Enhanced Ransomware Protection a Key Benefit of Veeam Upgrade

As Veeam prepares to retire two versions of its flagship data protection software, organizations should start making plans for an upgrade to ensure protection from increasing threats to backup environments.

Veeam Backup & Replication version 9.5 reached end of support (EOS) status earlier this year, which means Veeam will no longer provide support unless you have an active maintenance agreement and perform an upgrade to a newer version. Version 10 won’t reach EOS until February 2023 but has reached end of fix (EOF) status, and is no longer receiving updates, patches or hotfixes.

While organizations often put off upgrades to solutions that still seem to be working well, there are very good reasons to make the transition to version 11 or 11a as soon as possible. Released last year, the new versions have more than 200 new features and improvements — including key enhancements for ransomware protection. Veeam has also announced version 12, which is slated for release in the second half of 2022.

Why Backups Are Targeted

Ransomware is an increasingly critical concern. Ransomware attacks nearly doubled in 2021 compared to the previous year, with more than three-quarters of companies reporting at least one such attack. A growing number of attacks specifically target legacy backup solutions.

Ransomware gangs such as the notorious Conti group now regularly delete backups before launching ransomware, giving them leverage to coerce victims into paying the ransom. According to one recent survey, 70 percent of executives reported their company’s backup systems were compromised during a ransomware attack. Another 48 percent said they experienced permanent data loss following an attack.

Unlike legacy backup solutions, Veeam 11 counters such attacks by enabling immutable backups that cannot be altered or deleted, even by an administrator. It allows you to use a Linux server as a hardened repository to ensure you have an untouched version of data that is always recoverable and safe from any attack or system failure.

In addition, immutable backups provide protection from malicious insiders who try to delete or modify files, accidental deletion or modification, or data corruption from bugs or power outages. They also help companies meet regulatory requirements for data preservation and ensure data authenticity for litigation requirements.

Enabling Sub-Minute RPOs

A new continuous data protection (CDP) feature provides another important hedge against attacks on the backup environment. CDP solutions back up applications, files or blocks of data any time a change is made. The backup window essentially becomes irrelevant because backup is occurring all the time.

Because CDP tracks every instance of data modification, it provides the option to recover data at extremely granular points in time to minimize data loss. For example, if an attack or outage occurs at midnight, an administrator can retrieve the data as it existed at 11:59 p.m. With sub-minute recovery point objectives (RPOs), CDP helps organizations ensure access to their most recent data.

Veeam 11 also extends protection to encrypted cloud backups in AWS, Microsoft Azure and Google Cloud. Integrations with AWS Key Management Service (KMS) and Azure Key Vault, as well as enhanced role-based access controls (RBACs), boost security by simplifying access authorization.

Veeam is a recognized leader in data protection solutions, but if you are using an older version of Backup & Replication, we suggest you upgrade to version 11 as soon as possible. The process can be a bit tricky for those will staff and resource limitations. For example, you must upgrade Veeam components on all remote servers the backup server communicates with during data protection and disaster recovery tasks. If you do not upgrade components on remote servers, backup and replication jobs will fail.