Ransomware Recovery & Security Hardening
Client Profile :
Client faced a severe ransomware incident that compromised its servers and disrupted daily operations.
Background & Context:
Client discovered that its servers were locked by ransomware, halting services and putting sensitive data at risk. With no existing incident response protocol, swift and structured action was critical.
TrueNAS Backup Server with Google Sync & File Versioning
Client Profile:
A small business wanted to move away from storing all business data in their Windows environment to reduce exposure to ransomware and operating system–level vulnerabilities. They needed a secure, reliable backup solution with cloud integration and version control.
Solution Implemented
We deployed a dedicated TrueNAS backup server, leveraging its Linux-based architecture to keep the backup infrastructure isolated from the Windows environment. The setup included:
- TrueNAS installation and configuration for enterprise-grade data storage and backup management.
- Software RAID 5+1 implemented to provide both performance and redundancy, ensuring that no single disk failure would cause data loss.
- Google Drive Sync integration to maintain an off-site, real-time backup in the cloud
- File versioning enabled to retain multiple historical versions of files, allowing easy restoration in case of accidental deletion, corruption, or ransomware encryption.
- Network configuration to ensure backups occur securely and efficiently without impacting day-to-day operations.
Challanges
While setting up TrueNAS on the Dell server, the system initially couldn’t detect the storage drives. The issue came from the server’s built-in RAID controller, which was hiding the disks from TrueNAS. To fix this, I had to reconfigure the controller’s firmware so the drives could be recognized individually.
This process was complex and required careful handling, but once completed, it allowed TrueNAS to fully manage the disks with ZFS. Overcoming this step ensured the backup solution was built on a stable and flexible storage foundation.
Outcome:
The client now has a resilient backup system that operates independently from their Windows network, greatly reducing the risk of complete data loss in case of cyber incidents. The combination of TrueNAS’s local storage with software RAID 5+1, Google Drive cloud sync, and file versioning provides both on-site and off-site redundancy, ensuring quick data recovery and long-term business continuity.
Win Server, VDI & Firewall deployment for RDS Business
Client Profile:
A small business owner planned to launch a side business providing clients with secure RDP access that included pre-configured licensed software packages such as Microsoft Office, Tally, and CorelDRAW. The solution needed to be reliable, scalable, and capable of supporting multiple clients while maintaining strict security and licensing compliance.
Solution Implemented:
We designed and deployed a complete infrastructure to meet the client’s requirements:
- Two Windows Servers configured with Active Directory for centralized authentication, user account management, and policy enforcement
- VDI (Virtual Desktop Infrastructure) to provide each client with a secure, isolated remote desktop environment tailored to their software package selection.
- Integration of licensed software, including Microsoft Office, Tally, and CorelDRAW, ensuring compliance and easy management.
- Deployment of a pfSense firewall configured with multi-WAN and LAN setup for redundancy, load balancing, and optimal network performance.
- Creation of advanced firewall rules to allow only required services while blocking unauthorized traffic.
- Network segmentation to separate administrative systems, client RDP sessions, and management interfaces for enhanced security.
Outcome
The project resulted in a secure, high-performance hosting environment that enabled the client to confidently offer remote desktop services to their customers. The multi-WAN configuration ensured continuous uptime even if one internet connection failed, while the LAN segmentation protected internal systems from client activity. With centralized management, licensing compliance, and a firewall-first security approach, the client’s business launched on a stable and scalable foundation ready to grow.
Securing a Windows Environment
Client Profile :
A small business approached us with the goal of creating a secure, controlled Windows environment for their employees.
Response Approach
Phase 1: Planning & Assessment (Day 0)
Met with the client to understand business operations, compliance requirements, and security concerns.
Identified the need to control internet usage, block external device access, and maintain consistent patching.
Phase 2: Policy Design (Day 1)
Phase 3: Implementation (Days 2–3)
Applied Chrome Enterprise policies across all systems. Configured USB storage blocking at the OS level. Installed and configured endpoint security software for real-time threat detection. Deployed Action1 for centralized patch management and remote script execution.
Phase 4: Security Increased (Day 4)
Verified all policies and restrictions were active and effective.
Tested patch deployment and automation through Action1.
Provided the client with a simple guide for approving new websites and managing updates.
