The State of Ransomware

As of August 2023, the ransomware threat landscape has rapidly evolved, with an increased frequency and industry-spanning impact that proven devastating to critical infrastructure. Attackers have enhanced extortion tactics and professionalized attack groups, drastically increasing the percentage of affected organizations. This year alone, 86% of organizations reported having suffered a cyberattack — a jump up from the 76% reported the year prior.

Now, more than ever, Veeam reseller partners play a critical role in helping their customers combat ransomware. Luckily, there are many resources available for resellers to their help customers mitigate risk. By following this comprehensive listicle, Veeam resellers can equip themselves with the knowledge and tools to effectively guide their customers through the challenges of ransomware threats and ensure their data’s security and recovery.

1. Navigating Ransomware

Ensure your customers understand what ransomware is and the depth of its potential impact on their organizations. Simply put, ransomware encrypts a targeted user’s files, applications and databases. It demands a ransom for the user to regain access to these files or to prevent sensitive information from being shared publicly or sold to the highest bidder. As the ransomware landscape is continuously evolving, it’s important that resellers and their customers to stay informed on popular methods of attack and update defenses accordingly. For an in-depth look at ransomware, I’ve provided to two educational blogs regarding the many types of ransomware and their most likely targets and common ransomware attack vectors.

Resellers can support their customers with risk assessment and prevention measures. This includes implementing a comprehensive disaster recovery plan, ubiquitous immutability, encrypting/verifying backups, security best practices, proactive monitoring, and much more. Remember, preparation and planning lead to successful recovery — ensuring your customers are following best practices is vital to maintaining a strong security posture. The following article covers everything a user needs to know about ransomware defense.

Ransomware protection is key. Effective ransomware protection strategies encompass a multi-faceted approach, including robust cybersecurity measures, employee training (such as recognizing phishing attempts), regular data backups stored securely offline, and the employment of advanced threat-detection technologies. Such comprehensive protection not only safeguards valuable data, but also ensures operational continuity, financial stability, and the preservation of an organization’s reputation. Here is a link to Veeam’s Ransomware Prevention Kit, which will help your customers learn actionable tactics for their IT departments and prepare for ransomware not as a mythical threat, but as a controlled risk.

2. Creating an Incident Response Plan

Developing a comprehensive incident response strategy is essential to mitigating the impact of a ransomware attack on a customer’s business. Critical aspects of your ransomware recovery plan should include hardening systems, rigorous prevention measures, ransomware detection and response, recovery and restoration measures, and plans to inform relevant authorities and affected parties.

In the event of a ransomware incident, your customers should define roles and responsibilities within their organization during a ransomware incident to act swiftly and effectively against it. A well-structured approach for your customers may include:

An incident response team responsible for coordinating actions.
Technical experts responsible for handling malware analysis and system restoration.
Legal and compliance representatives to navigate legal and regulatory complexities.
Communication roles responsible for managing internal and external notifications.
Regular drills and training to ensure team familiarity and facilitate a coordinated response.

It is best for your customers to have these roles mapped out and predefined before a ransomware strike. Remember, the surest defense against ransomware includes taking proactive measures before an organization is hit. For a further resource on the topic, check out this guide to a six-step ransomware response plan.

3. Utilizing Veeam Solutions for Recovery

Veeam Data Platform continues Veeam’s legacy of exceptional ease in maintaining and restoring backups. Users can initiate a full system restore, individual file retrieval, or even application-specific item recovery with an advanced search functionality that enables users to pinpoint specific files or items for restoration. By making data recovery is a streamlined and stress-free process, not only are resellers ensuring that their customers are safeguarded against ransomware, but they are increasing operational efficiency and reducing the burden of day-to-day administration. This creates a defensive bastion against ransomware that is capable of realizing the full potential of your customer’s data protection efforts.

Ensuring that your customers are leveraging immutable backups for added protection against ransomware is also vital. Doing so prevents unauthorized modifications or deletions of backup data during predefined retention periods. When used in combination with traditional backup methods, immutable backups offer heightened ransomware resiliency through a host of benefits, including data integrity and security, reliable disaster recovery, and the preservation of historical data.

4. Post-Incident Recovery and Analysis

As devastating as they can be, ransomware attacks provide keen insights into an organization’s defenses, providing an excellent opportunity for learning and improvement. A thorough investigation into a ransomware attack allows organizations to dissect the attack’s tactics, techniques and entry points — thus allowing them to better understand their vulnerabilities, enhance their security posture, and develop more effective strategies to prevent future breaches.

Whether your customers are using replicated VMs from backups, recovering from storage snapshots, recovering from fast-performing repositories, or utilizing failover capabilities, your customers have the chance to learn from the experience and prevent future attacks.

To see how other organizations have safeguarded against ransomware, here’s a catalogue of customer success stories.

5. Proactive Client Engagement

Resellers should educate their customers on various ransomware risks and prevention strategies. By raising awareness about the evolving nature of cyber threats and the devastating impact of ransomware attacks, resellers can empower their customers to take proactive measures. Through an informed education, customers can learn to:

Identify suspicious emails, practice safe browsing habits, and keep strong password practices.
Understand the significance of regular software updates.
Seek out and implement a specifically tailored backup and recovery strategy.

Further, your customers may not be in the habit of conducting vulnerability assessments. Identifying potential weak points in a customer’s security posture is an important step in preventing potential breaches or ransomware attacks. Habitual vulnerability assessments may seem tedious to your customers, but it’s imperative that resellers emphasize the long-term benefits of maintaining a vigilant security structure — and the potential damages to their customer’s organization, should they choose otherwise.

6. Customizing Veeam Solutions for Resilience

Customizing Veeam solutions to match specific backup and replication needs involves utilizing the platform’s versatile features to create a tailored approach. To begin, customers can:

Define custom backup jobs with unique schedules, selecting the frequency and timing that align with their data’s criticality.
Fine-tune retention policies to determine how long backup copies are kept, accommodating compliance and archival needs.
Exclude non-essential data from backups with Veeam’s advanced settings, optimizing efficiency for more granular control.
Implement custom pre- and post-job routines for specific actions through Veeam’s built-in scripting capabilities.
Configure replication jobs with specific RPOs for different VMs to adapt replication strategies.
Enable tailored replication to off-site locations without impacting network resources with Veeam’s WAN acceleration and traffic throttling.
Integrate Veeam’s SureBackup feature, which automates testing of backups to ensure their recoverability.
Replicate data to various destinations — whether on premises, in the cloud, or in hybrid environments — to best align with their disaster recovery preferences.

Veeam’s flexible configuration options enable customers to adjust backup and replication strategies to their precise requirements, which provides customers with a robust and efficient data protection approach and allows them to construct multi-layered defense mechanisms.

7. Continuous Monitoring and Optimization

Regularly testing backup and recovery processes ensures that your customer’s backup infrastructure remains reliable and capable of swift data restoration. This practice identifies any vulnerabilities or gaps in their backup infrastructure, allowing for timely adjustments before a ransomware crisis occurs. By simulating recovery scenarios, organizations can validate the recoverability of their data, applications, and systems, minimizing downtime and ensuring business continuity.

Staying updated with the latest features and enhancements offered by Veeam is equally essential. In doing so, organizations can leverage new tools and functionalities designed to enhance data protection, improve performance, and respond effectively to emerging risks. Veeam often introduces innovations that streamline processes, optimize resource utilization, and bolster security measures — all of which contribute to a more resilient backup and recovery environment.

Continuous monitoring and optimization. Regularly testing guarantees preparedness for unforeseen events, while staying up to date with Veeam’s latest offerings ensures that organizations are equipped to tackle evolving challenges, safeguarding their data and maintaining operational stability.

8. Training and Workshops for Customers

Offering educational resources and workshops goes beyond simply installing security software for your customers — it equips them with the knowledge and skills needed to be proactive in their defense against ransomware attacks. By enhancing awareness, imparting practical skills, and offering clear response frameworks, resellers can help their customers fortify their defenses against ransomware and contribute to a more secure digital environment.

Workshops provide a platform for hands-on learning, which allows customers to simulate real-world scenarios and practice appropriate response actions. Resources such as those found at Veeam University or through Veeam’s Hands-on Labs are helpful, and will prepare customers to address various cloud data management scenarios and build confidence that they can execute their data protection strategies effectively.

Providing playbooks and guidelines for effective response further enhances your customers’ preparedness. These resources offer step-by-step instructions for containing and mitigating ransomware incidents, minimizing their potential impact. Playbooks detail communication protocols, escalation paths, and recovery strategies, ensuring that customers know exactly how to respond in the event of an attack. This accelerates response times, reduces confusion, and mitigates the risk of making critical mistakes during a crisis.

9. Case Studies and Success Stories

Part of a collaborative education between resellers and their customers includes providing real-world examples of successful ransomware mitigation strategies. I’ve provided a few brief examples of how companies around the globe have used Veeam solutions to minimize — or completely negate — the impact ransomware has had on their organization.

Carnes Viba, a food production and distribution company in Monterrey, Mexico, took proactive steps in utilizing Veeam-powered services to bolster their backup strategy. In June 2021, Carnes Viba was hit by a ransomware attack that encrypted its entire production environment — but, in a matter of hours, the company was able to fully recover their data from the cloud through a Veeam Cloud & Service Provider. There was no ransom payment and Carnes Viba avoided losing millions of pesos due to downtime.

The City of Sarasota adopted Veeam Availability Suite to help them recover from devastating flooding after a hurricane, backing up a number of valuable city services and records. A year later, the city was attacked by cybercriminals, who encrypted many of the city’s file servers and demanded $34 million in Bitcoin. Rather than pay the ransom, the City of Sarasota recovered using Veeam and successfully avoided a $34 million dollar ransom with zero impact on city services or residents.

Enloe Medical Center, a Level II trauma center in Chico, California, adopted Veeam Backup for Microsoft 365 with the intent of streamlining data restore times and boosting operational efficiency. They ended up saving 20 hours per week on backup administration and cutting restore times from two weeks to one hour. When Enloe experienced a cyberattack, they had 25% of their critical systems back online within 48 hours, 75% in 96 hours, and 95% within two weeks — all without paying a ransom.

What is to be learned from these stories is that Veeam-powered services not only bolster an organization’s day-to-day operational efficiency, but also provide a framework for organizations to recover from the inevitable cyberattack. Once again, you can check out the catalogue of success stories here.

Conclusion

Veeam resellers maintain a pivotal role when it comes to their customers’ ransomware defenses. It is through a collaborative effort between Veeam resellers and their customers that the most effective defense strategies can be forged.

By educating customers and enabling proactivity, both parties ensure a robust defense against ransomware and its devastating consequences. Veeam provides many useful resources — use them! Resellers should not underestimate the impact they have on the success of their customers’ data protection strategies.

The ransomware landscape is dynamic and ever-changing. By arming your customers and encouraging robust security disciplines, Veeam resellers and their customers can remain at the forefront of defense, equipped to counter new challenges and safeguard digital assets with unwavering resilience.

Blogs:

Success Stories:

Resources:

The post Empowering Veeam Resellers: A Guide to Ransomware appeared first on Veeam Software Official Blog.

Summary

Ransomware attacks are on the rise and affected up to 85% of companies surveyed in 2022. While some companies chose to pay the ransom, a significant number of those companies still failed to get their data back, and several fell victim to a second attack. Ransomware can cripple a company, so it’s essential that you prepare by implementing strong cybersecurity measures, a comprehensive backup strategy and a robust incident response plan. Companies should rigorously check backup integrity and practice their incident response. They must know how to recover from a ransomware incident as quickly and effectively as possible.

Learn more about ransomware best practices and how to protect your organization.

What is Ransomware Recovery?

One of the biggest threats facing businesses today is ransomware. According to the 2023 Data Protection Trends report, the number of companies successfully attacked increased from 76% in 2021 to 85% in 2022. Staggeringly, only 55% of encrypted data was recoverable. On average, affected companies lost 45% of their data.

Several types of ransomware exist. Generally, cybercriminals lock users out of their machines and encrypt data to extort substantial sums of money. Scareware and doxware are other types of ransomware that threaten to leak private information unless victims pay a ransom.

Ransomware recovery is a set of deliberate actions companies take to mitigate the impact of ransomware attacks. Based on the assumption that hackers will succeed in encrypting company data, organizations implement a system of immutable data backups and configuration snapshots that allow them to rebuild their systems. Successful ransomware recovery depends on the effectiveness of an organization’s backup and data protection processes and what was affected during the ransomware attack.

Prepare for Ransomware Attacks

Ransomware preparation is part of business continuity planning and the risk of an attack is high. A successful attack could cause significant data loss and the inability for your business to continue as an ongoing concern.

Preparation for a ransomware attack requires a comprehensive recovery plan. This plan should be regularly reviewed and thoroughly tested. It should incorporate ransomware prevention best practices, including strong cybersecurity measures and a comprehensive backup strategy.

Implement Strong Cybersecurity Measures

Your first step should be to harden your network against unauthorized access and securing your systems from hackers. Key steps include:

Endpoint protection. Secure all endpoint devices like laptops, virtual machines (VMs), servers, embedded devices and mobile devices. Implement multi-factor authentication (MFA), enforce strong password policies and encrypt your data. Install endpoint security software and adopt Zero Trust security principles.
Network security. Protect your network from unauthorized access. Use robust firewalls to protect against hackers. Use virtual private networks (VPNs) to segment your network and minimize the extent of a security breach.
Email security. Implement advanced threat protection solutions to protect user accounts. Train users on email security and how to recognize signs of phishing attacks.
Patch software. Promptly install software security patches to minimize the risk of hackers exploiting vulnerabilities.

Create a Comprehensive Backup Strategy

Hackers recognize the importance of backups and specifically target them and backup servers. Create a secure and comprehensive backup strategy and consider these points when developing your own backup plan.

3-2-1-1-0 Rule: This is an evolution of the original 3-2-1 backup plan. It calls for three backups in addition to the original data. You should keep your backups on at least two different types of media, with one copy offsite and another offline. The zero in this version of the rulemeans you should check your backups to verify there are no errors.
Backup type: Your backup strategy can include full, incremental or differential backups. Typically, full backups are performed weekly and incremental or differential backups are done daily. An incremental backup is a separate backup that stores all changes since the last full or incremental backup. A differential backup is slightly different, since it backs up all changes since the last full backup. Its size increases with each differential backup.
Offsite and cloud-based backups: At least one set of backups should be offsite, either on a remote hardened server or in a secure cloud facility like Amazon S3 cloud object storage.
Immutable backups: Backups should be immutable. This means they are read-only and cannot be changed or deleted, usually for a predetermined period. Immutable backups offer better protection against ransomware.

How to Detect Ransomware Incidents

Early detection of a ransomware infection is crucial and can prevent a full-blown ransomware attack. A ransomware attack goes through several stages. This includes initial entry or infection, reconnaissance and staging and, finally, data encryption. If you can detect this activity, you can isolate the affected machines and minimize the impact of an attack. Here are three techniques to help:

Identify ransomware symptoms and indicators. Early symptoms of an attack often include unusually high CPU activity and high read and write activity on hard drives.
Monitor and analyze network anomalies. Signs of malicious activity include unusual network traffic, traffic spikes, reduced network bandwidth and abnormal network requests.
Use security information and event management (SIEM) solutions: By using machine learning techniques, SIEM software analyzes event log data to identify threats and suspicious activity in real time.

What to Do When Responding to Ransomware Attacks

Respond promptly and decisively to a ransomware attack. The quicker your response, the better, especially if you can act before the bad actor encrypts your data. Here are five steps you can take to respond:

Implement your incident response plan: Immediately activate your ransomware containment, isolation and response plan and notify senior management and all responders.
Isolate and contain infected systems: Determine which systems are infected and isolate them from your internal network and the internet. Take snapshots and system images of all your infected devices.
Notify relevant authorities and law enforcement: Depending on your jurisdiction, you must report the attack to regulatory authorities and law enforcement like the FBI or CISA.
Engage with cybersecurity expert external support: Contact specialist IT support and cybersecurity companies like Veeam for ransomware emergency response support.
Evaluate legal and ethical considerations in your ransomware incident response: Determine and inform all affected parties. Establish the legal consequences of data protection, privacy laws and your ethical responsibilities.

Ransomware Recovery Strategies

Your recovery strategy can be influenced by several factors, including:

The time it will take to recover
The financial impact on the business
Threats to release confidential data unless a ransom is paid

Here we explore several options, including using backups, paying the ransom, ransomware decryption tools and ransomware service providers.

Restore Data from Backups

Data restoration: Restoring data from Veeam backups is a relatively straightforward process. You have a choice between restoring to your original servers or restoring to a VM. This second option means that you can recover quickly from a ransomware attack while your IT team works to clean up and reinstall your servers. Veeam lets you create a replica from your backup and configure a VM that can failover in the event of a ransomware attack. Other recovery options include snapshots and flash-based repositories.
Ensure data integrity and verification: It is crucial that you ensure your backups are not infected and are still usable. For example, Veeam’s secure restore function automatically performs a virus scan of your backup images before the restore completes.
Recovering data from immutable backups: You cannot alter immutable backups during the immutability period, which protects you against ransomware. Immutable backups provide significantly greater immunity to ransomware attacks.

Explore Paying the Ransom

The decision to pay the ransom is always difficult and affected companies need to weigh the risks and consequences of paying it. While the FBI does not support paying a ransom, the 2023 Ransomware Trends Report from Veeam shows that 80% of victims still decided to pay it. Reasons for negotiating with ransomware operators include:

Encrypted backups. You may not have access to clean backups. The report suggests that ransomware attacks affected 75% of backup repositories.
Opportunity cost.You lose money and credibility every day your company is out of action. The total restoration costs could be greater than paying the ransom.
Confidential data. The threat to release damaging and confidential data is real, and you may feel it’s safer to pay the ransom and recover that data.

There is ample evidence to suggest that paying the ransom is not the end of the story, however. Of those who paid the ransom, we found that 25% still did not recover their data. Plus, 80% of companies that paid the ransom were hit by a second ransomware attack later on.

Companies should investigate options that eliminate any possible need to pay the ransom.

Utilize Decryption Tools and Techniques

Sometimes, it’s possible to decrypt ransomware files and success largely depends on the type of ransomware and the availability of suitable tools. Kaspersky, Avast and Bitdefender have decryption tools to help with some kinds of ransomware. However, the most successful cybercriminals use strong encryption methods with 128-bit and 256-bit encryption tools. It is almost impossible to break this level of encryption. However, experts have discovered flaws in certain forms of ransomware that allow users to decrypt their files.

Work with Ransomware Recovery Services

If you want to decrypt your files, it may be better to work with a professional ransomware recovery service provider. Some companies have developed an enviable reputation for this, while others have not. So, before engaging with these services, evaluate their expertise. It’s best to deal with reputable professionals who will assess your situation and give an honest answer to whether they can recover your data. The best service providers have global operations with multiple research labs. That said, these services are expensive, and there’s still no guarantee you will get your data back.

Best Practices for Ransomware Recovery

Despite all the pitfalls, you can still recover from a ransomware attack. Here are four ransomware recovery best practices that can make the difference between success and failure.

Test and validate backups: Backups are no good if they don’t work. Regularly run validation tests to check for corruption, viruses or malware. Mount backups on a VM and make sure they work.
Prepare a ransomware incident response plan: Have a detailed incident response plan that defines specific responsibilities. List the steps your team must take to recover before an event actually happens.
Simulate and practice ransomware recovery: Check your plan by simulating a ransomware incident. Prevent disrupting services by using an offline VM. Practice your recovery process until everyone knows what to do.
Train staff on ransomware prevention tactics: Train your staff to recognize phishing attacks and other tactics used by cybercriminals.

What to Do After a Ransomware Attack

In the aftermath of an attack and once you have recovered, conduct a detailed postmortem examination to analyze what happened.

Assess the impact and extent of the ransomware attack: Conduct a post-recovery evaluation. Discover the full extent of the attack and measure its impact in terms of downtime and financial losses. Identify how the hackers gained access and establish if the hackers succeeded in compromising your backups.
Address vulnerabilities: Identify and fix all hardware and software vulnerabilities. The, retrain your employees.
Strengthen security: Harden your systems and review permissions. Set up extra VPNs to better isolate systems. Implement MFA practices.
Implement long-term risk mitigation strategies: Link up with cybersecurity organizations like NIST and CISA. Learn how to reduce your risk, enhance security and protect your systems.

Conclusion

Ransomware recovery is feasible. It’s inadvisable to pay the ransom, since most companies that pay a ransom still don’t recover all their data. The important factor behind a successful recovery is proper preparation for ransomware attacks. This includes implementing strong security measures and having a proper backup strategy. You need a coherent ransomware response strategy and a thoroughly trained team, and early ransomware detection is key. Another factor is having a strong backup strategy with multiple immutable copies. Equally significant is realizing the need for continuous improvement so you can adapt to evolving threats.

Find out more about ransomware recovery by listening to this short 2023 Ransomware trends video series. These videos show, in practical terms, how to prepare for and recover from a ransomware attack.

Salesforce Security and Compliance

Keep your inner circle small with single sign-on (SSO) authentication for console users, which allows product administrators to provide users with easy access to the console as well as grant them appropriate roles for their scope of operations. Administrators also have the option to limit single sign-on to a specific Salesforce domain. Multi-factor Authentication (MFA) is supported if the option is enabled for an organization. To further address compliance needs we have enabled an audit policy with configurable retention that will record all operator logins and operations.

Sandbox Seeding

Our most requested addition, sandbox seeding allows the loading of data or replicating production data to a sandbox for troubleshooting or development purposes. Our new restore wizard allows you to specify the source and the target Salesforce Org, with the option to seed data to a new sandbox in only a few clicks, what could be better?

Salesforce Government Cloud

Maintaining compliancy is mandatory for U.S. federal, state, and local government customers, as well as U.S. government contractors. Salesforce Government Cloud is a instance of Salesforce specifically for use by these agencies. Veeam Backup for Salesforce v2 is interoperable with Salesforce Government Cloud, so customers can deploy Veeam Backup for Salesforce in a secured, compliant environment, and use new custom domain configuration in backup policies.

Salesforce Business Apps

V2 now protects data and metadata for native applications like Salesforce Field Service, Person Account, CPQ, Education Cloud Architecture (EDA) or any unlocked packages, as well as user-generated data and custom metadata from managed packages on the Salesforce platform.

Backup

We have refined our backup engine so that backup performance is measurably increased and as a result, users will enjoy reduced API consumption overall. Those improvements make Veeam even more capable of backup for all organizations and especially those with billions of records. File backups and restores have been extended to additional content types such as FeedAttachment, ContentNote, and ServiceReport, and backup schedules now include time zones.

Restores

It is now available during restores to set alternate keys for objects to avoid running into duplication errors. Large file restores are available for files up to 2GB, and data filter validations in restore wizards have been improved when you need to specify several picklist values or have specific Salesforce ID’s to filter.

Already a Veeam Backup for Salesforce user? All it takes is one click in your dashboard to update to V2.
Don’t think you need a Salesforce backup? Check with your Salesforce admin and see if they have a fast-working plan to recover when data goes missing.
Still looking for a reason? Read our latest customer story on how Ducks Unlimited Canada saved $1 million in IT costs.

Veeam Backup for Salesforce is available today. You can find our free 30-day trial HERE.

Related Resources

Want to learn more about Salesforce backup and recovery? Download our latest resources:

The post Introducing Veeam Backup <i>for Salesforce</i> v2 appeared first on Veeam Software Official Blog.

If you’ve bought into or heard the idea of hybrid cloud merely being a precursor to a full cloud approach, you can move on from that thought. Thousands of organizations are using hybrid cloud as their permanent cloud solution. In fact, almost 50% of all workloads are now hosted on the public cloud.

Knowing that, most cloud providers find that their existing tools meant for physical and virtualized environments on premises aren’t effective or compatible with their new hybrid cloud architecture, forcing them to add yet another backup tool. That’s why the default for cloud backup over the past 10-or-so years has been a native snapshot of the service, with 61% of organizations still relying on snapshots alone today.

That’s just not enough. Your hybrid cloud backup strategy must include a solution that provides true backup with layered security and a hybrid and multi-cloud ready set of capabilities. Managing data across multiple environments presents many challenges, including:

Redefining what IT means in your organization through training, upskilling staff, adding new staff and setting new requirements and expectations.
Keeping a balanced approach to data backup and integrity by avoiding an “only local data is safe data” mindset.
Maintaining ownership of your data so you can back it up to wherever you want, on your terms.
Striving for a single, flexible backup solution, rather than forcing all your disparate data into one specific (and therefore inflexible) mold.

Download our e-book, Hybrid Cloud Backup for Dummies, today to explore solutions to these challenges, including how to ease management complexities, lower costs and avoid lock-in by deploying centrally managed, purpose-built backup and recovery for each of your environments.

Understanding Hybrid Cloud Backup

Hybrid cloud backup approaches the problem of not just preserving your data from threats wherever it lives, but ensuring that it isn’t corrupt. Relying on cloud-provider uptimes isn’t enough. If you have a database go bad and get replicated across regions, availability zones or platforms, it’s a backup that enables you to recover what was corrupted. The best way to ensure the cloud platforms of your hybrid cloud architecture is protected and secure is to select and utilize a singular solution for data backup.

This is why adopting a hybrid cloud backup strategy is so important. An effective data strategy must be flexible enough to support an evolving business, and should open options to you, not close them off. Here are some key benefits of adopting a hybrid cloud backup strategy:

Flexibility is critical when it comes to operating in ever-evolving hybrid and multi-cloud environments, and it’s equally important when it comes to all the varying approaches to protecting, storing and recovering data.

The Need for Purpose-Built Backup and Recovery

You need purpose-built backup and recovery. The difference between data backup and data resilience is simple: Data resilience attempts to make your data — current, as it stands, right or wrong — less likely to be deleted or vanish. Data backup approaches the problem of not just preserving your data but ensuring that it isn’t corrupt. However, no two platforms are created the same; the way a cloud database can and should be protected is different to an on-premises virtual machine (VM). That’s why the importance of deploying purpose-built backup for each of your environments can’t be emphasized enough. The best way to manage and protect data across a hybrid cloud is to select and utilize a singular solution for backup and recovery that is still native to each of the environments you intend to protect.

Ensuring Comprehensive Data Protection

On-premises and cloud-based data protection strategies should adhere to the 3-2-1-1 Rule. Specifically, in an on-premises case, data stored locally should have multiple copies backed up and at least one copy stored offsite. You need protection that is flexible and able to encompass your VMware, Windows Server, Oracle DB and more, and provides the centralized management needed to protect edge devices with ease. The ability to send backups between the cloud, an on-premises data center, or the edge is critical — and having a backup solution that makes that process seamless ensures you have the most robust data protection strategy.

Now, if you’re lift-and-shifting a workload to Infrastructure as a Service (IaaS), refactoring to a cloud database, building a net-new application in Platform as a Service (PaaS), or even executing a transformational project via Software as a Service (SaaS), your backup solution needs to natively back up and recover cloud data all from the same platform. In the case of cloud hosted workloads, an image-based backup of snapshots is stored in object storage, ensuring three copies (production, snapshot and backup) on two media (disk and object storage). Because backups are increasingly becoming the target for ransomware, having backup data that is immutable and cannot be encrypted, changed or deleted helps organizations have a clean set to resume operations in the case of an attack.

Advantages of Hybrid Cloud Backup

We can argue that traditional approaches to backup are not really backups at all for the following reasons:

Security: Snapshots aren’t often stored independently of the data it is seeking to protect. So, if a production workload were compromised by ransomware, for example, the snapshot would also be compromised, rendering us with nothing to recover from.
Recovery: This is the reason why we backup. While recovery of an entire instance from a snapshot can be fast, it is not flexible enough for most day-to-day recovery scenarios.
Hybridity: Almost every organization is now hybrid or multi cloud. Snapshots are limited to a single platform, rendering organizations with multiple point products that are complex to manage, costly and lack feature parity.

The advantages of a flexible, hybrid cloud backup solution can’t be understated. The right solution should provide:

End-to-end layered security: Logical air gap of backups from production, least-privilege access controls and immutable backups for resiliency.
Fast, reliable recovery: Offering a broad scope of support for granular and full-instance recoveries, in and out of the cloud.
Hybrid and multi-cloud ready: Standardized data protection across platforms, with built‑in centralized management, observability and portability.

These features give you the confidence to recover any workload even with the management of separate infrastructure teams, separate toolsets and separate policies, if needed. This helps you establish organization-wide standards across hybrid environments, thanks to policy-based backup settings, consistent monitoring and reporting outputs, and a platform with operationally consistent backup and recovery technologies — all of which adds up to less overhead in backup management, lower software and storage costs, and the risk mitigation needed to keep your recovery confidence interval high.

Retaining Ownership and Control of Data

While you shouldn’t be afraid to store data in the cloud, you should still be cautious to ensure you own your data is protected. That means you control where it’s stored now and in the future, how it’s replicated, and where your backup solution stores artifacts. Back up your data to where you want, on your terms.

To accomplish this, you need a nonprescriptive approach to hybrid cloud backup that eliminates lock-in and lock-out, so you have the freedom to host data where it best suits your organization. Cloud mobility enables you to recover, migrate and back up data to, from, and between clouds, while portable universal licensing takes the headache out of license redundancy and management.

Simplifying Management Complexities

Your plan should be less about the mechanics of a particular data model and more about selecting a provider and set of capabilities that address your current and future data needs. Inherent to a good selection here is support for disparity. Here are just a few valuable questions that you’ll want to ask:

Are there are data model limitations? You want a “no” answer, here. Assume that the one unsupported data model will always be the one you’ll need most on your next project.
Can heterogeneous data be treated as homogenous in backup? That’s a mouthful, but it boils down to this: You want your backup solution to allow you to treat data as data, not as “structured data,” “relational data” or “object data.”
Can data be backed up from anywhere in its flow? Obviously, you should be able to back up data from where it ultimately rests (such as a database). But can you also take snapshot backups from transient data or as data moves from one instance to another?

Ultimately, the best solutions give you the most powerful tool you’ll ever have and the freedom to make choices that are right for your organization. Streamline management by leveraging automation and orchestration tools that allow you to activate backup and recovery processes from across your environments at the push of a button. Hybrid cloud backup allows you to stay data-model and cloud-infrastructure agnostic so you can truly own your data and manage it no matter where it resides.

Encouraging Data Privacy and Compliance

As we move workloads to the cloud, we are always relinquishing some degree of ownership and control of our data. After all, the cloud is just someone else’s data center. For industries that aren’t heavily governed or dealing with sensitive data like Protected Health Information (PHI) or Personally Identifiable Information (PII), this might not be an issue. For others, like those in healthcare, finance, retail and more, the considerations are significant. It is critical that you assess the rules and regulations governing how, when and where you protect and store your data, and whether the tool you are assessing or using can adhere to that. In the cloud, this generally pertains to:

Data residency: Where the data is physically stored and keeping it within borders.
Data privacy: Safeguarding sensitive data through access control.
Data retention: How long data should be retained and, ultimately, deleted.

Conclusion

Your selection and configuration of hybrid cloud often has a symbiotic relationship with your selection of data strategy — as well as the partner and backup tools that are attached to that strategy. That’s why it’s important to keep in mind that your backup solution should provide layered security, fast and reliable recovery, with a hybrid and multi‑cloud ready approach, so you are prepared for anything.

For even deeper insights and implementation of hybrid cloud backup data protection strategies, get started with Hybrid Cloud Backup for Dummies.

The post Hybrid Cloud Backup for Dummies: Data Protection E-Book appeared first on Veeam Software Official Blog.

Protecting What Matters Most

For as long as I can remember, I’ve always been fascinated by I.T. From early 8-bit home computers to modern PCs, I’ve always loved working with technology. By my teenage years, I’d become the go-to I.T. support expert for my friends and family – helping them fix their computers and back up their invaluable photos and documents.

Fast-forward a few years and I found myself about to graduate from university (naturally, in an I.T. related subject!) and thinking about what to do next. When the opportunity arose to teach English at a school in Japan, I jumped at the chance to see more of the world while I decided on a career.

Following a Passion

For the next three years, I taught English at a high school in Japan. I quickly realised that digital tools and multimedia were a brilliant way to engage my students. Before too long, I convinced the school to use laptops in their classrooms – a concept that was somewhat rare at the time. Additionally, I built a number of computers from scratch for the school and it was immensely rewarding to provide a platform for students to have safe, supervised internet access during their free time. From this point on, I knew I.T. would always be a major part of my future and I spent the following year in Tokyo, immersed in the latest tech.

The author during his time living in Japan.

Ever since, helping people to protect data has been at the heart of what I do. After honing my skills at a series of London accountancies, I moved to Mishcon de Reya LLP – one of the UK’s leading independent law firms.

Keeping Pace With Evolving Threats

Since joining Mishcon de Reya, I’ve seen data protection evolve dramatically as a discipline. Both companies and criminals alike have come to realise just how valuable a commodity data is.

For a law firm like mine, defending against cyberattacks such as ransomware has never been more important. Our fee-earners utilise a variety of platforms to work on complex and sensitive matters, and any data breach would represent a major regulatory and reputational risk.

To help ensure that such a breach never happens, we’ve made Veeam the cornerstone of our data protection strategy. With the Veeam Data Platform, Veeam Backup for Microsoft Azure and Veeam Backup for Microsoft 365, we protect our data and systems on-premise and in the cloud. We can reliably backup and encrypt our data automatically, at intervals based on the criticality of each system. If the worst were to happen, we know that all our mission-critical systems are easily recoverable with Veeam.

Safeguarding a Global Business

One thing I take great satisfaction from in my job is that I get to protect data throughout its entire lifecycle: from the moment it’s created to the time it’s deleted (in accordance with our retention policies, of course). There’s so much to consider with this process: the services where the data resides, the networking in between, the compute you have available, and the endless possibilities for tuning and efficiency when backing up and recovering within tight timescales.

I greatly value our relationship with Veeam because they are always developing and looking for smarter, more cost-effective ways to protect and restore data which is also a passion of mine. For example, whenever Mishcon de Reya sets up a new office, whether in the UK or anywhere in the world, Veeam makes it so quick and easy to bring those systems into our central data protection solution.

The Veeam product suite makes everything seamless, so for the majority of the business and our users, most of our data protection services are completely invisible. But, whenever Mishcon de Reya needs Veeam, the solution is there for us. When our solicitors ask for help, they’re often surprised to learn that not only can I restore accidentally deleted files, but I can even restore different versions of those files going back six months or more in mere minutes.

Bringing Data Protection Home

Today, I’m still the go-to I.T. expert for my friends and family. The big difference is that I can bring everything I’ve learned from a long career in enterprise data protection to help them automate the protection of cherished photos, videos and other important data. And what’s more, I’m doing it with Veeam.

A few years ago, I built and installed some lightweight servers running Veeam Backup & Replication Community Edition in the homes of several family and friends and networked them together via their household broadband connections. This allows us to automatically back up each household’s data to another householder’s server. Effectively, we’re bringing Veeam enterprise-class data protection capabilities right into their homes!

If you want to find out how Veeam can protect your data from ransomware, you can request a custom demo.

The post From Tokyo’s Tech Scene to the London Legal Sector: What I’ve Learned on My Data Protection Journey appeared first on Veeam Software Official Blog.

Introduction

Why Every Organization Needs Microsoft Teams Backup

In today’s digital age, data is one of the most valuable assets for any organization. Microsoft Teams, as a leading collaboration platform, holds a wealth of information, including chat history, shared files and posts. The loss of this data can have severe consequences, including operational disruptions, loss of productivity and potential legal and compliance issues. Therefore, every organization needs a robust backup strategy for Microsoft Teams to ensure data availability and business continuity.

The Rising Use of Collaboration Tools

The use of collaboration tools like Microsoft Teams has surged in recent years, driven by the increasing need for remote work and team collaboration. As organizations rely more on these tools for communication and collaboration, the volume of data generated and stored in these platforms has also grown exponentially. This makes it even more critical to have a backup strategy in place to protect this valuable data.

Understanding Microsoft Teams Backup

Why Backing up Microsoft Teams Is Crucial

Backing up Microsoft Teams is crucial for several reasons. It ensures data availability in case of accidental deletions or cyberattacks like ransomware. It also helps organizations meet compliance requirements by retaining data for a specified period. Moreover, a backup strategy provides peace of mind, knowing that critical data is safe and can be quickly restored if needed.

How Data Works in Microsoft Teams

They key to understanding how to protect Microsoft Teams data is by first understanding the data structure. It’s important to note that Microsoft Teams is not a self-contained application, Teams acts as an abstraction layer that brings data together from many Microsoft applications. For instance, contacts and calendar meetings in Teams actually reside in Exchange Online. Teams files, tabs, and OneNotes saved in SharePoint are stored in SharePoint Online. Lastly, chat files are store in OneDrive for Business.

How Backup Differs From Archiving

Backup and archiving are often confused, but they serve different purposes. Backup is the process of creating a copy of data for recovery in case of data loss, while archiving is the long-term storage of data for historical or compliance purposes. Backups are typically stored for a short period and replaced with newer versions, whereas archives are retained for extended periods. Both backup and archiving are essential for data protection, but they should be managed separately.

Practical Tips for Microsoft Teams Backup

Comprehensive Backup Strategy Considerations

A comprehensive backup strategy for Microsoft Teams should consider factors such as backup frequency, data retention policies and storage location. It should also include a recovery plan outlining the steps to restore data in case of data loss. Regular testing and verification of backups are essential to ensure their reliability.

Overcoming Common Backup Challenges

Common backup challenges include data fragmentation, slow backup speeds and limited storage capacity. Overcoming these challenges requires a combination of best practices and the right backup solution. For example, using incremental backups can reduce backup times and storage requirements. Additionally, selecting a backup solution with features like deduplication and compression can further optimize the backup process.

Key Features to Look For in a Backup Solution

Earlier we mentioned the importance of understanding the data structure in Microsoft Teams. The reason for this is that many legacy backup solutions will only protect Microsoft Teams via the sources themselves (Exchange Online, SharePoint Online and OneDrive for Business). When selecting a backup solution for Microsoft Teams, you need to ensure that you can protect not only the data within the sources but also the critical metadata and Teams configurations, like the settings, members and team structure. This will also allow you to restore teams, channels and tabs quickly and with granularity. It’s worth mentioning, you should make sure your backup vendors is leveraging the latest APIs, such as the Microsoft Graph Explort API for Teams, allowing for efficient data protection of Teams chats.

Challenges and Solutions

Common Pitfalls in Teams Backup

Common pitfalls in Teams backup include inconsistent backup schedules, lack of testing and inadequate data retention policies. These pitfalls can lead to incomplete or unreliable backups, making data recovery difficult or impossible. Avoiding these pitfalls requires a well-defined backup strategy, regular testing and adherence to data retention policies.

Tips to Ensure Seamless Data Recovery

To ensure seamless data recovery, regularly test the recovery process and verify the integrity of backups. Maintain clear documentation of the backup and recovery procedures, including contact information for key personnel. In case of data loss, follow the documented procedures and communicate with stakeholders to minimize disruptions. Make sure you’re also working with a vendor that provide you all the Microsoft Teams recovery options you think you’ll need, whether restoring channels to the original location or providing self-service restore options of an entire Team.

Backup and Data Protection Best Practices

The Importance of Regular Backups

Regular backups are essential for data protection and business continuity. They ensure that the most recent data is available for recovery in case of data loss. The frequency of backups should be determined based on factors such as data change rate, data criticality and recovery objectives.

Testing Backup and Recovery Processes

Testing the backup and recovery processes is crucial to ensure their reliability. Regular testing helps identify and address issues before they impact data recovery. It also provides an opportunity to train personnel and refine the procedures.

Conclusion

Microsoft Teams backup is essential for data protection and business continuity. A comprehensive backup strategy, combined with best practices and the right backup solution, can ensure data availability and seamless data recovery. Regular testing and adherence to data retention policies further enhance data protection and compliance.

By following the guidelines outlined in this ultimate guide, organizations can ensure that their Microsoft Teams data is protected and readily available for recovery in the event of data loss. This not only enhances business continuity but also provides peace of mind to organizations and their stakeholders.

In a world where data is increasingly valuable and the use of collaboration tools like Microsoft Teams continues to rise, having a robust backup strategy is no longer optional. It is a critical component of any organization’s data protection and risk management efforts.

By understanding the importance of Microsoft Teams backup, the different data types involved, and the distinction between backup and archiving, organizations can make informed decisions about their backup strategy. By following practical tips, overcoming common challenges and adhering to best practices, organizations can ensure seamless data recovery and compliance with data protection standards.

In conclusion, Microsoft Teams backup is an essential aspect of data protection and business continuity. By implementing a comprehensive backup strategy and following best practices, organizations can safeguard their valuable data and ensure its availability for recovery in case of data loss.

Try a 30-day FREE trial of Veeam Backup for Microsoft 365 today. Unveil the power of complete access, control, and protection of your data with Veeam! Check out the additional resources below!

Try in a lab right now with a free, realistic sandbox with all resources provided.
Watch a demo on Microsoft 365 backup best practices.
Read the #1 Guide on Microsoft365 Backup.

The post The Ultimate Guide to Microsoft Teams Backup appeared first on Veeam Software Official Blog.

Data is the lifeline of every organization. From customer data to employee data, sales data to service data — when properly utilized all this data can provide rich information to help organizations prosper and grow. And let’s not forget what is likely the most important type of data — the metadata, which is data about data or the internal structure of data inside CRM. Metadata is the structure of your CRM which helps enable users to understand the story that all the other data is trying to tell.

But what happens when this valuable asset isn’t properly protected?

Accidents Happen – Be Prepared

Whenever there are processes that involve human interaction, the possibility of an accident exists. This is certainly true in our day-to-day lives — think spilled milk on the minimal end, all the way up to major accidents that result in property damage and injuries to many. The size and impact of “data accidents” can vary just as widely. From the minimal impact of data in one field on a record being deleted, all the way up to total data loss due to a cyberattack or other catastrophic event.

The key to success is proper planning, testing and execution. In this case, that includes a well-defined, robust backup & restore process and testing that process on regular intervals to ensure it works as expected.

But My Data Is Safe in the Cloud, Right?

There’s a common misconception that if your data is “in the cloud” that it’s safe & that the cloud provider takes measures to protect that data. While in some respects that is true — for example, the cloud provider should be responsible for providing some level of protection against cyberattacks and malware, at the same time, it is not the responsibility of the cloud provider to also have some level of protection against accidental data deletion. Your cloud provider may offer some level of backup and restore capabilities, but that may not be enough.

To learn more about why it is so important to protect not only your Salesforce data, but also your metadata, join us for a webinar featuring Salesforce MVP Hall of Fame member, Eric Dreshfield, and Veeam’s Senior Manager, Global Product Marketing – Salesforce Backup, Alison Connor.

Register now!

The post Critical Tips To Protect Your Salesforce Data and Metadata appeared first on Veeam Software Official Blog.

In life, we must make informed choices and decisions about the services and products we consume and rely on recommendations and thorough research. In these cases, we often look to those we consider to be experts in their respective areas. Gartner is one of the top technology research firms that’s dedicated to delivering actionable objective observations to the industry.

This is the first installment of our three-part blog series where we’ll dive into the risks associated with Microsoft 365, suggested by the experts at Gartner. Gartner posted a document giving their answer to the question: “Should I Back Up Microsoft 365?”. Their response provided many great insights on risk, native Microsoft capabilities, the Shared Responsibility Model and the use of third-party backup solutions. The full paper can be found here and also aligns with Veeam’s experience in the field.

Who Is Gartner?

Gartner is a renowned analyst firm in the technology sector that focuses primarily on conducting research, consulting consumers and specialists and hosting conferences. While Gartner is renowned for its trusted research papers, benchmarking and tools.

The Magic Quadrant is a distinctive publication by Gartner that objectively presents competitors side by side for each industry. In fact, Veeam was recently named as a Leader for the seventh consecutive time and rated highest in Ability to Execute for the fourth year in a row. Beyond the Magic Quadrant, they also give strategic advice to IT leaders on a variety of products, including what to do with Microsoft 365.

What Is Gartner’s Recommendation for Microsoft 365 Data?

Gartner identified five major risk factors that organizations need to consider when they use Microsoft 365. Despite shifting to a SaaS environment, the responsibilities and vulnerabilities associated with Microsoft 365 data still exist. Here are the risks highlighted by Gartner:

Human error: No matter how advanced Microsoft 365 becomes, human error can still lead to unintended data loss. The sprawling nature of Microsoft 365 with its different administrator centers and recycling bins can leave gaps for potential data loss. Compromised accounts and accidental deletion or data misplacement are among the factors that contribute to this risk.
Malware/virus/ransomware: Some early Microsoft 365 users believed that SaaS solved the problem of data encryption attacks and compromised files, since data was stored in the cloud and subjected to scanning. However, bad actors have adapted, and ransomware attacks now target data stored in SaaS environments as well.. Resilient ransomware can pivot to SaaS storage and alter file versions, leading to data destruction.
Hacking (internal/external): Threat actors with malicious intent are often the most destructive and impactful. They can compromise or delete data, resulting in diminished productivity and potential reputational damage.
Programmatic errors or flaws: Microsoft provides a suite of APIs and PowerShell commands to help manage and scale your environment. However, leveraging these endpoints without the proper control or caution can lead to unintended effects, misconfigurations or data loss within an organization.
Disgruntled user: Employees with inside knowledge can pose a significant threat. They may have the capability to cause substantial damage quickly or create irreversible damage that goes undetected for long periods.

While Microsoft does provide some native protection features within Microsoft 365, it’s essential to understand that these features may not fully address all the potential risks. This leaves organizations vulnerable to data loss.

More Research on Managing Microsoft 365

Veeam continually seeks out additional research to better understand where our products should go next. To do this, we partner with top analyst firms like Gartner and independent research bureaus to get answers to questions like those posed in the Cloud Protection Trends Report 2023. In that study, respondents were asked: ”What are your organization’s primary reasons for backing up data within Microsoft 365?”. This same question has been asked in years past, and there’s been a significant shift from “accidental deletion of data” to “preparation against cybersecurity attacks” and “compliance or regulation requirements” being the top concern among both Microsoft 365 and backup administrators.

This report gives insights across the board into IaaS, PaaS, SaaS, BaaS, DRaaS and other cloud related technologies. In the SaaS section, you can find deeper dives into who performs the backups, who are the stakeholders are and what Veeam’s perspective on the topic is. If you haven’t already, download the Cloud Protection Trends Report, the Gartner guidance on Microsoft 365 and the newly released Gartner Magic Quadrant for 2023.

Conclusion

There are still some IT leaders who may think that backup isn’t necessary for cloud-based workloads, but in most cases, this will leave your organization vulnerable to data loss and the business impacts that come with it. Microsoft does provide an organization with many security and compliance tools, but those tools do not mitigate against the risk associated with privilege boundaries, data separation and granular recovery. These enhanced features bring great value but aren’t a replacement for backup.

The next part of this blog series will explore what Microsoft does to protect Microsoft 365 data and what they expect their subscribers to do. We’ll delve into the specifics of Microsoft’s native protection within the premium tiers of Microsoft 365 and the concept of the Microsoft Shared Responsibility Model. Stay tuned!

The post What Are the Risks to Microsoft 365, According to Gartner? appeared first on Veeam Software Official Blog.

One of, if not the most, challenging aspects of cloud cost optimization and data is achieving your desired outcome without being shocked by your bill at the end of the month. Balancing the needs of your business and your proverbial checkbook is not an easy thing. In fact, an entire practice called FinOps — a portmanteau of finance and DevOps — was born just to address this, bringing together business and technical teams to collaborate on cloud cost optimization and efficiency.

What is Cloud Backup Cost Optimization?

One area where this is of particular importance is cloud backup. We’re dealing with copies of large data sets that are often stored for lengthy periods of time. Flexera’s 2023 State of the Cloud Report demonstrates this perfectly, with businesses ranging in size from SMB to enterprise ranking cloud spend management as their top challenge.

Understanding Cloud Backup Costs

To achieve cloud cost savings, it is critical to better understand the transition from typical CAPEX models to the pay-for-what-you-use OPEX models of the cloud. Cloud backup consumes varying degrees of compute, storage, and data transfer resources, not to mention the licensing involved with the backup tool itself. Sometimes vendors will combine all the above into one, irrespective of how many resources you consume, representing savings for some and additional costs for others. Other vendors are more transparent, with licensing fees only entitling licensing, and with storage, compute and data transfers billed separately based on their exact usage.

So, when it comes to cloud backup, what are some best practices to meet required service-level agreements (SLAs) like RTOs, RPOs and retention without breaking the bank?

Strategies for Cloud Backup Cost Optimization

So, what are some best practices when it comes to cloud backup to meet required service level agreements (SLAs) like RTOs, RPOs and retention while realizing cloud savings, whether you’re an end user or service provider?

Planning

Cost-Effective Cloud Storage Options

Perhaps the most obvious resource consumption for cloud backup is storage. But not all storage options are created equal, with varying performance and cost needing to be balanced based on the criticality of data, how long it needs to be retained, and how old the data is. The visual representation below gives a general comparison of AWS list prices for common storage types used in backup based on pay-as-you-go, per-GB, per-month rates in us-east-1, accurate as of Aug. 22, 2023. Azure and Google follow a very similar model, and understanding the pros and cons of these storage classes is critical to cloud cost optimization.

Snapshots vs. Backups

Native snapshots are typically the go-to method for protecting cloud-hosted resources, whether they are manually created and managed, scripted, or orchestrated with another tool. Snapshots afford us the ability to achieve low RPOs as they can be taken frequently, as well as low RTOs to overcome data loss scenarios quickly. However, from a cost lens, you can see above that the volumes snapshots are stored on are among the most expensive cloud storage options. A true backup can be made from these snapshots, compressed, and then stored on more cost-effective object storage to meet compliance, retention and budgetary requirements.

Leverage Cost Calculators

There are a lot of resources out there to help you understand cloud costs based on your business needs, such as the AWS Pricing Calculator and Azure Pricing Calculator. Cloud providers are incredibly transparent about their pricing and often strive to help you drive the best value for your business. One area where this can become a little muddy, however, is with backup. Veeam’s solutions for AWS, Azure and Google Cloud all come with proactive backup cost calculators built directly into the policy wizard to help you get an understanding of what that policy is likely to cost you monthly, which helps avoid bill shock. It also breaks down the total cost into subcomponents like snapshots, backups, replicas, archives, traffic and API calls, so if tweaks do need to be made, you’re already in the right place to make those changes.

Maximize Discount Opportunities

Much like anything you buy these days, the more you purchase, the better the price per unit. This holds true for not only the data protection software used for protecting cloud, but the cloud resources themselves. AWS, Azure and Google all offer commit programs to a predetermined annual expenditure that results in contractual discounts on consumed resources, similar to an enterprise agreement. As you migrate to and grow within the cloud, forecast your spend routinely to not only avoid bill shock, but to negotiate volume-based discounts early.

Also worth noting here are the differing types of compute instances not just from a power perspective, but also pricing structure. Workloads with consistent utilization typically benefit from reserved instance pricing. Those with consistent utilization but with predictable times of increased performance requirements benefit from auto scaling, and workloads that are dynamic and short-lived typically benefit from on-demand instances.

Implementing

Data Lifecycle Management

Efficient lifecycle management of your backup data ensures that backups will remain accessible and usable when needed while minimizing the financial impact associated with maintaining storage for unused, infrequently accessed, or unnecessary snapshots or backups.

By implementing a well-structured approach, organizations can optimize storage resource utilization while reducing cloud costs, typically by transitioning backups to less expensive storage tiers as they age, where the likelihood of a recovery diminishes, but data must be retained for compliance purposes. Here’s a cost comparison of a 100GB Amazon EC2 instance with a two-year retention requirement between snapshots alone and a tiered approach where data is tiered to Amazon S3 after a month, S3 Glacier after six months and S3 Glacier Deep Archive after a year. Data stored on Amazon S3 storage classes are image-based backups with 2X compression.

Deduplication and Compression

One of the many benefits that using a true, image-based backup to complement a snapshot is the ability to deduplicate and/or compress that backup data. Deduplication removes redundant data blocks within a backup file, whereas compression removes and reduces the bits required to represent the data within the backup. As mentioned above, Veeam is capable of 2X compression for backups of cloud-hosted workloads, reducing the required capacity by half, which in turn has a significant impact on the associated spend.

Optimization

Automated Backup Policies

Automation plays a critical role in reducing cloud costs for several reasons, as well as aiding governance, compliance, alerting and reporting. Firstly, cloud backup automation built on policies ensures the right degree of protection and retention is applied to the right workload. For example, dev workloads seldom require the same rigor of production, mission-critical apps. A one-size-fits-all approach would either result in over protection and overspend, or under budget at the cost of inadequate protection. Implementing several policies with varying backup frequencies, data lifecycle management automations and retention durations that are then applied to varying criticalities of workloads based on tags helps ensure adequate protection on budget. See this example below.

There’s also a human element to automation. Streamlining data protection processes eliminates the need for dedicated personnel to manage manual backups, freeing up time and resources for them to focus on other strategic priorities while still getting the protection job done.

Monitoring and Reporting Tools

Once you’ve taken control of your costs, you need to keep control of them. This is where Day 2 operation feature sets come into play. You’re now over the hurdle of deployment and initial implementation — but this is no time to take your eye off the financial ball, since cloud creep is real. Remain focused on not just maintaining, but continually optimizing operations as your environment evolves and grows. Monitoring toolsets are critical, but the process isn’t always straightforward, especially in the hybrid-/multi-cloud world we live in. Be sure to use solutions that can span the breadth of all your environments and make your life easier by centralizing management, monitoring, and governance into a single location.

Real-Life Case Studies

Veeam Data Platform is the industry-leading Modern Data Protection solution to help you protect, secure and manage all your data across your hybrid-/multi-cloud environment. Whether you’re sending backups of on-premises workloads to the cloud or protecting cloud-hosted IaaS, PaaS and SaaS data, Veeam can help you do it all easily from a single platform. Comprehensive cost optimization capabilities that are built-in throughout can help you take and keep control of your cloud expenses without sacrificing your degree of protection or how quickly you can recover.

You can learn more about how HBC saved over $1 million in CAPEX and $600,000 in OPEX annually by implementing Veeam across its multi-cloud implementation of on-premises, AWS, and Azure. Or, how CIOX Health manages a monthly spend of $20,000 for all backup resources when protecting 500TB of patient data daily from their colo to AWS, AWS to Azure, and Azure to AWS.

Conclusion

Controlling and optimizing spend in the cloud has proven to be the leading challenge for organizations large and small in 2023, especially in today’s economic climate. This is especially true for data protection and the necessary copies of data sets that need to be made and stored for lengthy periods of time. However, getting on top of your cloud spend is not a lost cause, as there are plenty of best practices and toolsets from first and third parties available to provide you with the necessary insight and technology to achieve all your outcomes. While it may seem daunting at first, your future self (and your boss) will thank you later for taking the first step today. After all, who wants to be the person who can’t keep their business running because they were penny wise and pound foolish?

If you’re ready to experience cloud cost savings today, check out our cost-cutting infographic or set up a consult with one of our cloud experts.

What is Azure security?

Azure security is a term that refers to the precautions taken to protect your systems from common threats and malicious actors. This requires a multipronged approach to protect the data, application endpoints and accounts associated with the platform.

Microsoft Azure is a cloud services platform with a variety of offerings spanning everything from Infrastructure-as-a-Service (IaaS) to Software-as-a-Service (SaaS), giving organizations the flexibility to pick and choose what they’d like to run on the platform.

Whenever a computer system is connected to the Internet, there’s the risk of cyberattacks. According to one recent survey, 39% of businesses have experienced a data breach in their cloud environment in the last 12 months, and three-quarters of those surveyed said the data they store in the cloud is sensitive. Cloud security breaches are becoming more commonplace, and as companies increasingly store sensitive data in the cloud, the impact of security breaches becomes more serious.

From potential fines for data breaches caused by negligence to the reputational damage caused by a breach taking place and the potential business interruption of ransomware, the impact of a cyberattack can be huge. That’s why it’s so important to invest in data security. Azure Security Center is a useful starting point for securing your Azure systems, offering ongoing monitoring of your environment and alerting you if anything goes outside of normal parameters.

Azure Security Center integrates with other tools, such as Azure Policy, Azure Cloud App Security and Azure Monitor Logs, covering many of the key areas of cloud security. However, it’s useful to have other systems in place to protect your data and endpoints, especially as many cloud security breaches aren’t caused by hardware or software “security holes” but through human error.

Importance of Azure security

Cyberattacks are becoming increasingly commonplace and damaging. In 2022, IT Governance discovered 1,063 security incidents, accounting for more than 480 million leaked records. Around 24% of the cyberattacks included in its list were ransomware attacks.

The list focused on larger organizations, and the leaked datasets ranged from online games to airlines, medical data and credit reference agencies. Data breaches can have a lasting impact on the people whose data is leaked, and governments now take the issue of security breaches very seriously. Fines for companies that fall under the EU GDPR can be in the millions, and HIPAA also sets out fines for failure to comply with privacy and data security requirements.

In addition to these financial penalties, there are other practical issues to consider. Consumers are becoming increasingly concerned about the risks of sharing their data online, and when a company is involved in a data breach, ransomware attack or other cyberattack, it can be incredibly damaging to that company’s reputation.

Having a robust security plan in place that includes prevention, monitoring and remediation helps mitigate the risk of security breaches and ensures that if something does happen, the path to recovery is shorter.

Key principles of Azure security

Azure operates on a shared responsibility model for security. Microsoft is responsible for the infrastructure upon which your cloud environment runs. This is similar to how Microsoft 365 security model works. Users of Azure cloud services are responsible for the security of anything they run in the cloud.

This means Microsoft will manage the security and uptime of the infrastructure, but it isn’t responsible for the security of whatever you run on the server. So, if you spin up a server and install an insecure forum script on it, which is then exploited by a cyberattacker, it isn’t Microsoft’s responsibility. You’re in charge of the applications running on your server.

Layers of security in Azure

When considering security, there are seven “layers” to take into account. These layers include:

Physical
Network
Perimeter
Endpoint
Application
Data
User education

One of the benefits of using Azure is that it frees you from having to worry about the physical and network layers of security. Azure also handles many parts of perimeter security, although it’s possible for users to run their own intrusion detection systems to protect certain internet-facing services.

Azure’s users are responsible for endpoint security (protecting the devices connecting to the cloud services), application security and ensuring any data stored on the servers is properly backed up. It’s also their responsibility to ensure users are following proper security precautions.

One way to protect your data and reduce the risk of malicious or negligent users compromising your security is to take a zero-trust approach to security. Under the zero-trust model, strong authentication and authorization are required for any device and/or user that connects to a service. Rather than assuming that a username and password are enough to verify a person’s identity, zero-trust security takes a more cautious approach. It may require multifactor authentication before allowing a user to perform certain privileged tasks, or it may look for patterns in a user’s behavior and require additional authentication if a user logs in from an unknown location or unrecognized device.

Azure employs these precautions to maintain the security of the cloud environment, making it more difficult for attackers to do damage, even if they get access to a developer or system administrator’s credentials.

Another precaution that Azure takes is to use the Least Privilege Principle through its role-based access control. This ensures users can get their work done effectively and efficiently, without giving people access to parts of the system they don’t need. For example, there’s no reason to give a database administrator access to manage entire containers or configure networking if all they actually do in their day-to-day work is manage existing databases. They should have a database contributor or administrator role instead. In contrast, someone in the finance department may need a billing or cost management role assigned to them.

Role-based access control makes it possible to provide people with exactly the roles they require to do their jobs while limiting the potential for damage if their account is breached or they behave maliciously.

Benefits of Azure security

By default, anything added to your Azure environment is automatically added to Azure Security Center. This offers some protection against attacks by default, as it monitors the resources, alerts you to any potential issues and provides recommendations to improve security.

Azure itself offers many potential benefits compared to running an in-house server:

Secure data centers and infrastructure maintained by Microsoft.
Encryption for better data privacy.
Simplified compliance reporting and auditing.
Advanced threat detection and prevention, reducing the risk of security breaches.
Rapid incident response if issues are detected.
Minimal disruption to your business due to security incidents.
Build trust with consumers and stakeholders by demonstrating your commitment to data security.
Reduce costs associated with cyberattacks.
Reduce downtime/outages caused by cyberattacks.
Scale in a reliable and cost-effective way.
Tailor your security to your needs as you grow.

It’s easy to add your own additional security/protection tools to Azure, augmenting the security already provided by Microsoft. At Veeam, we offer the Veeam Backup for Azure tool which helps automate secure, reliable backups. When you choose Veeam’s backup solutions you not only protect your data from outages and hardware failure, but you also benefit from protection against data loss caused by ransomware and other cyberattacks.

Security threats and challenges in Azure

While Microsoft offers a lot of tools to protect Azure users from common cyberattacks, no cloud service is immune to digital threats. Azure deployments are at risk of unauthorized access, data breaches and DDoS attacks in the same way other cloud platforms are.

In addition to this, there’s the risk of data breaches caused by misconfigured services and/or inadequate authentication, as well as insider threats. That’s why it’s so useful to have a business continuity plan including tools such as Veeam Orchestrated Recovery for Azure to reduce any interruption caused by security breaches.

Security services and tools in Azure

We’ve already touched on Azure Security Center and its value for threat detection, vulnerability assessment and security recommendations. There are some other useful tools that Azure users can take advantage of to improve the security of their Azure environment, including:

Azure Sentinel: a cloud-native SIEM tool for collecting data about security-related events, analyzing it and responding to issues.
Azure Multifactor Authentication (MFA): an important part of a zero-trust environment, MFA helps enhance security, making it harder for attackers to breach the environment by stealing login credentials.
Azure Firewall and DDoS Protection: Azure Firewall blocks unauthorized network traffic, reducing the risk of brute-force attacks on servers. It also includes features for mitigating DDoS attacks.

Conclusion

Azure is a powerful platform for cloud services, and it’s useful for large and small businesses alike. Securing applications running in the cloud can be challenging, however. Microsoft offers a variety of tools to help systems administrators and developers secure their Azure environments and handles many layers of security itself. To better protect your users, it’s important to take security seriously and have a recovery plan in place in case a breach does occur.

If you’d like to learn more about Veeam Azure Backup and how it fits into your Azure security plans, contact us today to schedule a demonstration.

Ransomware is a growing threat for modern businesses

Ransomware attacks are so common now that most people already have at least a basic idea of what ransomware is, but they may not fully understand how it works or why it’s so serious. According to the UK Economic and Social Costs of Crime report, the overall cost of cybercrime in the UK alone is measured “in the billions.” Globally, the cost of ransomware attacks specifically is projected to reach $265 billion by 2031.

While some victims of ransomware are lucky enough to be able to have their data decrypted, there are many flavors of ransomware out in the wild for which decryptors are not available, meaning the organization has to restore backups to recover from the attack. If they don’t have backups, or their backups were also attacked, the cost in terms of lost data and time for the business can be severe. Our 2023 Ransomware Trends Report highlights how serious a ransomware attack can be for some organizations.

Understanding ransomware defense

Ransomware defense is something that requires a variety of strategies. It starts with basic cybersecurity best practices and involves using more focused strategies and technologies to detect and respond to ransomware attacks, including ones that are in progress.

Traditional firewalls and antivirus software can prevent some attacks, and training all your employees how to spot phishing emails, malicious websites and potentially dangerous executable files can go a long way toward preventing attacks. However, modern ransomware defense tools can go a step further than that, monitoring network activity and filesystem activity to identify signs of an attack such as unusual communication patterns or file access/encryption activity.

Network administrators can apply a number of security and IT tools for their ransomware defense. Endpoint protection, intrusion detection systems (IDS) and intrusion prevention systems (IPS) can be combined with behavior-based analysis techniques to spot attacks quickly so any damage can be mitigated.

Each of these strategies is unlikely to be enough, in isolation, to secure a corporate IT system from ransomware. By combining defense techniques, passive scanning and proactive defense measures it’s possible to reduce the attack surface and increase the likelihood of any remedial measures being successful in the event an attack does take place.

Key components of ransomware defense

Effective ransomware defense requires a multi-pronged approach.

Network security and monitoring

Firewalls and intrusion detection systems (IDS) are the first line of defense against a variety of attacks, not just ransomware. A firewall scans incoming and outgoing network activity and blocks connections it considers to be unauthorized.

Unauthorized activity could be a port scan, where an attacker attempts to connect to ports at random to try to find out what services are running on a server. Alternatively, it could be an attacker attempting to log in to a server by brute force or to simply perform a denial of service attack on a server by sending a huge number of requests in quick succession.

Intrusion detection systems are similar to firewalls in that they also detect malicious activity. These tools then take action based on a set of predefined rules. For example, they may trigger other tools to run or alert the systems administrator so they can analyze the problem and manually intervene.

Ransomware defense is an arms race, and it’s not possible to rely solely on static rules and malware definitions. Even heuristic virus scanning is not guaranteed to identify all malicious code. Therefore, it’s important to use real-time monitoring and behavioral analysis to identify changes in activity on your systems. Using this form of monitoring increases the likelihood of suspicious activity being picked up.

For example, real-time monitoring can watch out for a large number of files being accessed or changed in a short period of time. It can also pick up on files that haven’t been used for a long time suddenly being opened. Even if it turns out this activity is not ransomware, it could be some other security issue, such as an insider threat.

Incident response and recovery

Security tools are just one part of the equation. Even with sophisticated tools in place, there’s still the risk of a security breach taking place and having a clear and effective incident response plan in place is vital to minimize damage in the event of an attack.

A ransomware incident response plan includes several steps:

Determine which systems are affected.
Disconnect devices from the network where possible.
Power down affected equipment if necessary.
Review system logs to determine how the attack happened.
Identify the ransomware and determine if there’s any other malware on the system.

Depending on the nature of the attack, the steps you follow may vary. Administrators must weigh the potential cost of leaving infected devices switched on (therefore allowing the attack to continue) versus powering off the system and losing any evidence stored in volatile memory.

Where recent backups are available and are known to be protected/isolated from ransomware, it may make sense to leave the infected systems powered on but disconnected from any Wi-Fi or LAN connections to analyze them.

Data recovery is just one part of the equation. Ideally, the attack will be contained quickly to prevent it from spreading. In many cases, ransomware gains access to a network through something like a targeted phishing attack on an employee’s laptop, and from there, the malicious software spreads to network drives and other systems, looking for anything it has permission to access and write to.

Identifying the attack quickly means the malware has less time to spread and infect drives. Depending on the system it initially infected and how well-configured file access privileges are on the network, the damage may be limited to just the user’s machine and a few non-mission-critical network shares.

Taking a systematic approach to containment and recovery

Systems administrators should always remember that ransomware can act in many different ways. Some ransomware simply encrypts files; other malicious scripts will delete the victim’s data after a set time if the ransom is not paid. There’s also some particularly dangerous ransomware that scans files looking for potentially valuable data and sends that data to the attacker who threatens to leak it if the ransom is not paid.

Data breaches of this type can be particularly damaging to any business, so it’s important to tread carefully when responding to a ransomware attack. Rather than rushing to the data restoration stage, take some time to thoroughly sanitize any systems that were infected. Depending on the severity of the attack, it may be more efficient to simply wipe or reimage those systems.

To reduce the risk of an attack happening again, change all your system’s passwords and review any firewall rules, block lists and malware detection systems you have in place to ensure they’re properly updated and functioning correctly. Provide training to staff members about phishing and social engineering attacks.

Once you’re confident the malware is completely removed from your network, you can start the process of restoring critical data from backups. Be sure to scan the backups themselves before restoring them to ensure they aren’t infected. If the infection was caught quickly, this is unlikely. However, if you’re performing frequent backups, it may be that your most recent one is infected and you need to restore one of your older “cold” or “off-site” backups instead.

Avoiding ransom payments

While there have been some high-profile examples of ransomware attackers targeting large organizations and demanding huge sums of money from them, most ransomware attacks are opportunistic. The attackers often ask for smaller sums, between $700 and $1,500, on the assumption that if they make the ransom relatively affordable, the victim is more likely to pay it because they simply want to get their files back as quickly as possible.

The most frequent methods for ransomware payments are cryptocurrencies such as Bitcoin, Litecoin or even Dogecoin. These tokens are chosen because they’re widely available on mainstream exchanges, so victims should find it easy to acquire them. Attackers also find it easy to use “tumblers” to obfuscate the history of the coins they receive, making it easier for them to convert those coins to real money at a later date.

Paying a ransomware attack can be a tempting option for a time-strapped business owner who is faced with that dreaded lock screen on their computer. However, before deciding between data recovery and just paying up, it’s important to consider the impact of each choice. The only guarantee you have that paying the ransom will get you back your data is the promise of the ransomware developer — someone who is unethical enough to choose that way of making money. In addition, even if you get your data back, there’s no guarantee that the remaining malware won’t be used to infect you with something else in the future if you haven’t sanitized your systems.

Another thing to consider is the ethical issues surrounding paying for ransomware. Cryptocurrencies are often used to fund drugs, money laundering, human trafficking and terrorist activities. When you purchase cryptocurrencies, you’re indirectly supporting such activity, and paying the ransom is also rewarding cybercrime.

In some parts of the world, making a ransomware payment could actually be illegal because doing so could involve paying an entity that is the subject of financial sanctions. This isn’t true in every country, but it’s something to be aware of. If you have been a victim of a ransomware attack and are considering paying a ransom, seek legal advice before doing so.

Continuous improvement and learning

It’s easy to feel embarrassed if your organization has fallen victim to a ransomware attack. You may be wondering how it happened and if you could have done something to prevent it. Always remember that even huge organizations with dedicated IT teams and large budgets have fallen victim to cybercrimes. Try to learn from the incident, and build new strategies to beat ransomware.

If you’re able to do so without breaching non-disclosure agreements or sharing corporate data, go public about the attack and help others learn from it. Share information about what went wrong, and start a discussion about how you (and others) can better defend themselves.

Another possible option is to run simulated ransomware drills to test your readiness and identify areas where people may need additional training or where your IDS or other systems are lacking.

Interconnections with other ransomware aspects

Here, we’ve focused primarily on ransomware defense, but there are other related issues:

Preventing attacks from happening in the first place
Responding to attacks if they’re identified
Recovering data after an attack

All of these things combine to form an effective anti-ransomware strategy. There’s a lot of overlap between them. A good ransomware defense strategy may use similar tools to ransomware prevention, and part of your ransomware defense strategy will include having a rapid response plan in space. However, developing each strategy individually is worthwhile so you can feel confident you have robust security and backup systems in place.

Strengthening your organization’s ransomware defense

If your organization is concerned about the potential impact of ransomware, take this opportunity to review your defense strategy.

Creating a comprehensive strategy

Review your existing cybersecurity measures, and perform a full security audit. Consider running incident simulations to identify potential holes in your security.

After this review, draft a plan that integrates prevention, protection, defense and response to cover every eventuality you can think of. Don’t simply copy someone else’s plan; be sure to tailor the plan to your organization’s specific needs.

Leveraging technology and collaboration

Ransomware is such a pervasive issue today that there are many tools available for monitoring and intrusion detection, as well as threat intelligence. Don’t try to make your own tools. Take advantage of the wealth of expertise that’s already out there and collaborate with others in the industry. Together, we can beat ransomware.

Ransomware doesn’t discriminate

Ransomware is an ever-present, opportunistic threat. It’s just as likely to infect an individual home user as it is a multinational corporation. That’s why it’s so important for those who are concerned about protecting their data to be proactive about ransomware defense.

By building a multifaceted ransomware defense strategy that combines prevention, protection, response and recovery, it’s possible to build a resilient cybersecurity framework that can effectively combat the ever-evolving threat landscape of ransomware attacks.

If you’d like to know more about how we can help protect your organization’s data, download our 7 Best Practices for Ransomware Recovery whitepaper.

The post Ransomware Defense: Detect and Respond to Attacks appeared first on Veeam Software Official Blog.

Just around a week ago, we released a new version for Veeam Backup for Salesforce (VBSF) and have been seeing a warm reception from our customers. As the fog has cleared a bit, it’s finally a good time to get deeper into the product itself and see it in action. You might already know that this version has many new capabilities and under-the-hood enhancements, and I’d like to talk about my favorites. Join me as we sit down and tackle them by going through the major buckets, starting with security.

Security

It’s not a secret that data security is a hot topic these days, and probably more important than ever. When properly configured, a data security strategy helps protect sensitive information from unauthorized access, ensuring privacy and preventing identity theft, fraud and cyberattacks. Additionally, safeguarding data helps companies maintain trust with customers and partners, as breaches can lead to reputational damage and legal consequences for businesses. However, my personal experience shows that when it comes to Salesforce data protection and security, things can be tricky when determining which internal team should be responsible for it.

Typically, there are several teams that might be involved in dealing with Salesforce data, depending on company structure and complexity of the organization. The IT team focuses on the overall infrastructure and technology stack, ensuring that hardware, networks and basic software services run smoothly. The backup team specializes in data protection and disaster recovery, ensuring that critical data — data which is placed to virtual machines, cloud instances and SaaS platforms — is backed up and recoverable in case of emergencies. Usually, there is a Salesforce team that concentrates on platform development, customization and support, creating and maintaining workflows that support specific business functions. In many organizations, these teams collaborate closely to ensure that technology systems work effectively; but when it comes to Salesforce data access and implementing data protection tactics, those teams might argue to define the best strategy.

Prior to this release of VBSF, administrators could enable console access using single sign-on (SSO) authentication via Azure Active Directory, which helped them distinguish roles and permissions for users. Now, we have extended this feature to the Salesforce platform as well. It’s easier than ever to grant users access to backup console and control how much they can do or see there. On top of that, they can benefit from other security enhancements, like using a multi-factor authentication (MFA) app on their mobile phone to access their Salesforce account. This is automatically propagated to VBSF as well, and it goes without mentioning the possible integrations with different third-party identity providers (IDPs).

The cherry on top is that console administrators can review all operations made by app users via the Audit view. This functionality can play a critical role in ensuring data security, privacy and compliance, while also providing a mechanism for accountability, incident response and process improvement. It is a vital component of safeguarding access to sensitive Salesforce data and maintaining trust in data handling practices.

UX, Backup and Restore Enhancements

Now, let’s switch gears and talk about improvements in the product engine. While some new features might sound like “check and check” without being visible in UI, they make a great impact on your overall data protection experience. Let me pick several of them and explain why they are important.

Improved backup and restore engine

Who likes optimization as much as we do? It might not always look shiny, as this is rather a way to boost what you already could do, but we truly believe it’s very important for our customers. Developing this version, we’ve worked hard to refine and optimize backup engine performance. By doing a better job of using APIs whenever we need to operate with massive amount of data (starting from approximately 200,000 records) and knowing how to handle billions of records in a more efficient way, we can now ensure the product has a smaller memory footprint and performs backup and restore processes up to 15% faster, consuming less API calls. Who wouldn’t want that?

Support for Salesforce APIs v57

As you know, Salesforce typically releases new API versions on a semi-annual basis, as this allows them to evolve the platform by addressing customer feedback. We are following this development by closely monitoring platform releases and, as always, testing products vigorously against new updates. Now, I’m happy to announce official support for Salesforce APIs v57. Don’t hesitate to update your ORGs, — maintain 100% confidence in business continuity for your organization.

Support for Salesforce Education Cloud and Salesforce Government Cloud

Education Data Architecture (EDA) is a Salesforce-specific data model and feature set designed to address the unique needs of educational institutions, such as colleges and universities. EDA provides a structured and customizable way to manage and track data related to students, courses, and academic programs, and is, by design, the essence of Education Cloud. By providing EDA support, we expect many education centers to benefit from having their data protected with Veeam.

Besides that, our improved custom domains support(which has been added to the backup policy and connected app settings) allows us to offer this solution to Salesforce Government Cloud customers. Many U.S. federal, state and local government institutions can remain compliant by using our product in such environments.

Support for Person Accounts

Salesforce Person Accounts are a specialized feature within Salesforce CRM designed for organizations that primarily deal with individuals as their customers rather than businesses or organizations. Think B2B versus B2C. It allows Salesforce users to manage individual consumers as distinct entities in their CRM system, providing a more person-centric view of customer data. Supporting Person Accounts will help Veeam to get telecom operators and other end-user-facing enterprises truly excited, being able to protect their data in a regular manner.

Support for managed packages

As Salesforce is a very customizable platform, many of its users opt in for managed packages for various purposes, including distributing industry-specific solutions, third-party integrations, advanced analytics and custom application components. In the end, it helps them save development time, reduce customization costs and benefit from the expertise of solution providers. Obviously, with those packages, the amount of data generated and stored inside of Salesforce grows accordingly. As Veeam’s mantra is “all the data should be protected,” we’re extending our data protection scope to that data, too. Are you having your Field Service, CPQ, ComplianceQuest or other packages deployed? Fear no more, we’ve got that data too.

“Browse” data view

Being able to browse and access backed-up data provides peace of mind and assurance that critical information is safely stored. Now there is a new tab available to you in UI called “Browse,” designed exactly for this purpose. This tab gives you a quick and convenient way to investigate backups on particular dates and look for specific objects using various filters. In case the desired information is found, you can start the recovery right away without wasting any time.

UI in Japanese

Language is a critical aspect of user experience. Users feel more comfortable and confident when they can interact with an app in their preferred language. Introducing Japanese language as an option in product settings, we’re acknowledging Salesforce popularity in Japan and truly believe that this move aligns with best practices for creating inclusive and accessible digital experiences for our customers.

What language should be the next? Please let us know!

Sandbox Seeding

Now, let’s talk about sandbox seeding. This process, which could be also described as populating a Salesforce development environment with production data, is vital for companies. It fosters realistic testing, ensuring that changes won’t disrupt operations. Seeded data helps assess workflows, apex triggers and data-driven processes accurately, as well as aids user acceptance testing and performance evaluations.

This was the number-one feature that our customers wanted us to develop, and we couldn’t simply miss this requirement. Veeam Backup for Salesforce has received an upgrade to its restore wizard functionality. Each of them has one new important step where you can select the “source” and the “target” organization for the data you’re about to restore. This should enable you to achieve better compliance and security testing, safeguard data integrity, and reduce risks associated with making changes directly in the live production environment.

Figure 3. Restore to another organization

Conclusion

Personally, I’m very excited about this release. I can’t wait until more companies incorporate it into their Salesforce data protection strategies and see how it works for themselves. But, as always, it’s already time to think about the future. What would you like to see in the next version(s) of the product? Feel free to leave a comment here or by using the Veeam forums.

The post Going Under the Hood of the Newest Veeam Backup for Salesforce appeared first on Veeam Software Official Blog.

Hybrid cloud infrastructures represent a strategic blend of on-premises and cloud-based resources, offering organizations the flexibility to optimize their IT environments for various workloads and business needs. This approach enables businesses to modernize, harnessing the scalability, agility and cost-efficiency of the cloud without deprecating on-premises investments.

While many didn’t “plan” or “strategize” to have hybrid cloud architectures, they have become indispensable in the modern business landscape. Many organizations require agility and scalability to quickly adapt to changing market conditions, handle fluctuating workloads and accelerate innovation. As a cost center, IT often faces blockers to experimentation and development, getting trapped in break/fix and “keeping the light on” activities. But offloading many infrastructure-management tasks to cloud providers enables organizations to then pick up cutting-edge cloud services, such as AI, machine learning and big-data analytics. This fosters collaboration and agility, allowing cross-functional teams to access resources and collaborate on projects more efficiently. Moreover, the ability to quickly spin up and tear down cloud-based resources lowers the barriers to entry for innovative projects, promoting a culture of experimentation and entrepreneurship within the organization. As a result, modern businesses can leverage the hybrid cloud’s innovation-enabling capabilities to develop and deploy new products and services faster, gaining a competitive edge in today’s fast-paced digital landscape.

Now that you are properly convinced of the benefits of hybrid cloud investments, let’s break down how to wrangle the wild mess of on-premises and cloud-based infrastructures so you can realize benefits, keep costs down and maintain security.

Understanding Hybrid Cloud

Definition and Key Characteristics of a Hybrid Cloud

In the simplest terms, hybrid cloud is a combination of two or more computing environments, including private clouds, public clouds and on-premises data centers, all orchestrated as a unified and distributed computing environment. Some key characteristics are:

An on-premises data center and at least one private or public cloud
A combination of two or more private clouds
A grouping of private and public clouds

The hybrid cloud consists of several layers. At the bottom sits the hybrid cloud infrastructure layer we mentioned earlier, consisting of the public and private cloud infrastructure as well as on-premises data centers. Sitting above that is a hybrid cloud platform that spans the cloud and on-premises environment. The next layer contains the hybrid cloud software layer, where applications run. The final layer is an observation layer that acts as a window to provide an overview of all applications running in the hybrid cloud.

Importance of Hybrid Cloud in the Enterprise

As enterprises look to expand and scale to and from the cloud, having a hybrid cloud environment gives you the flexibility to repatriate workloads back on premises if needed for compliance or data retention needs, or to re-deploy into the cloud to balance storage costs and flexibility for growth. A hybrid cloud is an excellent way for enterprises to optimize workload resources and easily scale operations. The importance can’t be understated:

Increased flexibility: Flexibility to work in the environment most suited to the application, such as running public-facing workloads in the cloud and keeping critical data on premises or in a private cloud.
Workload portability: When working with a unified platform and supported by containers, it is easy to move workloads around the hybrid cloud.
Support for innovation: The hybrid cloud supports innovation, allowing developers to easily experiment with different solutions without the need to invest in additional hardware and facilities.

Advantages of Hybrid Cloud

By having a combination of on-premises and public clouds for your data, enterprises can deploy robust security to protect against ransomware and implement cost-efficient best practices, all while scaling their environments to keep business continuity.

Cost Efficiencies

Cost efficiency in the cloud typically surpasses on-premises solutions due to factors like reduced capital expenditures, lower operational costs and greater scalability. With the cloud, businesses eliminate the need to invest in expensive hardware and data center infrastructure upfront. Cloud providers can leverage economies of scale to provide cost-effective services, and organizations can scale resources up or down as needed, avoiding overprovisioning.

However, users simply need to see one “shocking” cloud bill to realize that the cloud is not a utopia. Misconfigurations, over-zealous development and other common mistakes can result in significant overspend in the cloud. The control of on-premises infrastructure mitigates those risks. IT organizations need to find the best-fit infrastructure type to ensure costs stay under control.

Scalability

The scalability of the cloud is one of its standout features, allowing businesses to easily adjust their computing resources up or down based on demand. With cloud services, organizations can rapidly scale their infrastructure to accommodate traffic spikes or growing workloads, ensuring optimal performance and responsiveness. Whether it’s adding more virtual servers, storage or network capacity, the cloud’s scalability empowers businesses to adapt swiftly to changing requirements, making it a vital asset for modern, growth-oriented organizations.

Security

Five years ago, security would not be showing up on a list of “advantages” of hybrid cloud architectures. But cloud providers invest heavily in state-of-the-art security measures, including data encryption, access controls and robust infrastructure protection, often exceeding what many organizations can achieve on their own.

Of course, security in the cloud is a shared responsibility, with customers responsible for securing their data and applications. Properly configured and managed cloud resources, strong authentication and access controls, regular security audits, and compliance adherence are essential for safeguarding data and applications in the cloud. This is why, for some highly sensitive data, it may still be best suited for on-premises infrastructures.

But by working in tandem with cloud providers and adhering to best practices, businesses can achieve a high level of security and ensure that their data remains protected in cloud environments.

Business Continuity

Business continuity and disaster recovery are often entry use cases for organizations looking to leverage the cloud. For on-premises infrastructures, cloud hosting can offer off-site data hosting for restore back on premises, or even failover directly into the cloud.

For workloads hosted in the cloud, high-availability architectures offer a level of uptime generally unattainable from on-premises infrastructures. However, just as security is a shared responsibility, so too is data management. Third-party backup tools, like Veeam, integrate natively with the cloud, unlocking portability of backups across subscriptions, availability zones and even out of the cloud provider entirely for true resiliency.

Key Components of a Hybrid Cloud Strategy

To avoid a “hodge podge” approach to infrastructure, some critical tools are needed to bridge the divide between on-premises and cloud-based workloads. Many third-party tools now offer extensive compatibility across hypervisors, databases, cloud services and more to deliver cohesive outputs across heterogenous environments.

Network Connectivity

Hybrid cloud networking tools are essential for creating and managing the connectivity between on-premises data centers and cloud resources. These tools enable organizations to establish secure and reliable network connections, such as virtual private networks (VPNs) or direct interconnects, ensuring seamless communication between their local infrastructure and the cloud. Additionally, they often include features for traffic optimization, load balancing and network monitoring, helping businesses maintain optimal performance and latency across their hybrid cloud deployments.

Security and Compliance Tools

Security and compliance tools for hybrid cloud are vital components for safeguarding sensitive data and ensuring adherence to regulatory requirements. They typically offer features such as advanced threat detection, encryption, and identity and access management to bolster security across both on-premises and cloud environments. These tools also help organizations automate compliance assessments and audits, ensuring that they meet industry-specific or regional compliance standards, which is crucial for maintaining data integrity and trust in a hybrid cloud infrastructure.

Data Protection and Backup

Data protection tools for hybrid cloud environments play a critical role in maintaining the availability and integrity of data — regardless of where it resides. They often provide capabilities like backup, disaster recovery and data encryption to safeguard data across on-premises and cloud-based storage locations. These tools enable businesses to implement data retention policies, ensure business continuity and adhere to data privacy regulations, fostering confidence in the security and resilience of their hybrid cloud data assets.

Implementing a Hybrid Cloud Strategy

Steps To Implement a Hybrid Cloud Strategy With Veeam

Implementing a hybrid cloud backup strategy with Veeam is easy. The first thing you will want to do is set up a cloud consultation with our experts. We’ll take it from there. This will allow you to ask the pertinent questions you need to ask and will allow us to learn more about you and the workloads and environments you are looking to protect. From there our experts will provide you with all the necessary information to start putting together a comprehensive hybrid cloud backup data protection strategy with Veeam.

Each environment and situation is unique, so the steps to implementation could vary depending on how many workloads you are looking to protect and in which environments you want to protect them. One good rule of thumb is the 3-2-1-1 Rule. Specifically, in an on-premises case, data stored locally should have multiple copies backed up and at least one copy stored offsite. You need protection that is flexible and able to encompass your VMware, Windows Server, Oracle DB and more, and provides the centralized management needed to protect edge devices with ease. The ability to send backups between the cloud, an on-premises data center or the edge is critical — and having a backup solution that makes that process seamless ensures you have the most robust data protection strategy.

How Veeam Supports Hybrid Cloud Environments

Whether you are in a hybrid or multi-cloud environment, Veeam supports both by giving you the flexibility to move your data freely between on premises and the cloud, between multiple clouds or multiple data centers. Whether it’s leveraging universal licensing to backup cloud data or software to backup and protect on-premises data, the ease of the Veeam Data Platform’s centralized management, layered security and hybrid and multi-cloud-ready approach creates a unified support system that integrates seamlessly with your environment, giving you the flexibility, cost savings and peace of mind to use the cloud confidently.

Veeam Case Studies of Successful Implementations

Looking for success stories from Veeam customers on their hybrid and multi-cloud successes implementing the Veeam Data Platform? Look no further! Check out our NEW Hybrid Cloud Customer Success Guide for stories from Veeam customers all over the world as they share their challenges, solutions and outcomes implementing the Veeam Data Platform for their hybrid and multi-cloud data protection needs.

For more success stories, visit our Veeam Success Stories Library.

Future Trends in Hybrid Cloud

The trend around fluid movement between hybrid and mult-cloud storage strategies has escalated, especially considering the growing adoption of cloud-powered tools and services. Based on this multi-faceted approach, organizations have reached a point where long-term retention is playing a larger role in IT strategy. It is an especially sensitive point involving data protection specific to data loss prevention.

Many organizations started with self-managed backup using cloud storage but later switched to a managed service provider (MSP) to further leverage expertise around capabilities. These shifts are seen as having a prolific impact due to increased optimism around hybrid cloud, multi cloud and the importance of a comprehensive data protection strategy. Our report, “Cloud Protection Trends for 2023: The future of cloud data protection,” provides more of this perspective, along with statistics and future trends from a survey of 1,700 unbiased organizations on their use of cloud-based production and cloud-powered protection services.

Conclusion

To wrap things up, it is important to understand that your cloud data will not protect itself — and snapshots are just not going to cut it. But that’s okay! As we learned, implementing a backup solution like Veeam into your hybrid cloud strategy offers:

End-to-end security
Fast, reliable recovery
Flexibility
And more!

These core benefits will give you the confidence to backup and recover your data in and out of the cloud, no matter where it resides. Having complete ownership of your data across all of your environments can’t be understated. It is paramount to your hybrid cloud strategy and the insurance that you have a sound data protection strategy in the event of a ransomware attack. If you’re looking for more information download our “#1 Hybrid Cloud Backup Guide,” the ultimate guide for owning your data on any cloud.

The post Mastering Your Hybrid Cloud Strategy appeared first on Veeam Software Official Blog.

You may have seen the big news from Cisco and Nutanix, who recently announced a global partnership to simplify business actions within the hybrid and multi-cloud. Veeam has had longstanding alliance relationships with both Cisco and Nutanix, working with both companies on technical-level integrations and co-innovations and business-level collaborative sales relationships. Veeam looks forward to working with Cisco and Nutanix in their new global strategic partnership.

As you know, Veeam is the leading data protection platform for Cisco’s existing HyperFlex hyperconverged offering. Veeam and Cisco began our alliance partnership in 2013, and over the past 10 years, we have developed numerous integrations and solutions, including:

Storage snapshot integration with HyperFlex
Reference architectures for UCS and FlexPod
Cisco Validated Designs for HyperFlex, FlashStack and Red Hat OpenShift Container Platform (OCP) on HyperFlex

Veeam is also the leading data protection platform for Nutanix, enabling the backup and recovery of all virtual machine workloads running on Nutanix Cloud Infrastructure. Since 2018, Veeam and Nutanix have strengthened alliances and offerings with the introduction of Nutanix Mine (a pre-built backup and recovery solution delivered as a Nutanix appliance) and solutions for Nutanix Files Storage and Nutanix Objects Storage.

Today, Veeam and Nutanix offer customers an unmatched cyber-resilient data management platform. With it, customers can avoid the inflexibility of competitive offerings and provides a secure platform, and thus recover from malicious attacks (such as ransomware or outages due to administrative mistakes) with minimal disruption.

Going forward, what does this announcement mean for our combined Cisco, Nutanix and Veeam customers? This announcement enables Cisco customers to choose which leading hyperconverged infrastructure is right for them, which is well aligned with a core Veeam philosophy: flexibility. By adhering to this philosophy, we grant our customers the freedom to run their choice of production IT infrastructure, and therefore choose which best-of-breed product is best suited for their enterprise — all with the confidence that Veeam Data Platform is protecting any chosen workload or production infrastructure.

Veeam also enables customers the flexibility to choose which backup infrastructure fits their usage of Veeam Data Platform. This announcement extends that flexibility by allowing Cisco customers to also choose Nutanix Mine — a purpose-built backup solution with Veeam pre-installed on a Nutanix cluster and Nutanix Objects — which can be leveraged as an object repository for Veeam backups.

The industry-leading Veeam Data Platform protects customers’ enterprise hybrid cloud infrastructures (private, public and managed cloud) against threats and disasters, whether natural or man-made, at an affordable total cost of ownership (TCO). Veeam has been positioned by Gartner in the Leaders quadrant of the 2023 Magic Quadrant for Enterprise Backup and Recovery solutions for the seventh consecutive time. Veeam is also ranked the #1 global provider by International Data Corporation (IDC) in its latest IDC Semiannual Software Tracker 2022H2 for Data Replication & Protection software.

The post Leading with Customer Choice: Cisco and Nutanix Launch a Global Partnership appeared first on Veeam Software Official Blog.

Welcome back to the second part of our three-part blog series, where we continue to revisit what leading IT analyst firm, Gartner, suggests for protecting Microsoft 365. In the first post, we looked at what Gartner identified as risks associated with Microsoft 365. This included:

Human error: Compromised accounts and accidental deletion or data misplacement are among the factors contributing to this risk.
Malware/virus/ransomware: Resilient ransomware can pivot to SaaS storage and alter file versions, leading to data destruction.
Hacking (internal/external): Threat actors with malicious intent.
Programmatic errors or flaws: Unintended effects, misconfigurations or data loss within an organization.
Disgruntled users: Significant insider threats that have the potential for substantial damage that can go undetected for long periods.

Now, let’s delve into what Microsoft does to protect Microsoft 365 data versus what they expect subscribers to do.

Native Protection Within the Tiers of Microsoft 365

Microsoft offers native tools to help companies curate Microsoft 365 data with varying levels of capabilities based on license tiers. For example, Microsoft provides first and second stage recycling bins that act as an easy first option for restoring data that may have been recently deleted within a user’s mailbox or OneDrive, for example.

However, it’s essential that you understand the limitations of these bins. Exchange retains data for up to 30 days and SharePoint retains data for 93 days, which makes it a challenge to recover data after this period. Additionally, the recovery process from these recycling bins can be complex and time-consuming. Plus, compromised privileged accounts can administratively delete or alter versioning and recycling bins, rendering the recovery process ineffective. In other words, if a bad actor can get to your production data, they can get to the recycle bins too.

Check out our 3 Office 365 Backup Keys to Success

While every Microsoft 365 license includes supplementary features like eDiscovery, Insider Threat protection, and Data Loss Prevention, these features alone may not be enough to fully protect yourself against all potential risks. Veeam talks about some of these points in more detail in our ”Why back up OneDrive for Business?” blog post.

Microsoft Shared Responsibility Model

A common misconception when using cloud-based services is that the cloud provider assumes responsibility for data protection. This misconception was especially prevalent among early adopters and those with less experience with SaaS platforms like Microsoft 365.

However, this isn’t the full picture. In all cloud-based relationships, there is a shared responsibility between the customer and the cloud provider, which Microsoft calls the Shared Responsibility Model.

According to the Microsoft Shared Responsibility Model, the customer is responsible for maintaining their own data, devices, and accounts. As a SaaS solution, Microsoft manages their physical infrastructure and provides access servers and admin centers that allow users to configure and manage their services. However, the customer is still responsible for securing user access, managing devices connected to applications and protecting the data placed on the cloud servers. This is where the risks mentioned in the previous blog post come into play. If there are any misconfigurations or security gaps that enable bad actors to access the organization’s data, Microsoft is not responsible for the data loss.

Advantages of Microsoft 365 Third-Party Backup

With such a wide range of potential risks that aren’t addressed by native tools, Gartner suggests that third-party backup solutions can help organizations overcome some of these challenges and protect their Microsoft 365 data. Based on Gartner’s recommendations, creating backups provide organizations with additional layers of protection that separate production data from backup copies. This reduces the potential impact of data loss incidents. Third-party backup solutions can also provide granular centralized recovery options and offer additional data and credential/privilege separation.

Conclusion

According to Gartner, organizations should look closer at business obstacles like regulatory compliance and long-term retention requirements when considering data protection. Gartner and Veeam recommend building around a solution that will simplify data protection and recovery across your Microsoft 365 applications.

In the final part of our series, we’ll assess how Veeam Backup for Microsoft 365 aligns with Gartner’s considerations for Microsoft 365 and the Shared Responsibility Model. Join us as we explore the benefits of using Veeam backup and its role in ensuring data protection for Microsoft 365 environments. Stay tuned!

The post Does Microsoft Protect Microsoft 365 Data? appeared first on Veeam Software Official Blog.

The fact that organizations need to backup their Microsoft 365 deployments has been well established. Microsoft is based on a shared responsibility model in which Microsoft is responsible for protecting the underlying infrastructure, and subscribers are responsible for protecting their own data. This means that if you use Microsoft 365, you have to back up your own data. In their Services Agreement, Microsoft makes it very clear on the delineation around customer data, “We don’t claim ownership of Your Content. Your Content remains Your Content, and you are responsible for it.”

As important as backups might be, however, there is one critical item that seems to get left out of the conversation and that is recoverability. Recoverability isn’t always quite as straightforward as we might like it to be, so in this blog post, we share some key considerations when choosing a third-party product to restore and recover Microsoft 365 data. For a more in-depth take on this topic, it can be found in the Conversational Microsoft 365 Recovery Best Practices E-Book.

Backup Immutability

According to the 2023 Data Protection Trends Report, 85% of organizations indicated that they had experienced at least one ransomware attack in 2022. Immutability makes it so that a backup cannot be overwritten, deleted or encrypted by ransomware. Having immutable backup storage greatly increases the chance of being able to successfully recover from a ransomware attack.

The Difficulty of Recovery

When it comes to using a third-party product to restore Microsoft 365 data, one of the first things that you need to consider is what the recovery process will be like. Backup products can differ widely in terms of their complexity. Microsoft has created a collection of APIs that backup vendors can use for Microsoft 365 backup and recovery. However, there are vendors who only use a subset of the APIs, so if your data is scattered across several Microsoft 365 applications, it would likely be up to the person restoring the data to figure out where the data actually resides, how to restore the data and how to recognize the data has been restored.

Restoration Granularity

Another key consideration is the granularity with which a third-party application allows you to restore Microsoft 365 data. It’s important that whatever backup application you are using can perform both large-scale recovery operations and extremely granular recovery operations, down to individual items like message data, individual files, voicemail messages and other types of data

Versioning and Attributes

Consider the ability to preserve and use any existing attributes associated with the items that are being recovered. Ideally, you should be able to choose which version of the file you want to restore, but you shouldn’t lose access to other versions of the file.

Of course, file versions are not the only type of attributes that exist. Each of the Microsoft 365 applications uses data attributes in its own way, and it’s important for any backup application to be able to recognize and retain these attributes.

Recovery Flexibility

A good backup tool should give you a significant amount of flexibility with regard to the data recovery process. It’s also important that you’re able to export Microsoft 365 data in a way that allows that data to be used outside of your organization.

However, it is equally important that your backup product includes a really good search engine that will be able to locate all of the data that needs to be restored or exported. If your backup application includes a subpar search engine, then it may not be able to find all of the data that needs to be handed over. In other words, it is absolutely essential for a good backup product to feature a first-rate search engine.

Complete Visibility

One of the most critical, and yet most often overlooked backup capabilities is complete visibility into your backups. This means that your backup application needs to have good monitoring and reporting capabilities to make sure that your backup application is healthy and that it is running as intended. Your backup application should never leave you wondering if your data was backed up as intended.

Self-Service Recovery

Not every backup application offers self-service capabilities. Self-service recovery allows the user to get their data back immediately, while also freeing up backup operators so that they can focus on more important matters.

In conclusion, Microsoft 365 data recovery capabilities vary widely from one backup application to another. Your organization’s backup is its lifeline. Make sure you keep these key considerations in mind when choosing a third-party product to restore your Microsoft 365 data

You can read the whole Conversational Microsoft 365 Recovery Best Practices E-book here.

Additional information:

Still not convinced you need a Microsoft 365 backup? Read about the Microsoft 365 Shared Responsibility Model here
Here is a summary of how Veeam differentiates from Microsoft 365 BaaS vendors
Download a 30-day FREE trial of Veeam Backup for Microsoft 365
Join a technical demo by a Veeam Systems Engineer

The post Microsoft 365 Recovery Best Practices appeared first on Veeam Software Official Blog.

In the dynamic world of data security, certifications are the cornerstone of trust, assuring a product’s resilience against potential threats. The recent attainment of Common Criteria (CC) certification by Veeam Backup & Replication and Veeam ONE v12 from the National Information Assurance Partnership (NIAP) and listing on the NIAP Product Compliant List (PCL) signifies a significant step towards reinforcing data security and ensuring the confidentiality, integrity and availability of sensitive information.

Unveiling Common Criteria and Its Significance

Common Criteria emerges as a gold standard in cybersecurity, a collaborative effort developed in partnership with the UK, France, Germany, Canada, Netherlands and the U.S. This international endeavor amalgamates the expertise of these nations to create a unified framework for evaluating the security attributes of IT products. It’s a testament to global cooperation in the face of a common adversary: cyberthreats.

Born out of the need to harmonize disparate security evaluation criteria such as TCSEC, CTCPEC and ITSEC standards, Common Criteria represents a concerted effort to establish a singular yardstick that aligns with the complexities of modern technology landscapes. This collaborative initiative isn’t just about compliance; it’s about crafting a dynamic framework that adapts to the evolving threat landscape, ensuring that products are capable of withstanding emerging challenges.

At its essence, Common Criteria centers on Security Functional Requirements (SFR) and Security Assurance Requirements (SAR). SFR stipulates stringent guidelines, encompassing everything from encryption protocols to access controls, while SAR scrutinizes the processes and procedures used to develop, test and maintain a product. These facets create a comprehensive evaluation matrix that leaves no stone unturned in pursuing cybersecurity excellence.

This international amalgamation signifies the global importance of data security. It underscores that cyberthreats recognize no boundaries, necessitating a collaborative defense strategy that transcends national borders. The significance of Common Criteria lies not just in its rigorous evaluation process but in its principle of unity — a united front against those who seek to exploit vulnerabilities in our digital realm. In an increasingly interconnected world, Common Criteria is not just a certification; it’s a symbol of global cyber resilience.

Navigating Security Functional Requirements (SFR) and Federal Acquisition Regulation (FAR)

Central to the CC certification process are the Security Functional Requirements (SFR), rigorous guidelines outlining the security features a product must encompass. Beyond a mere checklist, SFR determines the level of security a product can provide against potential threats. In the realm of government procurement, the Federal Acquisition Regulation (FAR) plays a key role. This regulation establishes the U.S. government’s standards for acquiring goods and services, guaranteeing that products meet robust security criteria.

The Arduous Pathway to Certification

Attaining Common Criteria certification is an intricate journey. It involves exhaustive testing, evaluation and validation. Each aspect of the product — from code lines to security mechanisms and operational functionalities — is meticulously examined to ensure alignment with exacting criteria. The arduous nature of this certification process mirrors the relentless efforts required to fortify cybersecurity amidst evolving threats.

Enhancing Cybersecurity Resilience of Veeam Data Platform

The attainment of Common Criteria certification by Veeam Data Platform is not just a token accomplishment; it signifies a profound commitment to elevated data security. This certification underscores Veeam’s dedication to safeguarding customers’ critical information against potential breaches. However, this is just one facet of Veeam’s unwavering commitment to cybersecurity.

Veeam and the Veeam Data Platform security endeavors proudly boast a range of other commendable security achievements. With FIPS 140-2 compliance, Veeam ensures that the cryptographic foundations of its offerings meet rigorous U.S. government standards. The DoDIN APL listing further attests to the product’s reliability and suitability for demanding Department of Defense networks.

Veeam’s dedication to security is evident through the rigorous Independent Verification & Validation (IV&V) process, where its products undergo meticulous examination, testing and remediation. The ISO and SOC certifications showcase adherence to international standards and robust information security practices. Moreover, implementing the Secure Software Development Framework (SSDF) underscores Veeam’s commitment to embedding security throughout the product’s lifecycle.

As cyberthreats evolve, Veeam Data Platform helps our partners and customers build their fortress of security against unwanted threats. Veeam’s CC certification, DoDIN APL, FIPS 140-2, Independent Verification & Validation, ISO, SOC and other security accolades, reflect Veeam’s holistic approach to safeguarding customer data and our products. The product’s adherence to stringent standards and continuous commitment to security best practices positions it as a trailblazer in data protection, empowering organizations to embrace the digital future without compromising on security.

The post Elevating Data Security: Veeam Backup & Replication and Veeam ONE v12 Achieve Common Criteria (CC) Certification appeared first on Veeam Software Official Blog.

Cloud computing has become ubiquitous and has reached the point where nearly half of all workloads run in the cloud. Currently, most organizations operate a combination of on-premise and cloud workloads, known as a hybrid cloud. Typically, they keep key services within their data centers and use the cloud for customer-facing services, software applications and flexible data storage. The hybrid cloud model is ideal because it is not always possible, or even wise, to move everything to the cloud for reasons like cost, performance and compliance.

A hybrid cloud is a combination of one or more types of public and private cloud architectures together with on-premise servers. A multi-cloud comprises two or more public cloud services. Predominant cloud architectures include Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). Users appreciate the resiliency of the cloud and commonly adopt more flexible data retention practices than are the norm for on-premise data centers. According to Veeam’s 2023 Cloud Protection Trends report, nearly 50% don’t keep cloud data for longer than one year. Additionally, 34% believe that PaaS services like file shares do not need to be backed up, despite cloud-hosted data facing an equal volume and magnitude of cyber threats. We must do more to protect and secure our cloud data to ensure resilience.

These data retention policies offer little protection against inadvertent deletions or the growing threat of ransomware. In Veeam’s 2023 Ransomware Trends Report, 85% of surveyed organizations experienced at least one ransomware attack in the preceding year.

For most companies, it is only a matter of time before they experience a cyberattack. Their ability to resist will depend on the steps they take to harden and protect their networks. Equally important is the provision of secure backups as a last line of defense against ransomware attacks.

Read on to learn about the best hybrid- and multi-cloud security practices.

Hybrid Cloud Security: The Importance of Prevention

Prevention is an essential part of any hybrid cloud security strategy that seeks to mitigate the risk of data loss because of security threats like ransomware. If you can prevent cybercriminals from breaching your cyber defenses, you can divert a ransomware attack. At the very least, you may detect an attack and respond before your data is encrypted or exfiltrated.

Cloud service providers are contractually obliged to protect their systems against intrusion and attack in accordance with their own shared responsibility models and SLAs. However, this liability does not extend to your data or to how you set up your network. It is the users’ responsibility to protect their data and systems in hybrid- and multi-clouds against cyber threats.

Important steps to harden your systems against attack include:

Software patches. Keep all software and firmware up to date, and apply security patches as soon as they are released.
System configuration. Avoid security gaps and vulnerabilities caused by configuration errors with your network, instances and virtual machines (VMs).
Network segregation. Segregate your network into multiple partitions or domains using physical and virtual networks to prevent a single point of entry.
Access control. Adopt least-privilege access controls, especially with sensitive networks and data.
System monitoring.Continually monitor your networks for unusual CPU and network traffic, including detailed logging with built-in alerts.

Embracing Remediation

Even with the best ransomware defenses, bad actors get through as their attack vectors evolve and become more sophisticated. Determined hackers often target specific organizations, seeking every possible opportunity to breach their defenses. Tactics include phishing attacks that appear to be genuine emails that trick unsuspecting employees into opening infected email attachments. Others include drive-by malware attacks from infected sites and scanning your systems for vulnerabilities, such as unpatched software and account compromise.

Hackers need to find just one vulnerability to infect your system, and fending off every attack is difficult. You need a second line of defense to fall back on, incorporating secure backup practices that ensure the integrity of data and the ability to make a clean recovery.

Best Practices for Secure Cloud Backup and Recovery

As with any disaster recovery strategy, you need a robust contingency plan on how to respond to a ransomware attack. This plan should be dynamic and constantly reviewed to reflect organizational changes and adapted to new and developing threats.

Remember that ransomware extortionists are continually improving their tactics. Their goal is to make it impossible for you to recover from an attack unless you pay the ransom. To this extent, 93% of ransomware attacks now target your backups. This means it is essential to ensure your backup strategy is robust and secure against attack.

Let’s take a deep dive into hybrid- and multi-cloud security best practices.

1. Follow the 3-2-1 Rule

The first and most important point to note is that your cloud provider is not responsible for backing up your data. While cloud providers synchronize data to mirror sites, this is to provide a fallback if the primary data center goes down. It is not a backup. If you are the victim of a ransomware attack, the constant synchronization means that both data sets will be encrypted.

Your backup strategy should, ideally, be based on the tried and tested 3-2-1 backup rule. This rule describes the minimum number of copies of data you should keep together with techniques to reduce the risk of loss due to common factors or events.

The digits in the rule explain how it works:

The first digit of the 3-2-1 rule says you should always have three copies of your data.
The second digit specifies that you should store your backups on two different types of media.
The last digit implies that you should keep one copy offsite, whether that is on-premises to the cloud, intra cloud across regions or from one cloud to another.

2. Logically Air Gap Your Backups

The notion of a physical air gap for backups is long instantiated. However, in the cloud where data is constantly connected to the network, how do you achieve this air gap? We need look no further than the cloud providers well-architected frameworks or best practices that help us understand where security boundaries lie and how to keep backup resources separate from production. Note that there are subtly different security considerations between clouds; AWS it is accounts, Azure it is subscriptions and Google Cloud it is projects.

It is highly advised to utilize a dedicated account, subscription or project for your backups. Also, backup copies can be stored on on-premises storage like hardened Linux repositories, or immutable object storage, also possible on-premises or on another cloud altogether.

3. Priciple of Least Privilege (PoLP)

Limit privileges to those required for each user, system or application to perform their specific tasks or functions. This rule applies equally to backup and recovery operations as to other employee tasks. Leverage the following principles:

Identity and access management (IAM): Use granular IAM roles to create fine-grain control over resource access and permissible actions. Continuously audit IAM roles and delete permissions no longer required, as well as rotating access keys for IAM users.
Role-based access control (RBAC): RBAC is similar in principle to IAM, with some overlap. From a backup and recovery lens, RBAC can help entitle users specific access to backup and recovery functions. For example, recovery roles can be limited to restore only exercises to empower application owners to self-service recovery, without the ability to edit admin-level settings or backup policies.
Multifactor authentication: MFA is a robust system of authenticating users when they log into corporate systems, helping to prevent brute force and man-in-the-middle (MITM) attacks. It works by requiring the person who is attempting to log in to supply at least one piece of additional information that’s unique to that user in addition to their login password. This could be a security question or a one-time password sent to the user’s mobile device. Alternatives include a digital signature or biometric identification, such as a fingerprint or facial recognition.

These approaches ensure attackers can’t access and attack data backups. They also help you maintain data compliance requirements in the cloud concerning data privacy and residency.

4. Immutability Ensures Integrity

The concept of an immutable backup is that the data can’t ever be changed. You can’t modify, delete or overwrite the data. Importantly, a hacker can’t encrypt an immutable file. So, immutable backups are secure backup files that you can rely on.

Most immutable solutions use write-once-read-many (WORM) technologies that lock the data. Examples include Amazon S3 Object Lock and immutable storage for Azure Blob. With immutability in the cloud, it is normal to specify a retention period, after which time, the data will be unlocked and can be subsequently deleted in line with data retention requirements or when controlling cloud storage spend. An alternative is to add a legal hold that overrides the retention period until specifically unlocked by an authorized user.

There is one provision regarding immutability, and that is that the data must be uncorrupted and free of malware or ransomware before being saved. If this is not the case, the data can be corrupted or encrypted when you attempt to use these files for backup recovery purposes.

5. Encryption to Prevent Theft

Even though cybercriminals can’t encrypt your immutable backups, if they access the backup data, they may be able to exfiltrate the backup data and hold you ransom in this regard.

Most cloud providers provide several mechanisms for encrypting your data. Examples include AWS Key Management Service (AWS KMS) and Microsoft Azure Key Vault. Implementation is very straightforward, especially when using default keys, however it is advisable to utilize self-managed keys for greater control.

Monitoring and Incident Response

In addition to the above procedures, it is crucial to continuously monitor your systems for signs of ransomware attacks. Also, you should have a detailed plan outlining the actions to take in the event of a ransomware attack. Essential steps include:

Continuous monitoring. Implement threat-monitoring tools that allow you to continually monitor hybrid- and multi-cloud environments for unusual activity and abnormal network behavior that may indicate malicious activities.
Threat detection. Install security software to detect and eliminate cybersecurity threats, including phishing, malware, ransomware and zero-day exploits. Protect against new and unknown threats using AI-enabled detection engines that block suspicious processes and activities.
Incident response plan. Prepare a comprehensive ransomware response plan detailing specific personnel and actions to take in response to a ransomware attack, including isolation of infected systems, ransomware containment and eradication strategies.
Automated remediation. Employ automated tools to detect and block malware and ransomware attacks by disabling and isolating infected endpoints, systems and software.
Forensic analysis. Establish procedures for forensic analysis, such as recovering system logs and data stored in flash memories so that it is possible to determine the sequence of events and identify the type of ransomware.

An essential aspect of incident response and ransomware recovery is team training. You should thoroughly train team members on the principles and practices of effective ransomware and cybersecurity incident response.

Taking Action

The responsibility for data protection starts and ends with you. Although public and private clouds offer guarantees regarding data security, these relate to data loss and corruption due to a failure of part or all of their cloud data centers.

For example, AWS guarantees a certain level of data durability and availability related to their service level agreement. However, AWS is not responsible for data loss due to accidental deletions, malware and ransomware.

It is essential to determine appropriate backup policies and where and how to secure your backup data. You also need to determine the optimal network and security configurations related to your organizational needs. In this context, you should treat hybrid cloud security with the same rigor as you do for your on-premise data centers, unlike those mentioned earlier in this article.

Fortunately, you’re not alone. Veeam’s backup and recovery solutions can help you efficiently and securely manage, backup and recover your data from anywhere across the hybrid cloud.

Securing Hybrid and Multi-Cloud Backups

Robust cloud IaaS, PaaS and SaaS services across AWS, Azure, Google Cloud, Microsoft 365, Salesforce and more offer compelling alternatives to companies seeking to expand their IT services. While hybrid cloud strategies often solve many problems, they also come with challenges, with cybercriminals are becoming better at exploiting the resulting software and network vulnerabilities. Your company faces a real threat of data theft and ransomware.

The answer to this threat lies in a combination of effective ransomware prevention strategies and robust remediation policies. These include hybrid- and multi-cloud security measures, such as network segmentation, security software and robust multifactor authentication policies.

But given the almost inevitability of a successful ransomware attack, you also need a robust backup strategy. Utilizing practices like logical air-gaps, PoLP, immutability, encryption and more, an effective backup plan can help you recover from a ransomware incident with minimal downtime and reputational damage.

Learn more about secure cloud backup protection strategies in the 2023 Cloud Protection Trends Report from Veeam.

The post Best Practices for Secure Hybrid and Multi-Cloud Backup appeared first on Veeam Software Official Blog.

Welcome to the final segment of our three-part blog series where we evaluate how Veeam Backup for Microsoft 365 aligns with Gartner’s recommendations for Microsoft 365 data protection and Microsoft’s Shared Responsibility Model.

In case you missed our first two segments:

Gartner’s Considerations for Microsoft 365: Gartner highlighted five major risks that organizations need to consider when using Microsoft 365, including human error, malware/virus/ransomware, hacking (internal/external), programmatic errors or flaws and disgruntled users.

Microsoft’s Shared Responsibility Model: Microsoft’s Shared Responsibility Model outlines that, while Microsoft manages the physical infrastructure and the underlying application layer, customers are still responsible for securing user access, devices and the data they place on cloud servers.

In this post, we will be taking a closer look at how Veeam Backup for Microsoft 365 aligns to both Gartner and Microsoft’s recommendations.

Veeam-Driven Study

As previously mentioned, Veeam gathers and publishes research not just from analyst firms like Gartner, but from independent research bureaus as well. This allows us to remain in front of the data protection challenges that the IT industry faces. One of the most recent publications, the Cloud Protection Trends Report 2023, showed that organizations are increasingly concerned about cybersecurity attacks and compliance requirements for their cloud-hosted data. Veeam Backup for Microsoft 365 is designed to address these evolving concerns and offers an essential layer of protection against potential threats.

Veeam Backup for Microsoft 365

Veeam Backup for Microsoft 365 is Veeam’s solution for protecting Microsoft 365 data. By leveraging Microsoft-native APIs, Veeam creates backups with data separation for business-critical applications like Microsoft Teams, Exchange, OneDrive for Business and SharePoint. From these backups, Veeam Backup for Microsoft 365 offers a diverse range of restore options from single file exports to full site restores that provide over 50 different ways to restore data.

Veeam Backup for Microsoft 365 directly addresses and aligns with Gartner’s vulnerability list by providing comprehensive protection for Microsoft 365 data. This bridges gaps with native retention and undelete features within Microsoft 365. If we revisit each of Gartner’s considerations with a Veeam lens, we get the following:

Human error: Veeam offers easy-to-use and intuitive backup and recovery solutions that help prevent accidental data loss. With Veeam’s granular recovery, organizations can quickly and easily restore specific items, which reduces the impact of human error.
Malware/virus/ransomware: Veeam creates an isolated backup copy of your data which protects it from malware and ransomware attacks that may target production data. With the addition of object-lock backup copies can be made immutable preventing alteration in cases of an attack.
Hacking (internal/external): Veeam ensures that your backup data remains secure and separate from production data, which safeguards it from external and internal threats.
Programmatic errors or flaws: Veeam offers both a console and a self-service portal with an intuitive interface. In case of accidental Microsoft 365 data misconfiguration, Veeam provides an easy access method of recovery all from a single directory.
Disgruntled users: With Veeam’s data separation capabilities and immutability, disgruntled employees will find it more challenging to cause widespread data loss since Veeam makes sure your backup data remains separate and protected.

Veeam’s approach aligns with Gartner’s recommendations, offering a robust solution to tackle the risks associated with Microsoft 365 data. Maybe that is one more reason why Gartner named Veeam a Leader in its Magic Quadrant for the seventh year in a row?

Microsoft Backup

Microsoft recently announced further advocacy for the protection and separation of backup data from your production Microsoft 365 data. In their announcement, Microsoft highlighted some of the top concerns surrounding long-term data archiving, the necessity of diverse restore methods and more sophisticated data protection scenarios. Veeam was specifically cited in the announcement as a named partner in Microsoft’s new backup API suite, which will further performance to Veeam’s diverse protection and recovery portfolio very soon.

Check out the press release that describes this expanded partnership between Veeam and Microsoft.

Conclusion

While Microsoft 365 provides certain native retention and undelete features, it’s important to assess these against known considerations and risks like those described by Gartner. By implementing Veeam Backup for Microsoft 365, organizations can bolster their data protection strategy and meet or exceed the Microsoft Shared Responsibility Model. Veeam offers comprehensive protection against data loss incidents, whether they be caused by human error, malicious attacks or programmatic flaws. It is always fun when research findings and practical insights point to the same best practices. In this case, this includes the importance of third-party backup for Microsoft 365. Try out a 30-day free trial or our free community edition for up to 10 users here.

The post Assessing Veeam Backup Regarding Gartner’s Considerations for Microsoft 365 appeared first on Veeam Software Official Blog.

The State of Ransomware

1. Navigating Ransomware

2. Creating an Incident Response Plan

3. Utilizing Veeam Solutions for Recovery

4. Post-Incident Recovery and Analysis

5. Proactive Client Engagement

6. Customizing Veeam Solutions for Resilience

7. Continuous Monitoring and Optimization

8. Training and Workshops for Customers

9. Case Studies and Success Stories

Conclusion

Summary

What is Ransomware Recovery?

Prepare for Ransomware Attacks

Implement Strong Cybersecurity Measures

Create a Comprehensive Backup Strategy

How to Detect Ransomware Incidents

What to Do When Responding to Ransomware Attacks

Ransomware Recovery Strategies

Restore Data from Backups

Explore Paying the Ransom

Utilize Decryption Tools and Techniques

Work with Ransomware Recovery Services

Best Practices for Ransomware Recovery

What to Do After a Ransomware Attack

Conclusion

Related Content

Salesforce Security and Compliance

Sandbox Seeding

Salesforce Government Cloud

Salesforce Business Apps

Backup

Restores

Related Resources

Understanding Hybrid Cloud Backup

The Need for Purpose-Built Backup and Recovery

Ensuring Comprehensive Data Protection

Advantages of Hybrid Cloud Backup

Retaining Ownership and Control of Data

Simplifying Management Complexities

Encouraging Data Privacy and Compliance

Conclusion

Protecting What Matters Most

Following a Passion

Keeping Pace With Evolving Threats

Safeguarding a Global Business

Bringing Data Protection Home

Introduction

Why Every Organization Needs Microsoft Teams Backup

The Rising Use of Collaboration Tools

Understanding Microsoft Teams Backup

Why Backing up Microsoft Teams Is Crucial

How Data Works in Microsoft Teams

How Backup Differs From Archiving

Practical Tips for Microsoft Teams Backup

Comprehensive Backup Strategy Considerations

Overcoming Common Backup Challenges

Key Features to Look For in a Backup Solution

Challenges and Solutions

Common Pitfalls in Teams Backup

Tips to Ensure Seamless Data Recovery

Backup and Data Protection Best Practices

The Importance of Regular Backups

Testing Backup and Recovery Processes

Conclusion

Accidents Happen – Be Prepared

But My Data Is Safe in the Cloud, Right?

Who Is Gartner?

What Is Gartner’s Recommendation for Microsoft 365 Data?

More Research on Managing Microsoft 365

Conclusion

What is Cloud Backup Cost Optimization?

Understanding Cloud Backup Costs

Strategies for Cloud Backup Cost Optimization

Planning

Cost-Effective Cloud Storage Options

Snapshots vs. Backups

Leverage Cost Calculators

Maximize Discount Opportunities

Implementing