In today’s fast-paced digital landscape, technology drives nearly every aspect of our lives, making it critical that we protect ourselves against cyberattacks. As the threat of ransomware continues to grow, a robust defence strategy is essential.
In this blog post, we’ll explore the significance of cybersecurity in today’s world, delve into the Essential Eight Maturity Model, and show how Veeam’s commitment to educating and empowering customers is focused on implementing the right measures to minimise fallout from cyberattacks.
Understanding the Essential Eight
The Essential Eight is a set of fundamental cybersecurity strategies co-developed by the Australian Signals Directorate (ASD) and Australian Cyber Security Centre (ACSC). These strategies serve as a comprehensive framework to protect against a wide range of cyber threats. They include application whitelisting, patching applications and operating systems, configuring Microsoft 365 macro settings, user application hardening, restricting administrative privileges, patching operating systems, multi-factor authentication, and daily backup of important data.
These strategies are not one-size-fits-all and should be tailored to suit an organisation’s unique needs and circumstances. This is done through identifying and progressively implementing a target maturity level that is suitable for their environment. This flexibility allows businesses to adapt their cybersecurity approach to their specific risk profile and operational requirements.
Veeam and Your Journey to Cybersecurity Resilience
Veeam, a leader in data management and backup solutions, plays a pivotal role in helping organisations achieve cybersecurity resilience. By helping customers to align with Essential Eight Maturity Level Three, Veeam provides capabilities that enhance data protection and threat mitigation. Backups are arguably one of the most important safety precautions as they are usually the last line of defence against ransomware to maintain business continuity.
Veeam offers a complete solution for both Essential Eight Maturity Level Two and Three compliance for backups, and additional support on other Essential Eight components to enable federal and state agencies to support, meet and in some cases exceed many of the Maturity Level Three requirements at scale.
Key takeaways from the Essential Eight strategies include the need for proactive defense measures, constant monitoring and updates, and the critical role of employee awareness in maintaining a secure environment. Veeam fully understands these principles and is dedicated to supporting customers’ cybersecurity efforts:
- Multi-factor authentication (MFA): Veeam enhances security with strong MFA. This strengthens protection against credential compromise and reduces attack risks for backup applications, while enabling both console as well as self-service restore for end users with MFA built into the recovery process for every user.
- Patch applications and operating systems: Veeam proactively builds out production-identical environments on any ESXi or Hyper-V Host using the latest backup data, creating an isolated sandbox to mirror production workloads for recovery testing to avoid conflicts. This process also allows for real–life testing of application patches and OS updates non-disruptively, without the cost, overhead and expense of maintaining a separate UAT/test environment. This enhances system stability and cybersecurity resilience by also scanning for dormant threats by third-party anti-malware platforms as a part of recovery testing.
- Restrict admin privileges: Veeam employs powerful Role-Based Access Control (RBAC) with ‘least privilege,’ reducing insider threats, and recommends keeping backups separate from the active directory domain to prevent credential leaks.
- Regular backups: Veeam’s solutions automate backups for data integrity, the support of operational continuity in hybrid cloud and PaaS/SaaS workloads, and to provide confidence in digital-asset integrity through validation and compliance monitoring.
- Backups of important data, software and configuration settings are retained in a secure and resilient manner: Veeam fully supports ISM-compliant encryption for data in transit and at rest, using industry standards such as S3 Object lock for AWS and S3 compatible storage, Azure Blob immutability, as well as tightly integrating into leading deduplication appliance immutability from HPE and Dell. We also offer Linux-based immutability for added ransomware protection and encrypted offsite configuration backups for regular scheduled recovery to offsite locations via our Veeam Hardened Repository.
- Restoration of important data, software and configuration settings from backups to a common point in time is tested as part of disaster recovery exercises: Veeam offers automated, scheduled, and ad hoc recovery testing for applications and servers. It uses isolated sandbox environments for non-disruptive testing, including schedulable DR failover testing with Veeam replication, recovery testing, and DR orchestration at scale via Veeam Recovery Orchestrator. This also provides dynamic DR documentation and recovery plan testing to preconfigured RTO/RPOs for each application ecosystem, even to the cloud. All testing includes virus/malware scanning and integrates with leading antivirus platforms for threat detection in backups or replicas.
- Unprivileged accounts cannot access backups belonging to other accounts, nor their own accounts: Unprivileged accounts need explicit access permission for Veeam backup consoles. Veeam Enterprise Manager integrates with active directory for granular role-based backup segregation, additional controls, and MFA in the Microsoft 365 self-service restore portal.
- Privileged accounts (excluding backup administrator accounts) cannot access backups belonging to other accounts, nor their own accounts: Veeam Enterprise Manager segregates privileged accounts for specific workload access without the Veeam backup console. Only Veeam backup administrators have console access, if allowed.
- Unprivileged accounts are prevented from modifying and deleting backups: Veeam’s immutability integration with Linux repositories, Azure Blob immutability, AWS S3, on-premises S3-compatible storage, and leading deduplication appliance immutability from HPE and Dell, ensures backups are secure against alterations or ransomware.
- Privileged accounts (including backup administrator accounts) are prevented from modifying and deleting backups during their retention period: Global administrators and backup administrators cannot delete or encrypt backups until the retention and immutability period set within Veeam expires. This protection safeguards against intentional or accidental data loss. Veeam also supports immutability/WORM capabilities (like HPE StoreOnce Immutability for disk and tape) ensuring secure, immutable copies. Veeam also supports a governance mode for backups to help comply with Maturity Level Two, where backup administrators can modify or delete certain backups if required in the case of data leaks.
Our commitment extends beyond just providing tools and solutions. We aim to empower organisations to proactively implement the Essential Eight strategies, helping them build a robust defense against evolving cyber threats.
Additional Resources
Official government-endorsed resources that provide in-depth insights and guidance on these strategies are readily available.
Veeam also offers a range of cybersecurity solutions and resources designed to strengthen your organisation’s defence against cyber threats. From data backup and recovery to threat detection and response, Veeam has you covered.
For additional support and guidance on your cybersecurity journey, don’t hesitate to reach out to our dedicated team of experts or read our related content:
- Comprehensive Guide to Ransomware Protection With Veeam
- 6 Best Practices for Ransomware Protection
- Ransomware Recovery Services