I have just received my first experience with "CryptoDefense" on a client's PC. It made me wonder what the best backup solution would be.
I have instructed my clients to have a rotating schedule of backups (using external HDDs rotated out 2-3 times a week), but I know they don't follow through with it.
What I'd like to accomplish is a "One-Click" solution for my clients to be more inclined to do backups when they are scheduled. I use automated local backup options (SyncBack), along with automated off-site backups (again, SyncBack or Carbonite), all going to Windows-based machines (server or desktop). I still see an issue if a client is infected with one of the Crypto variants.
I'm trying to build a solution that will be easy enough for a client to follow through with backups.
What I was thinking was introducing a Linux box to each client's site, with a virtual machine acting as the file server. Then, using the Linux host OS to backup the virtual machines (using snapshots and full backups). Then, using some automated software to make local backups from the Linux host OS to an external solution (rotating out a couple of times a week).
Am I on the right track to making a "Crypto-proof" backup solution? If not, I would appreciate some suggestions. I would love to trust my clients to make sure that they are backing up data accordingly, but I simply cannot.