This has been 4 years in the making. I have tested this extensively at my office and at a clients remote location. With ransomware going nuts I am targeting this launch towards protecting against ransomware and offering an affordable, onsite system that makes recovering from a ransomware attack much less onerous than it is today. i currently have this deployed on a refurbished Dell R520 server for my primary office storage. This software also provides one of the backup layers for my hosting clients both for shared website hosting and dedicated server hosting.
This product has been used from the beginning to provide ETC Maryland with its ransomware resistant backups for all client shared and dedicated server hosting accounts. I have also been using this for a local radio station and have already been able to recover a large data folder after an accentual deletion without having to reach for the cloud backup.
Costs will be exceptionally reasonable as the software is free and the hardware will be either refurbished or lower end “enterprise” hardware. Each machine will be custom tailored for each client but the base software will be the same. This means users can easily self-mange their machines or transition between management companies if desired.
Here is what I am offering today:
- Local device at clients location acting as either a file server/NAS/Backup target utilizing compressed data storage. This machine supports SMB/ISCSI/NFS/Apple protocols.
- Filesystem, data volumes can each individually be encrypted or not(using one key for entire volumes to different keys per individual data container) depending on regulations and desires. This means if the machine is powered down or restarted..any encrypted volumes will require the entering of an encryption unlock code before data can be accessed.
- Data can be checked at regular intervals(customizable) for data integrity to protect against bitrot and other data errors automatically.
- This appliance can send it’s data over a separately encrypted connection to an offsite backup server to store the clients data offsite for DR purposes. This data will arrive on the remote server encrypted with a separate key and salt. The key will NOT sent to the remote location.
- The data will be further protected against intrusion via strict ACL’s so that nobody but the clients machine/s and/or user/s can read that data over the local network if desired.
- With the most recent version of the software, cloud backup is now built into the system. Cloud storage fees will be borne directly by the client.
- With proper setup…and management..this product is highly resistant against ransomware. The internal snapshots the system takes(at customized intervals) of all storage volumes allows the system to be recovered in minutes to hours(depending on the size of the data volume) without ever having to touch the cloud. Individual files all the way to entire volumes can be recovered with ease using the web interface or the command line. The operating system is never exposed to the network directly(when properly configured) greatly decreasing the chance of the operating system being encrypted. This makes recovery from a malware/ransomware attack more certain.
For my target clients this will be a major upgrade for ransomware and malware protection that simply doesn’t exist today. Finally, the name of the free software that allows this kind of storage? It is called Truenas. Please contact me at firstname.lastname@example.org with any inquiries.
Emmanuel Technology Consulting