Connecx Backup protects your devices against ransomware if you keep a few things in mind when setting it up
Use a unique password for the users on the Connecx Backup server. Especially for the “admin” user. We are not aware of any ransomware that actively deletes backups from Connecx Backup servers via web interface but theoretically it is possible if the users on the server use a weak password or the same password that the ransomware already used to spread
Don’t connect the server OS, storage, etc. to your Active Directory. Ransomware may already be spreading via using admin accounts on your Active Directory. You don’t want it to be able to spread to your backup server this way! If you run the Connecx Backup server in a VM you also don’t want to connect the VM hyper-visor to Active Directory.
In general it is useful to have this image in mind when evaluating risks w.r.t. backups:
There are many risks to the data stored on the clients, for example (red section):
The client disk may break
If it is a laptop it might get stolen, lost or get damaged by accident
Ransomware attack encrypts all data on the client
Similarly there are many risks to the data stored on the server, for example (blue section):
Server disks may break
Electrical surge
Someone hacks in and deletes all the data
You want to eliminate/reduce those risks (e.g. by using RAID), especially those that occur frequently or are easy/low cost to reduce.
What you should be most concerned about, however, are the risks that affect both simultaneously, for example (intersection between red and blue section):
Ransomware attack encrypts all data on client and server because it can get access to both via taking over Active Directory
Electrical surge destroys both client and server disks
Asteroid destroys both client and server, because they are on the same continent
Make a list of those risks, reduce them if possible (e.g. by having a unique, separate admin password or surge protection for client or server) and then judge if they are rare enough or can be ignored (one probably has other problems if an asteroid destroys a continent).
Connecx Backup is better than other backup software at protecting you from ransomware
Again, looking at the picture above, other backup software often fails at keeping backup (server) and backup source (client) sufficiently independent:
Backups are stored to attached/local disks: Randomware encrypts/formats all attached disks
Backups are stored to network attached storage: Ransomware encrypts network attached storage
Backup software that allows deletion of past backups from the backup source (client): Ransomware deletes backups
In general if the client can delete old backups, they are not sufficiently independent. Even if the backup software obfuscates deletion it is only a matter of time or cost/benefit till ransomware authors circumvent the deletion protection
The independence goes the other way, as well. If an attacker/ransomware takes over your backup server it should not be possible to affect data on the backup source (client), specifically:
Setup arbitrary pre-/post backup scripts from the server that may delete/encrypt data on the client
Initiate restores from the server, which may restore garbage/encrypted data to the client
Run arbitrary software on the clients via an update mechanism
Backing up via an arbitrary command channel (e.g. SSH) that allows the server to destroy data on the client