🔄 Types of Backup by Location
- Local (On-Premises) Backups
Backups stored within your office or facility.
• External USB/Thunderbolt drives
• Easy and cheap.
• Risk: fire/theft/ransomware if always connected.
• Network Attached Storage (NAS)
• Can serve multiple machines.
• Supports snapshots and automated schedules.
• Risk: must be secured from ransomware via permissions or snapshots.
• Dedicated Backup Servers
• Full-featured systems running backup software (e.g. Veeam, Bacula).
• May support disk rotation or replication.- Offsite (Remote Physical) Backups
Physical copies stored away from the main premises.
• Rotated external drives
• Manual but effective. Swap weekly and keep off-site (e.g. at home or in a fireproof safe).
• RDX cartridges / LTO tapes
• Enterprise-grade, durable and write-once (immune to ransomware).
• More expensive, but secure and offline.- Cloud Backups
Backups sent via the internet to a third-party provider.
• Cloud storage services (e.g. Backblaze B2, Wasabi, Amazon S3)
• Can be used with backup software to push encrypted backups.
• Set up retention, encryption, versioning.
• Integrated backup platforms (e.g. Acronis, CrashPlan, MSP360, Veeam Cloud Connect)
• Manage everything from scheduling to version control in one interface.
• File sync services (e.g. OneDrive, Dropbox, Google Drive)
• Not backups in themselves — unless versioning and archive modes are enabled.
• Risk: synced ransomware-infected files can overwrite clean copies.⚙️ Types of Backup by Method
Full Backup
• Everything is copied.
• Slowest and largest but easiest to restore.Incremental Backup
• Only data changed since the last backup (any type) is stored.
• Efficient but restoration can be slower (requires chain).Differential Backup
• Backs up all data changed since the last full backup.
• Faster restore than incremental, bigger than incremental.
🧯 Special Techniques for Ransomware Defence
• Offline backups
• Unplugged drives or media not accessible from the main system.
• Immutable storage
• Backups that cannot be deleted/overwritten for a set period (e.g. Wasabi, AWS S3 Object Lock).
• Snapshots (ZFS, Btrfs, or NAS-specific)
• File system-level, space-efficient, and instant rollback.
• Schedule frequent snapshots and restrict deletion to root/admin.