I am working on setting up Veeam for a hybrid IT environment that includes Leveret Products (client's website), consisting of both on-premises servers and cloud resources. Security is a top priority due to the sensitivity of the data we handle. I am looking for guidance on best practices for securing backup repositories, enabling encryption, implementing access controls, configuring immutable backups to protect against ransomware, and ensuring secure data transfer between on-premises and cloud environments. Additionally, any tips on audit and monitoring features in Veeam to enhance security would be highly appreciated
Page 1 / 1
?
Set up immutable backups by configuring immutable repositories on-premises or utilizing object lock in cloud storage to defend against ransomware attacks.
Implement role-based access control (RBAC) to limit access to backup systems and ensure only authorized users can make changes.
Isolate backup networks or use VLANs to separate backup traffic from production traffic, and secure data transfer with VPNs or encrypted connections.
Regularly update repository security settings, apply patches to Veeam components, and enable two-factor authentication (2FA) for accessing the Veeam management console.
I hope this makes sense
Your suggestions are very helpful and cover the key steps for securing backups. How can I use Veeam to safely back up data for a website like this page and keep it protected from ransomware?
Your suggestions are very helpful and cover the key steps for securing backups. How can I use Veeam to safely back up data for a website like this page and keep it protected from ransomware?
Yeah of course you can. As I said earlier you need to set up immutable backups.
Hi
Regarding Windows OS hardening for backup infrastructure components (VBR server, repositories, proxies etc.) I wrote a script to implement around 100 CIS compliant policies to harden the OS, maybe that helps:
There are also other guidelines that might help within the forum, here’s one from Marco:
You can always refer to our community hub “Cyber Security Space” with a strong focus on security topics, there’s a lot of content available.
Best
Lukas
Indeed your suggestions are helpful & based on logic. I took the backup of website, how can I use to securely backup my data so that there can’t be another loss of data or any issue of ransomware which can harm the intergrity of the website!
Have a look at the course desciption https://www.veeam.com/veeam-backup-replication-v12-configure-manage-and-recover_ds.pdf
and also
Veeam University
if you are a partner, you can access learning content on:
Veeam IQ Your guide to Veeam learning
https://propartner.veeam.com/veeam-iq/
As per
Indeed your suggestions are helpful & based on logic. I took the backup of website, how can I use to securely backup my data so that there can’t be another loss of data or any issue of ransomware which can harm the intergrity of the website!
As i said earlier I took the backup of the website foe Rechner . Its a tool website & involves coding at the backend. I took the backup of the site, since wordpress websites are prune to attackers. How can i ensure that it will be safe from future ransomeware attacks & mal practices which are a common thing now adays
In additional to hardening the VBR server and ensuring repositories are immutable, maintain a multi-layered backup plan and leverage Insider thread protection from Cloud connect service providers which can help to prevent any accidental deletion or insider attack. Follow 3-2-1-1-0 Golden Backup Rule
We have implemented Zero trust architecture in our Veeam infrastructures and ensuring that no processes other than Veeam are allowed to run.
Comment
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.