Top tips for securing Veeam backups – part 1

Keeping all aspects of your IT secure can seem daunting. Even backups are at risk, despite trying to provide a safe haven for your data. This is where Complete IT Systems and Blocky for Veeam can help. By applying a systematic approach to your security, you can protect data-at-rest and data-in-transit.

In a series of articles over the coming weeks, we will outline how to secure your backed-up data, and how to adopt a pragmatic, practical apprach to doing so.

In this article, part one, we look at how to understand cyber criminals’ motivations, the role of backups in limiting the impact of ransom attacks, and how Veeam backup encryption helps.

Knowing your enemy

The first step to knowing how to protect your backups is to understand your enemy. Cyber attackers target backed-up data for two main reasons. First, preventing an organisation from operating means there is no revenue coming in. Customers are uncertain, and this uncertainty almost guarantees some lost income.

Hackers stop businesses from functioning by locking firms out of their own data. They also extract sensitive personal data (PII) which can be a serious problem in the wrong hands.

The role of backups

Backing up data is a funadmental to good business practice. They also offer a good safeguard against ransom attacks by enabling a restore to the most recent point in time prior to an attack. Applying the 3-2-1 principle to backup means that you avoid placing all your eggs in one basket by storing data on different types of storage.

In the event of a ransom attack that encrypts an organisation’s data against them, with good backups in place IT teams can restore to a known point in time before the attack took place. For these reasons, it is not only essential to take regular backups, but to protect the data as it moves between locations and when it is in its final destination.

Encrypting Veeam backups

Encryption is a vital compont of protecting data. It is also a common trick cyber criminals use to lock organisations out of their own data.

With Veeam, you automatically have inbuilt encryption with the Backup & Replication solution. This enables you to switch on encryption on multiple levels:

  • Backup jobs
  • Backup copy jobs
  • VeeamZIP
  • Tapes

But there are some important considerations to keeping your backups completely secure.

If Veeam’s encryption has not been enabled for an existing backup job, the previous chain is not captured in the backup for that job. In other words, Veeam Backup & Replication’s encryption is not applied retrospectively.

To solve this, it is possible to start a new chain to enable the previously unencrypted chain to be siloed and then secured separately. Enabling encryption for an existing job then allows the in-built Veeam solution to create a full backup file.

What about deduplication?

Using a deduplicating storage appliance as the target for backed-up data means encryption can have a negative impact on deduplication ratios.

Since a separate encryption key is used for every job session, blocks that may be the same can appear to be different despite contaning the same data. By disabling data encryption, higher de-duplication rates can be achieved. The downside of this is that security is reduced.

Risk assessments therefore need to be conducted to balance deduplication with security.

Look out for our next blogs where we will go into more detail on this topic.

Find out more

Read more about Blocky for Veeam and view a short introduction video.

As Blocky for Veeam Certified Partners, Complete IT Systems have a team of specialists on hand to demo the solution. We can discuss business benefits and help you understand how the technology works for your organisation. We also offer exclusive 30-day FREE trials.

To get in touch or request a demo please contact us.

Protect Veeam backups

School cyber attacks in the UK – why?

School cyber attacks

School cyber attacks are rising in the UK, and schools are no exception. The National Cyber Security Centre recently modified its guidelines to reflect this growing threat.

In this three-part series with our partners Barracuda, Complete IT Systems look at why schools are targeted, how schools are exposed, and practical steps for safeguarding them.

Part 1: School cyber attacks – why are they targeted?

Schools may seem like less obvious targets for cyber criminals. Pupils are not likely to be carrying credit cards or phones, and exam results are unlikely to attract as big payouts as bank account details for instance.

The reality is that schools are a common target of hackers for two reasons. Firstly, they are often soft targets with inadequate security provisions in place. There can also be some potentially lucrative rewards for a successful attack.

What are the rewards?

Schools actually have a lot of data that can be valuable in the wrong hands. Childrens’ identity data is a valuable commodity in criminal circles. It is used by fraudsters to open bank accounts for money laundering. It can also be used to open new credit lines.

And the best part for cyber criminals? Children are much less likely to realise wrongdoing than adults. Some studies have found that twice as many children are subject to identity theft than adults for this reason.

State schools’ IT systems also contain an abundance of data attractive to criminals. This includes names, DOB, phone numbers, email addresses and health data. Private schools also hold financial and insurance information. On top of this, schools also hold payroll information for teachers.

With 8.9 million pupils attending almost 33,000 schools in the UK, the potential is clear.

Ransomware

Although state schools are not flush with funds, around 10% of the schools in the UK are private. That means there are well over 3,000 schools that could be susceptible to paying ransoms on pupils’ coursework, financial data and health information such as COVID-19 testing.

In part two of our blog, we will look at how private schools can be exposed.

How can I find out more?

As Barracuda Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

How to protect Veeam backups

Protect Veeam backups

Backups should be your organisation’s insurance policy against ransomware attacks. They provide the ability to restore your production environment to a stable state at an appropriate point in time. It is vital to protect Veeam backups are also an insurance policy against malware attacks because data can always be recovered.

In theory.

Hackers are now looking for different routes to infiltrate corporate networks.  It comes as no surprise that sophisticated malware attacks are now heading straight for backups. Attacks on backups compromise all the data there before heading for live systems.

It does not help that Veeam V11 running under Microsoft Windows offers no native immutability feature for local backups. Veeam does have the option of a hardened Linux based backup repository with V11, but many organisations lack Linux expertise in-house, or have no desire to add Linux to their Windows-dominated environment.

Cybersecurity provision needs to be strengthened and adapted to keep up to speed. Protecting Veeam backup objects is vital. However, traditional security measures are often not practical for cloud-based online backups in branch or remote offices. This can be because of limited resources or skills onsite, bandwidth restrictions or other practical obstacles.

Blocky for Veeam protects remote office data from malware attacks on backed-up data with 7 simple steps:

  1. Simple installation: Blocky is easy to install with a filter driver tightly coupled to the Windows OS, but only requiring minimal system resources
  2. 85% of Ransomware attacks target Windows systems: Blocky turns the Windows NTFS/ReFS volumes(s) of the Veeam Repository Server into a protected device.
  3. Protect Veeam backups even if compromised: Blocky will continue to protect against Malware even if a virus has entered the program and damaged the Blocky software.
  4. Rapid attack recovery: Unlike solutions based on offsite storage media or cloud-based strategies, Blocky protects your local archives for the fastest possible recovery time.
  5. Cost effective insurance: Blocky for Veeam is priced based on the total backup disk volume capacity and insignificant compared to the costs of a successful Ransomware attack.
  6. Instant alerts: Blocky will send alerts of ANY unauthorised application or processes that try to access a protected backup volume. This can be very useful in the early detection of a malware or ransomware attack. Even the hardened Linux solution under Veeam V11 does not provide this.
  7. Quicker recovery times: Local backups offer the fastest possible recovery time and will typically incur far lower costs than offline backups such as tape or cloud-based object storage.

Find out more

Read more about Blocky for Veeam and view a short introduction video.

As Blocky for Veeam Certified Partners, Complete IT Systems have a team of specialists on hand to demo the solution. We can discuss business benefits and help you understand how the technology works for your organisation. We also offer FREE trials.

To get in touch or request a demo please contact us.

Protect Veeam backups
Protect Veeam backups