Achieving Advanced Cyber Resiliency with the Veeam Data Platform
In today’s digital world, what is the worst fear of any business relying on digital systems and data? Unexpected downtime! Every organization will suffer downtime at some point in time but systems and controls should be put in place to restore the system and/or data rapidly and reliably according to the business’s needs in such an event.
Advanced cyber resilience, which contains cyber security and business continuity management, is the way forward to defend against potential dynamic cyberattacks and ensure your organization’s survival following a cyberattack.
Achieving advanced cyber resiliency
The Veeam Data Platform enables you to respond faster, more accurately and in a more advanced manner to cyberattacks. By improving security and preventing unauthorized access to data and backup systems with secure access. Enhanced reporting and monitoring enable you to identify and detect cyberattacks quickly and enables a fast response to minimize the damage. Once an attack has been successfully dealt with, organizations need to be ready and able to recover their systems and data in an advanced fashion by leveraging automate recovery orchestration.
Fast response to cyberattacks
Dealing with a cyberattack is a disaster every business will inevitably face. Utilizing a monitoring and analytics tool, you can help identify abnormal activity quickly, helping to minimize and mitigate an attack. Veeam ONE provides full visibility into your environment, giving you the tools to proactively manage and monitor data protection status. Veeam ONE monitors the backup infrastructure and its components, allowing you to receive notifications of backup jobs failing, unauthorized changes being made and if components are not configured properly. These alerts can notify you that further investigation needs to happen. Alarms can notify and be set to perform remediation manually or automatically. For example, if the suspicious incremental backup size alarm is triggered you can set an action to “Add job to a SureBackup job and start verification,” this will allow you to quickly check the restore point containing the suspicious increment.
Not only does Veeam ONE have alarms, but it also has reports. Receiving a report daily, weekly or monthly ensuring your machines are protected and meeting recovery point objectives can help you maintain compliance. This allows you to stay secure by always knowing your protection status.
To prevent unauthorized entry to the backup console, Veeam Backup & Replication supports multi-factor authentication (MFA) for additional user verification. A one-time password (OTP) generated in the mobile authenticator application is used as a second verification method. Combined with login and password credentials, it creates a more secure access environment and protects user accounts from being compromised and abused.
To prevent unauthorized entry to the backup console, Veeam Backup & Replication supports multi-factor authentication (MFA) for additional user verification and automatic console session logoff through a configurable console inactivity setting. Worry not if picking up that coffee is taking longer than expected!
You can enable 2FA for individual accounts in the Users and Roles settings of your backup server and enroll in an authenticator application of your choice to receive these one-time codes. Remove any groups in the window and make sure to apply the principle of least privilege to the users listed and give them the correct role to do their job properly.
A one-time password (OTP) generated in the mobile authenticator application is used as a second verification method. Combined with login and password credentials, it creates a more secure access environment and protects user accounts from being compromised and abused.
Just scan the QR-code with the mobile authenticator application of your choice to activate and connect 2FA to the user account.
Another important part of secure access is visibility in any changes being made. Over 90 additional events were added to the Windows Event to track those changes. Log and built-in audit logs are based on customer feedback, including various tasks performed by backup administrators. In addition, whenever a backup server fails to create an event log item, it will now send the corresponding SNMP trap alert to notify users of this situation.
Veeam ONE can show all changes on all backup objects through the Backup Objects Change Tracking report. This report allows backup administrators to get details on recent infrastructure modifications made to target objects so that any unwanted action can be quickly rolled back.
Proven recovery orchestration
When a cyberattack does happen, organizations should already have a disaster recovery plan prepared to address recovery. Orchestrated recovery can help remain compliant and ready for disaster. Veeam Recovery Orchestrator can orchestrate recovery for multiple machines, provide DR testing and equip you with documentation for compliance.
By being able to orchestrate recovery to Microsoft Azure you gain additional business resiliency. This capability is possible for virtual and physical machines running the Veeam Agent. However, when you’re hit with a cyberattack, you need to make sure before you restore that your data is clean, and not also infected. This is where Clean DR comes in. When you run an Orchestration plan in Veeam Recovery Orchestrator you now have the option to scan restore points for viruses, malware and ransomware using Veeam Secure Restore.
By enabling ransomware scan, Veeam Recovery Orchestrator can scan multiple restore points with an antivirus solution. If ransomware is found, you have the additional options to stop the recovery from happening or continue the recovery but to a designated quarantine network. This feature supports several anti-virus solutions in Windows OS. This feature ensures that you’re not restoring compromised systems and/or data back into your production environment.
When it comes to ransomware, it’s not a matter of if, but when. The Veeam Data Platform gives you the ability to stay cyber resilient to defend, mitigate and minimize a cyberattack. Understanding the tools you have in your arsenal to improve security and minimize unexpected downtime can help ensure your organization is defending itself from today’s cyber threats.