# Step 1: Emergency Backup (~1 hour, remote) **Must complete before touching anything.** HIPAA §164.308(a)(7) requires backup and disaster recovery for all PHI. No backup = non-compliance. Synology NAS and CS-SERVER both contain PHI. --- ## 1.1 — Set up Synology Active Backup for Business See `session3-2026-03-07.md` Step 1 for detailed walkthrough. 1. Log into Synology DSM at `https://192.168.0.120:5001` 2. Install "Active Backup for Business" from Package Center (free with Synology) 3. Install ABB agent on CS-SERVER via ScreenConnect (download from DSM → ABB → Physical Server → Add Device) 4. Create backup task: - Source: CS-SERVER (192.168.2.254), entire machine (C: + D:) - Destination: Synology Volume 1 (~540 GB free, expect ~300 GB after compression) - Schedule: Nightly at 2:00 AM - Retention: 7 daily + 4 weekly - Compression + transfer encryption enabled 5. Run first backup manually 6. **Verify it completes successfully before proceeding** **Storage note:** ~592 GB raw data, but ABB compression typically achieves 40-60% reduction. Should fit with room for incrementals. **HIPAA critical:** PHI backup must succeed before any other migration work begins. ## 1.2 — Export pfSense config 1. Open pfSense web UI (192.168.0.1) 2. Diagnostics → Backup & Restore → Download configuration as XML 3. Save to `D:\Shares\IT\Backups\pfSense\` on CS-SERVER ## 1.3 — Export configuration snapshots Run on CS-SERVER via ScreenConnect: ```powershell # Script: scripts/phase0-export-configs.ps1 # See script for full commands ``` Exports: AD users/computers/groups, DNS records, NPS/RADIUS config, file share permissions (SMB + NTFS), GPO reports. All exports saved to `D:\Shares\IT\Backups\`. ## 1.4 — Quick remote health checks Run `scripts/phase0-remote-checks.ps1` on CS-SERVER via ScreenConnect. Checks: - Disk SMART health via Dell OpenManage - Unknown listening ports (5504, 6783, 8019) - IIS website audit - DNS forwarder verification - General server health (memory, disk, uptime) ## Checklist - [ ] Active Backup for Business installed and first backup completed - [ ] pfSense XML backup saved - [ ] AD export CSVs in `D:\Shares\IT\Backups\AD\` - [ ] DNS export in `D:\Shares\IT\Backups\DNS\` - [ ] NPS export in `D:\Shares\IT\Backups\NPS\` - [ ] Permissions exports in `D:\Shares\IT\Backups\Permissions\` - [ ] Remote health checks completed (disk, ports, IIS, DNS forwarder) ## Rollback Step 1 is read-only/additive. Nothing to roll back.