Veeam v11 is a fantastic product, for backing up your virtual environments. Most MSPs, have moved to Veeam to help them manage their customer backups and perform onsite and off-site backup retention.
One failure of Veeam, is that if your network is compromised, and the threat actors get access to domain administrator credentials, they can easily encrypt your systems, delete your backup jobs and delete both your onsite and off-site backups.
So, how has Veeam and the cloud storage providers (S3, Wasabi etc.) worked to protect your data?
In one word, immutability.
Data can be copied into an S3 compatible repository and set a immutability flag to not allow it to be changed for a specific number of days.
This is done via Object Lock, a data protection feature where you can designate certain files or ‘objects’ to be immutable. Using immutable objects ensures that information is immune from accidental or intentional deletion and alteration. This means when the backup lands in your storage cloud it will remain there until the lock expires.
Unfortunately, to set Object Lock requires a new bucket, as you can not add Object Lock capabilities to an existing bucket.
You can also make your primary backups immutable via a Hardened Linux Repository.
Remember! Object Lock and immutable buckets prevent the most common causes of data loss and tampering. This helps our customers:
- Combat ransomware and viruses
- Avoid accidental data erasure
- Ensure regulatory compliance
- Mitigate financial risk and legal exposure
If you want to speak to us on how we can help your organization improve their backups, contact us!