Skip to main content

Here I am talking about backup encryption, which is performed by Veeam. Not by a hacker. It is a good idea to enable this feature.

Why to monitor this? A attacker could enable backup encryption or change existing encryption key without being noticed. If so, backup jobs continue to run without any problem. But you are not able to use them for restore because you simple cannot decrypt them! 

For monitoring encryption password changes reports Backup Objects Change Tracking and Backup Infrastructure Audit can be used. With this reports you see when encryption password was created or modified.

To control if somebody selected another encryption password from the list, use the report Job Configuration Change Tracking.

 

For more information see my full feature blog post here: 

https://vnote42.net/2022/02/09/monitor-hardened-repository-with-veeam-one-v11a/

Great post and share.  Always good to monitor this.


Good point to monitor. Using your own encryption against you… very bad:sunglasses:


Great post @vNote42! The importance of monitoring in order to gain visibility in your network cannot be over emphasised!


Great post @vNote42! The importance of monitoring in order to gain visibility in your network cannot be over emphasised!

100% agree @Iams3le !


very useful. thanks!


Comment