MCSBackup is designed to be an internal system used by system administrators and a-like, hence it is not designed to be available through a public facing internet – and you are yourself responsible for the security by adding appropriate layers of firewall, vpn’s and / or authentification, do NOT trust the built in username and password handling to keep your data secure from intruders, when that is said here’s a few god advice’s:
- Don’t expose MCSBackup to the public internet, keep it vpn’ed and/or firewalled.
- Prefer to pull backups into the system.
- If pushing backups into the system is the only viable option, make sure to limit the credentials of the given users as much as possible.
- Only give access to those who actually needs it, this is no more than a couple of senior sysadmins in your organization, and NOT everybody who happens to a “domain admin” on your Windows network.
- If you don’t have at least two or three skilled sysadmins in your organization with years of Linux/Unix experience, you need commercial support – if not for anything else than to educate your own staff.