Kenjo - stock.adobe.com
Why Veeam thinks ransomware warranty payouts are unlikely
Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts
Backup specialist Veeam recently rebranded its data protection offer as Veeam Data Platform. But key among the myriad updates and feature enhancements was a ransomware guarantee, with financial compensation if data can’t be recovered.
Obviously, Veeam hopes that will not need to be invoked by customers, and places faith in its ability to monitor rapidly changing environments and maintain up-to-date backups.
Veeam Data Platform comprises the company’s Backup & Replication, monitoring tool VeeamONE, Veeam Recovery Orchestrator automation functionality, and SaaS backup modules for Salesforce and Office365, all of which replaces the Veeam Availability Suite.
The problem backup product makers face today is that an organisation’s IT estate can span many different application and operating system environments, dating from last-century platforms to today’s cloud-native and containerised workloads.
As with most contemporary hybrid cloud and containerised applications, the challenge is particularly great because data can flow to multiple locations with ease, quickly arising and being snuffed out in numerous environments.
“There is an incredible amount of complexity across IT in organisations, with legacy applications on AS400, applications built on Cobol, stuff dating from the 1990s and even the ’80s,” said Dan Middleton, UK and Ireland vice-president at Veeam.
“That can be on mainframes, physical servers, VMs, SQL, cloud-native applications, containers, you name it.”
Read more on backup and ransomware
- Ransomware and backup: Overcoming the challenges. Ransomware attacks that exfiltrate data don’t nullify the value of backups to restore from, but the challenges – such as not restoring corrupted data – require careful planning.
- Ransomware, storage and backup: Impacts, limits and capabilities. We look at the impact of ransomware on storage and backup, how storage and data protection can best be used to combat ransomware, and how they fit in the fight against it.
How does Veeam propose to keep up with such complexity? Some suppliers have proposed automated methods of data discovery and provisioning. Veeam’s Middleton suggested its use of artificial intelligence and machine learning to monitor deployments, but deferred on the details.
“How can data protection keep up? It’s a case of when you update production methods, you update data protection too,” said Middleton. “For example, you can get Microsoft 365 deployments with 10,000 users with a churn of 10% or 20% a year. As we parse the system, we constantly track changes in an automated way.”
Meanwhile, Veeam is keen to stress its guarantees – which it claims are unique among backup suppliers – that ensure recovery or financial compensation in the case of a ransomware outage.
“In version 12, it is the first time any backup vendor has provided a warranty against ransomware,” said Middleton. “As long as Veeam has been installed correctly, the customer has gone via an accredited service provider and the correct level of protection is in place, then if the customer can’t recover their data Veeam will provide a financial amount.”
But before it gets to that, Veeam reporting aims to ensure all is well should a ransomware-shaped disaster strike. In other words, protecting data correctly, monitoring suspicious potential ransomware activity with the numerous detection capabilities in Veeam One, ensuring security in user access and making sure the customer can restore by validating backups and testing.
Veeam also aims to guarantee satisfaction by lack of customer lock-in, said Middleton.
“A key point is the ability never to be locked into any technology,” he said. “We make Veeam as agnostic as possible. The idea is that we don’t lock customers in and if they want to move they can. How we do this is with ‘self-describing files’.”