End-of-year security hygiene: Start 2023 off on the right foot!

As we approach the end of 2022 and the upcoming release of the Veeam Platform v12, this is an opportune time to ensure that your organization enters 2023 with a strong security posture. All too often, security is treated as a one-time effort: Audits are performed, new policies are drafted and changes are implemented. Unfortunately, most organizations don’t go back and routinely update and review what they currently have in place. Instead, it usually takes a threat or an incident to shine a light on gaps that should have been plugged.

With the holiday season quickly approaching, the last thing any IT professional wants is to get that dreaded call that their environment has been compromised. Fortunately, there are a few best practices that you can implement to help you enjoy a quiet and restful holiday season. Not only will these tips help keep your environment in optimal shape, but it’ll also pave the way for a successful V12 upgrade.

Implement immutability

When it comes to ransomware or bad actors, immutability is one of the first technologies that you should implement to protect your valuable backups. When data is stored on an immutable repository, you can define a policy for  a set period. Until the policy is over, the data cannot be altered. This means that whether you face ransomware attack or a rogue administrator, or even if you simply have regulatory compliance requirements to meet, your data will be safe. Immutability is available today in Veeam Backup & Replication v11 when you use a Linux repository, Amazon S3 Object Lock, tape or other immutable storage targets.

With Veeam Backup & Replication 12, immutability will see some vast improvements that will make  Day 2 operations easier for enterprises. Hardened repositories and a few other on-premises object storage options will streamline the process of creating  immutable repositories for the greatest level of control. For customers who want to backup directly to virtually limitless cloud object storage, V12 will bring support for Microsoft’s new object level immutability for Azure Blob Storage.

Trust, but verify your backups

An untested backup is a roll of the dice — it’s not the backup that matters, it’s the restore. Although jobs may complete without warnings, it is still imperative that you test your backups. Why? There could still be a large number of issues that throw a wrench into your restores, and your business when problems arise. However, there are other elements to consider in addition to restorability, including:

  • Is application-aware processing required to reliably backup your workloads?
  • Are your workloads in a healthy state when they’re backed up? Are reboots pending, and could they be problematic when restored?
  • Is your repository’s underlying storage system healthy?

Fortunately, features like SureBackup® can help you with customized and automated testing. Veeam first introduced SureBackup in 2010 as a way to guarantee that your backups were truly tested. Automating backup testing takes the pain out of the task while giving you peace of mind knowing that you’re protected.

In situations with increased complexity, Veeam Disaster Recovery Orchestrator v6 (coming soon), offers zero-impact testing. Key new features like orchestrating Windows and Linux restores, restoring anything to cloud and ransomware rollback capabilities will provide the flexibility that you need to test, document and recover fast. With these new features, customers can orchestrate restores of their Veeam backups, whether physical or virtual, to vSphere or Azure, while scanning restore points for threats as part of the recovery.


Creating and maintaining documentation is a task that few of us enjoy, but it’s something that many IT professionals wish they did more. This can be time-consuming and laborious to create and validate, and unfortunately, the quality of documentation can vary widely depending on who is creating it, and who’s reading it. Unfortunately, it’s not easily replaced. Whether it‘s an app migration that went wrong, or a cyber threat that took out a datacenter, planned recovery tactics with documentation to help you rebuild fast is one of the best tools for getting operations back up and running.

Good news is, there are tools out there to help. Whether you want to find a good screenshot program to quickly grab setup details, or tools to assist you with logical diagramming, good documentation is nearly irreplaceable. On the Veeam side of things, Veeam Disaster Recovery Orchestrator v6 is just around the corner, within weeks of V12. Among the update’s new improvements is one of the true gems of the product: Automated documentation. Automating your documentation (and your recovery) takes the pain and guesswork out of the task and strengthens your odds for a successful recovery. Empower your executives with the confidence that your business is compliant and ready when disaster strikes.

Reporting and compliance

Whether required by law or your best practices, enterprises need to understand what their current health is. Are there areas that need more attention? Are there service level agreements (SLAs) that are being violated? Visibility into the good, the bad and the ugly is the only way to measure the overall health of your infrastructure. Having well-defined recovery point objectives (RPOs) and recovery time objectives (RTOs) are table stakes. Being able to monitor your organization’s compliance in real-time, before you need them, is one of the keys to success.

With Veeam ONE v12, you’ll see an increased level of focus on reporting on your overall security posture. With the upcoming immutable workloads report, teams will be able to see granular details like what jobs or workloads aren’t protected with immutable backup repositories. For enterprise-grade workloads with aggressive targets, Veeam Disaster Recovery Orchestrator provides an at-a-glance view of SLA compliance with documentation. With the ability to define targets and test plans, IT departments will have the knowledge and confidence to know that their workloads are being protected. Be prepared!

Planning for success starts today

Maintaining a strong security posture is an iterative event, meaning that it’s a task that needs to be continually revisited and re-evaluated. It is also key to a healthy environment. Reviewing and implementing the best practices outlined above will assist you in creating a safe and robust environment.  Furthermore, that environment will be in an optimal state to benefit from the Veeam Platform V12 launch with the various security, immutability and enterprise-grade capabilities. 

Watch the on-demand webinar now to learn more.

Stay up to date on the latest tips and news
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam’s Privacy Policy
You're all set!
Watch your inbox for our weekly blog updates.