We have MFA enabled on the Barracuda Cloud Control to protect our backups from being accessed/erased by a targeted attack on our network. However, the local backup appliance does not require MFA and from there you can easily delete all of the backups. More and more Cyber insurance policies are requiring "vaulted" backups or proof of MFA to access backups. We may need to move away from Barracuda as a backup product if MFA cannot be enforced on the local appliance or if Barracuda cannot provide a way to make it more difficult to purge backups.
1 reply to this topic