malware/virus detection systems in place i.e. virus scanners
- Ensure data is recoverable by following 3-2-1 backup best practices:
- 3 copies of data – primary working copy and two backups
- 2 physical locations – one backup location must be on separate system preferably at a different location, and with different credential sets for access.
- 1 offsite/offline – one copy of the backup should only be accessible offline, or should not be normally accessible by production systems
- Some file servers support read-only versioning systems, commonly called Shadow Copies or Snapshots. While not replacements for true backups, these can help with recovery if damage is detected early.
- Ensure logging and auditing systems for file servers are enabled in order to assist in early detection
- Logs should be duplicated on the fly to separate systems that are not accessible by the same credentials.