This topic comes up time and again when meeting with customers. With the average attack costing over $36,000 and it seeming like hospitals, cities, and schools are constant targets, it's no wonder the threat of ransomware is top of mind.
While there are many strategies for protecting your Veeam backup data from ransomware, here are three of the most effective:
1. Keep Backup Repositories Off Domain
This prevents a compromised domain account from encrypting data stored on the repository. Instead, use local accounts which are exclusively used by Veeam for the purpose of connecting to the repository.
2. Copy Backup Data to a Dedicated Appliance via Proprietary Protocol
In addition to a compromised system having local data encrypted, ransomware payloads are known to encrypt data in shared folders which are made available over the network via common protocols (SMB/CIFS, NFS). By using a proprietary protocol, such as, HPE StoreOnce Catalyst, we can greatly reduce the likelihood of a compromised account being able to access and encrypt the data stored on a dedicated backup appliance.
3. Leverage Veeam Cloud Connect and/or Cloud Tier for Out of Band Storage
If you’re reading this, chances are you're familiar with the 3-2-1 backup strategy. Having backup data offsite is an important part of being able to effectively recover from various disaster scenarios.
Veeam Cloud Connect allows backup and replication jobs to target a service provider, which enables cloud-based disaster recovery.
Veeam Cloud Tier allows backup data older than a defined age to be moved to object storage – on-prem or off.