How Service Providers protect your data against common cybersecurity threats

Security challenges for IT professionals and organizations today are multitudinous. Every day we learn of an organization that became a victim to a cybersecurity breach or other malicious event, such as ransomware, essentially putting their business and their customers’ sensitive data at risk. Your infrastructure, networks and data should be protected, and most organizations strive to implement appropriate risk aversion measures and tactics.

Best practices service providers employ to keep your data safe

Veeam Cloud & Service Provider (VCSP) partners have mastered the concept of cybersecurity protection better than most. Service providers often manage complex infrastructures of various sizes and types and have gained mastery through their industry experience and technical education to be able to identify and mitigate these threats.

What a customer needs, what a vendor provides, and what a partner implements determines the ability to best protect and respond to security threats. We work closely with our VCSP partners to educate and assist them while discussing and delivering best practice configurations. Our partners often manage Veeam deployments of various sizes. They often provide DR planning and assistance via replication services. Here are some best practices and common infrastructure configurations VCSP partners use in their customers’ environments and to protect their own infrastructure.

Protecting from ransomware

To protect your most recent backup data from ransomware attacks or other malicious activities, Veeam has introduced features our VCSP partners use to mitigate the threat. Adhering to the 3-2-1 Rule is the recommended configuration to prevent an on-premise issue from affecting remote backups. Typically, our VCSP partners leverage the two methods below to provide this protection.

  • Backup Copy Jobs to Cloud Connect Repositories w/Insider Protection
    • This method provides off-site backups to a storage agnostic target. Insider Protection provides mitigation for, you guessed it, threats from inside your organization or the organization’s data center and network.
  • Scale-out Backup Repositories to Object Storage w/Immutability
    • This method provides off-site backups but only to an Object Storage provider. This could be a public cloud entity or a VCSP partner’s own deployment.
    • Configuring immutability for data stored in Object Storage is a new and exciting capability for Veeam Backup & Replication!

Encryption

  • Backup and Backup Copy jobs can be encrypted at rest. Configuring this option appropriately will prevent unauthorized access to backup files; essentially rendering them useless to a party without the decryption password.
  • Network traffic between backup and replication components can be encrypted via Network Traffic Rules. (All data transferred between public networks are encrypted by default!)
    • Nobody is able to “snoop” on data traffic between Veeam components or remote repositories when configured correctly!
  • Veeam Agent backup jobs are encrypted between source and destination in transmit. We also suggest configuring at rest encryption for their backup jobs!
    • Lots of customers use Veeam Agent for Microsoft Windows to send backups directly to the cloud. These options protect sensitive user data!
    • These options are available for our Linux Agents today and for the upcoming Veeam Agent for Mac!

Protecting your infrastructure

Critical systems, like those running your managed Veeam Backup & Replication infrastructure, should be protected by best practices and the best toolsets! It’s common for VCSP partners to invest in tools that provide:

  • Secure remote access for managed systems
  • Multi-factor authentication
  • Critical infrastructure configured to allow “least privileged” access

You’ll notice the common theme here is all about controlling access. Having multiple secure barriers to entry is the first step in guarding your data.

Partnering with a VCSP partner is simple

Understanding the risks and having a data protection plan in place is the first step in mitigating against cybersecurity threats and attacks. Leveraging IT partnerships can fill the gap between your configured solution and what might be missing. Many customers have differing needs and that’s why Veeam has a network of service providers available to help take the burden of protecting your data off your shoulders. Check out our Veeam-powered BaaS and DRaaS page to learn more and to find a VCSP partner that can guide you to the right solution to fit your needs.

Tim Hudson
Tim Hudson
Tim Hudson is a Solutions Architect for the VCSP engineering team in the US. Tim spent his technical career before Veeam at Service Providers in the Midwest working with virtualization, storage, and network technologies. Today, Tim helps Veeam’s Cloud and Service Providers design and operate their Veeam-powered services.
More about author
Rate the quality of this Article:
5.00 out of 5 based on 7 votes
Please wait...
V10

Better Backup

Faster. Stronger. Smarter

Learn more