When your Unit is providing File Share Services to your clients (Home Drive, Shared Drive)

  • Ensure file server is only accessible from known networks. File servers should not be accessible from the public Internet except through a VPN
  • Ensure file server permissions are correctly set to ensure user accounts only have limited access to a subset of files. This limits damage if an account is compromised.
  • Ensure file services have malware/virus detection systems in place i.e. virus scanners
  • Ensure data is recoverable by following 3-2-1 backup best practices:
    • 3 copies of data – primary working copy and two backups
    • 2 physical locations – one backup location must be on separate system preferably at a different location, and with different credential sets for access.
    • 1 offsite/offline – one copy of the backup should only be accessible offline, or should not be normally accessible by production systems
  • Some file servers support read-only versioning systems, commonly called Shadow Copies or Snapshots.  While not replacements for true backups, these can help with recovery if damage is detected early.
  • Ensure logging and auditing systems for file servers are enabled in order to assist in early detection
  • Logs should be duplicated on the fly  to separate systems that are not accessible by the same credentials.