Because Veeam can be good, but it’s only as good as the user pays for. I do ransomware recovery and incident response management for a living. More often than not, Veeam is implemented poorly and does not do what the customer thinks they paid for.
It’s not specifically fault of the product. However, in my experience in this field, the only time client backups are encrypted is due to a false sense of security due to negligence and ignorance.
Veeam should not be configured by an inexperienced or underfunded tech staff.
If your backup can be reached by a ransomware, it’s not a backup.
Tell that to 90% of Veeam deployments.
A ton are going to object storage now so they get protocol level immutability.
Why name drop Veeam as if they’re part of the problem?
They at least have good options to protect backups from ransomware with Linux hardened repos and immutable object storage.
Because Veeam can be good, but it’s only as good as the user pays for. I do ransomware recovery and incident response management for a living. More often than not, Veeam is implemented poorly and does not do what the customer thinks they paid for.
I still fail to see how that’s the product’s fault.
Is there some ransomware-proof backup solution that you find most people do set up correctly?
It’s not specifically fault of the product. However, in my experience in this field, the only time client backups are encrypted is due to a false sense of security due to negligence and ignorance.
Veeam should not be configured by an inexperienced or underfunded tech staff.
Tape, probably /s