Comment on How do you protect a remote backup from a compromised account?
Onomatopoeia@lemmy.cafe 3 weeks agoTo add - by doing pulls the backup server uses different credentials to run than the credentials used to perform pulls.
Backup server has it’s own credentials database, machines being backed up have their own database. Backup service in backup server uses appropriate credentials from machine being backed up to access the data there (shares, etc). So credentials from compromised machine are unrelated to credentials for backup server.
And if backups are done properly (full on a schedule, daily incrementals, or something similar) you should be able to revert to a known-good state with minimal data loss.