Ransomware:

6 Capabilities Enterprises
Need for Rapid Recovery

Dave Russell, Jeff Reichard, Chris Hoff,

Vice President, Senior Director, Data Protection &
Enterprise Strategy, Enterprise Strategy, Ransomware Marketing
Veeam Software Veeam Software Manager, Veeam Software
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

Table of Contents
Businesses can’t prevent a cyber attack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Building a framework for resilient recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Veeam ransomware best practices and selected capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Secure Backup is your last line of Defense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

1. Trusted Immutability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2. Backup Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

3. 3-2-1-1-0 Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

4. Instant Recovery at Scale . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

5. Secure data recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

6. DR Orchestration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Veeam Products for Your Ransomware Remediation Practice . . . . . . . . . . . . . . . . . . . . . . . . . 11

About Veeam Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

About the Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 1
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

Enterprises can’t prevent

a cyber attack Ransomware growth 2016-2021

The growth and evolution of ransomware is one of the most

destructive trends of the last decade. This explosion has
moved ransomware from an economic crime to one with
immense global security implications. NATO, the US federal
government and military, and the G7 have all recently
acknowledged the severity of the ransomware threat
and the need for large-scale coordinated response from
government and industry. Global cost: $325M to $20B USD
Coordinated government and industry response takes time.
In the meantime, organizations of all sizes need to protect
themselves and their customers and constituents today.
Fortunately, concrete steps using readily available tools and
security frameworks can assist.

The sophistication and adaptability of ransomware and

other cyber threats today require an agile, layered defense.
Yet many enterprises still maintain standalone security
products that are focused on a single attack vector, which
Frequency: Every 2 minutes to every 11 seconds
can easily be bypassed. Compounding the technology issues
is a lack of security expertise on staff. One recent estimate
puts the number of unfilled cybersecurity positions at over
three million worldwide. The staffing issues go beyond
technical skills to knowing how to apply policies that
create consistency and provide a way to measure your
organization’s overall effectiveness.i These gaps in people,
process and technology make attacking your data easier
than ever for sophisticated cybercriminals.
Innovation: Bitcoin, ransomware-as-a-service,
Enterprises can’t prevent a cyber-attack, but they need double/triple extortion
to take the necessary steps to be prepared to effectively
protect their data when an attack occurs.

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 2
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

Building a framework for resilient recovery

Effective security programs start with structure to understand Without a structured way to manage cybersecurity risk,
what should be protected and the cost to the business if it would be easy to focus all your efforts into detection-
that asset were lost to determine how protection should be based defenses such as firewalls and anti-virus while
implemented. Many enterprises start their security journey by neglecting the processes and tools that are mandatory
trying to protect every asset in the same way and with the same to effectively respond to, and recover from, a successful
level of importance, but as they grow best practices are applied attack. Put another way, the best offense is a solid
that allow for risks to be categorized and responses to be defense including having a robust strategy for backing
better defined and measured. As frameworks are implemented, up and protecting your data and workloads across
security teams and allowed to mature and understand the enterprise. Successful backups are the last line of
the threats they face as well as the methodologies used by defense for cyberattacks and can be the deciding factor
their attackers which allows teams to defend against attacks to prevent considerable downtime, data loss and paying
and recover quickly if an attack is successful. This organized a costly ransom. To that end we’ve put together these best
approach can also help justify investments in cybersecurity by practices guide to provide real world advice on securing
clearly illustrating the outcomes of those investments. And your data.
the process is iterative, allowing for a phased implementation
and for learning from previous implementation cycles.

Ransomware Protection
Secure Backup is your last line of Defense

Backup Recovery

Trusted Immutability Instant Recovery at Scale

Backup Verification Secure Restore

3-2-1-1-0 Rule DR Orchestration

Software-defined. No lock-in with proprietary hardware

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 3
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

Veeam ransomware best practices Veeam offers a horizontally scalable software defined
and selected capabilities storage (SDS) architecture. On the front end, Veeam can
easily be extended to ingest more data as your backup
volumes, or performance needs change. On the back end,
Since 2019, every release of Veeam’s® Modern Data Protection
our Scale-out Backup Repository™ (SoBR) is a software-
platform has delivered significant cyber resiliency and secure
defined construct that pools different types of storage
ransomware protection capabilities, helping enterprises
devices for backup data. Through Veeam’s policy engine,
reliably recover from any cyberattack in minutes. Our software-
data can be placed on the most appropriate devices,
first approach gives you the flexibility to maintain resilient,
including on-premises direct attached storage (DAS),
immutable storage on premises and in the cloud without being
deduplication appliances, network attached storage (NAS),
locked into proprietary hardware. These best practices allow
object storage and the cloud; automatically managed over
you to have the appropriate safeguards to ensure the delivery
time or via a Service Provider.
of reliable backup and recovery for your critical infrastructure
services and ensure your data will be there when you need it.
The Veeam Platform delivers on all these capabilities,
allowing for a solution that scales and extends as
Secure Backup is your last line your business and its requirements evolve over time.
of Defense Veeam’s approach is modular and extensible, with no point
solutions required, no dictated hardware dependencies and
The availability solution deployed should be capable of no worry of outgrowing the solution.
protecting the breadth of all mission critical workloads, be they
physical, virtual or container based. Regardless of if workloads Veeam’s software-defined ransomware remediation
are deployed on premises, in the cloud with IaaS or as SaaS, capabilities work with any infrastructure, today and
mission critical data now resides in many locations, and needs to in the future. Proprietary infrastructure should not be
be portable to account for future requirements. The protection required, allowing the business to deploy on the hardware
platform should have the ability to scale up or down, depending or cloud that it selects. Infrastructure flexibility not only
on requirements and workloads being protected. The backup allows an organization to determine what hardware their
solution should be capable of capturing data via a multitude backup solution runs on, but also protects your backups
of methods, including backup, replication, continuous data from ransomware, no matter where vital data resides.
protection (CDP) and storage array integrations.

AWS Microsoft 365 VMware vSphere

Azure Salesforce Microsoft Hyper-V

Google Cloud Nutanix AHV

Kubernetes Red Hat Virtualization

Cloud SaaS Virtual

Veeam Platform
Single Platform to protect ALL workloads

Apps Unstructured Data Physical

Microsoft Windows
Oracle Linux

SAP HANA NAS MAC

Share UNIX

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 4
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

1. Trusted Immutability

Cyber criminals now routinely attempt to encrypt or delete AWS Amazon S3 and other approved S3-compatible object
an organization’s backups as part of any ransomware storage providers, using their object lock capability.
attack. Success for the adversary is critical here, because
Backups written to resilient storage will be one of
without backups the victim must pay handsomely to recover
the most critical defenses for ensuring ransomware
their data.
resiliency. Resilient backup storage would mean that
Resilient backups are simply backups that cannot be you have one or more copies of your backup data on any
destroyed by an adversary — even one who has acquired combination of the following media:
administrative credentials.
• Backups on tape (and removed from the library or
At the simplest level, robust resiliency can be achieved marked as WORM)
by backup to removable drives or to tapes which are then
• Immutable backups in S3 or S3-compatible object storage
removed from the tape library. Having offline, air gapped
backups is step one. • Air-gapped and offline media (i.e., removable drives,
rotating drives)
Veeam offers a bulletproof, policy-driven approach for
data management across various resilient storage options. • Backups in Veeam Cloud Connect with Insider Protection
Enhancing overall resiliency, certified storage solutionsii (a services-lead capability)
from Veeamiii and via our broad partner ecosystem guarantee
• Immutable backups in a hardened repository
immutability (the inability to delete or change data for
a prescribed time). These options include our Veeam The Veeam Platform includes a complete set of ransomware
Hardened Repository, which delivers a robust immutable remediation capabilities in its core product that are easily
option for your on-premises backups. If you prefer to keep customer-deployable, and flexible enough to work with any
your data in the cloud, Veeam provides immutability using infrastructure, on-premises or in the cloud.

Veeam Scale-out Backup Repository (SOBR)

Automated tiering | Software defined | Ransomware proof | Infinite scalability | Cost reduction

Hours-to-days Days-to-months Months-to-years

Production Performance Capacity Archive

Built for instant recovery Infinite Scale Reduce Costs

Veeam
Amazon S3
Repository
Amazon S3 Glacier
Dedupe
S3 Compatible
Appliance

NAS Azure Blob

Azure Archive Storage

DAS Google Cloud

... and more

- air-gapped immutability

Policy-driven Backup Data Lifecycle Management

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 5
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

Some Veeam customers seek to implement immutability Other digital hygiene best practices include:
via a double or triple immutability approach. This can include
• Unique passwords for every login source. This way
leveraging the Veeam Hardened Repository for on-premises,
you can ensure that if one password or machine gets
first level backups, then leveraging the immutability capabiltiy
breached, the stolen password won’t give hackers access
in the automatically managed Veeam Capacity Tier with S3
to other accounts.
Object Lock for cloud or on-premises object storage, and/or
automatically writing backups to WORM (write one, read many) • A password manager. A robust password manager can
physical tape media; noting that Veeam natively supports help manage all of your login information, making it
physical tape without the need for third party integrations. easier to create and use strong, unique passwords.

While immutability, whether implemented as a single, double • Multi Factor Authentication (MFA). You can configure
or triple immutable approach is very helpful in remediating multi-factor authentication for additional security of
cyberthreats, it is only the beginning of a comprehensive your accounts, which will require continual secondary
ransomware protection practice. validation at every login.

Encryption end-to-end is needed to fend of data exfiltration. • Remove unused devices, applications and non-essential
Today, one of the fastest rising cyberthreats is data leakage and programs and utilities from all servers.
data exlfiltration, whereby a ransom must be paid in order to
• Patch management — make sure all software, hardware
avoid sensitive data from being shared on the dark web.
and firmware in use are running up-to-date software
Proper authentication, and ‘digital hygiene’ regarding levels that have shored up any known vulnerabilties.
least privilige access, are needed to remediate against
data injection. Data also needs to be protected against
being altered such that records and entries that appear
valid have not been maliciously changed to be invalid.

Immutability alone is not sufficient

Measures to protect your backups
Immutable
Data encryption Modify

Data detection Delete

Encryption

Data exfiltration Read

Authenticate Location

Data injection Access

Offline
Backups
Data threat Destroy

© 2021 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners.

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 6
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

2. Backup Verification

A robust, comprehensive cyber defense strategy always Veeam SureBackup® pioneered automated backup
starts with valid backups. Reliable, verified and tested verification, and it’s a key capability in our ransomware
backups are the first step to any successful recovery resiliency best practices. SureBackup automatically brings up
success. Busy IT teams need a way to automatically servers and applications in a network-isolated environment and
verify the integrity of backup data as backups are taken. executes health checks that include many built in application
If there is any issue, another backup can be taken while verification means, such as executing specific Active Directory
production data is still available, thus ensuring that there or SQL commands to verify application integrity. This
are no issues in data availability that are discovered after automated testing capability can be extended and customized
the production data is no longer available, has been to fit your requirements and can be scheduled to execute
compromised or is deemed to be untrustworthy and when you feel it is most appropriate, sending a status
lacking integrity. report to your mailbox once the testing has concluded.

3. 3-2-1-1-0 Rule

Veeam recommends following the 3-2-1-1-0 backup rule, which This recommendation is imperative for becoming resilient
is our enhancement to the well-known industry 3-2-1 rule. against ransomware.

For many years, Veeam has advocated for the 3-2-1 Rule The modern application to the 3-2-1-1-0 rule addresses
as a general data management strategy. The 3-2-1 Rule the need for the resilient copy requirement and is one
recommends that there should be at least three copies of of the most important concepts that an organization
important data, on at least two different types of media, can implement to be better prepared to fend off and
with at least one of these copies being off site. The 3-2-1 remediate against cyberthreats.
Rule does not dictate or require any specific hardware and is
Offline copies of data are needed to combat insider
versatile enough to address nearly any failure scenario.
threats, including destruction of data. Insider threats
As the threat of ransomware has advanced, Veeam are a rising concern, with some analyst firms stating that
has emphasized that at least the “one” copy of data the majority of cyber threats over the next three years
be resilient (i.e., air-gapped, offline or immutable). could come from employees of the business.

Three different Two different media One offsite copy Of which is: No errors after
copies of data offline air-gapped automated backup
or immutable testing & recoverability
verification

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 7
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

4. Instant Recovery at Scale

Before ransomware, enterprises typically only restored as VMware vSphere, Microsoft Hyper-V, and Nutanix
3-5% of their backed-up data over a one-year time frame. AHV), even migrating from one hypervisor to another
But in a ransomware attack, 100% of your production data automictically, with just two mouse clicks
may be encrypted or contaminated with malware, and you
• Providing the ability to recover physical and virtual files
need to get it all back, fast. Fast access to data is critical,
and servers to a cloud environment (such as AWS, Azure
with the goal being more of a resume than a restore for all
and Google Cloud Platform), with just two mouse clicks
vital operations.
• Providing the ability to instantly recover key enterprise
Veeam pioneered instant recovery of data in 2010 and has
applications, such as Oracle and SQL Server databases for
refined and extended this capability ever since. Today Veeam is
immediate use
optimized to quickly restore multiple machines simultaneously
to handle even the largest enterprise recovery needs. • Providing the ability to rollback entire Network Attached
Storage (NAS) and file shares to a known good, pre-
Veeam delivers instant recovery of data:
infected state so that your business gets back to normal
• Without requiring costly, proprietary appliances or solid- operations quickly
state drives
Instant recovery of data, that can leverage a portable data
• Without being limited to only the most recent
format to deliver cross platform access to data ensure fast
backup data
recovery, when and where you need it. From AHV, Hyper-V,
• Providing the ability to recover physical and virtual or vSphere to physical Windows or Linux, to Azure, AWS or
files and workloads to a virtualized environment (such GCP, the Veeam Platform has you covered.

Instant Recovery by Veeam

Compressed / deduplicated
backup files Instant
1
multi-VM recovery
VMs

Instant
Physical 2
servers disk recovery

Cloud VBR Repository

instances Instant
3
DB recovery

File
shares
Instant
4
Compressed NAS NAS recovery
backup files

© 2020 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners.

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 8
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

5. Secure data recovery

Ransomware dwell times (the time an adversary is on Secure Restore is fully configurable through PowerShell,
a victim’s network before activating an attack) can be many which means that if you automate recovery processes via
months. Because of this, you need automation to ensure a third-party integration or portal, that you are also able to
that you never restore malware back into your cleansed or take advantage of this capability to ensure that threats are
new environment. not reintroduced into your production environment.

One of the versatile aspects of a SureBackup job (described This powerful capability is useful for:
above in item #2) is the ability to leave the job running so
that additional verification and forensics can be performed • Detecting “sleeping” ransomware in backup data and
on the system from the backup restore point. This can invoking anti-virus remediation to disinfect data before it
include doing a manual inspection to see if the ransomware lands back into the production environment
threat is still in place, investigating specific files.
• Verifying backups from locations with less IT control,
Building upon the Instant Recovery capability mentioned such as remote and branch offices (ROBO), prior to
earlier, Veeam integrates with leading anti-malware solutions restoring them into the primary data
to deliver an automated recovery process to check and clean
infected backup data, ensuring that backup data recovered into • Scanning backup data with additional anti-virus solutions
production is free of cyberthreats, eliminating re-infections. to better detect rare or zero-day malware

Veeam Secure Restore provides users an optional, fully As with all Veeam Platform capabilities, implementing
integrated anti-virus scan step as part of any chosen recovery Secure Restore is fast and easy to configure with only
process. This feature addresses the problems associated a couple of mouse clicks:
with managing malicious malware by providing the ability to
assure any of your copy data that you want or need to recover
into production is in a good state and malware free. Secure
Restore was another industry first, patent-pending method
of remediating an attack arising from malware hidden in your
backup data. Secure Restore provides additional confidence
that a threat has been properly neutralized and no longer
exists within your environment.

Veeam DataLabs: Secure Restore

1. Select restore point

3. Anti-virus check

4a. No infections found continue restore

Veeam
Backup & Replication

Backup Mount
repository server 4b. Infection found, proceed to
recovery but disable network
2. Mount disks directly from adapters.
backup file to mount server

Anti-virus software installed

with latest definitions 4c. Infection found; stop restore

©© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners.
2020 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners.
9
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

6. DR Orchestration

Make no mistake, cyberattacks are disasters. In an emergency, Veeam’s industry leading Veeam Disaster Recover
your team needs automated, repeatable results. Your tool set Orchestrator (VDRO) lets you fully automate and
must allow regular tests and audits of how quickly you could document complex workflows, including non-disruptive,
recover from a disaster, including automated testing of server large-scale recovery testing with dynamic documentation.
and application accessibility and usability post-restore. And Incident response/recovery documentation can also be
the testing process and results should be self-documenting updated with non-Veeam information, such as contact lists
to satisfy management and external security auditors. and other mission-critical response information.

Reliable recovery Automated testing Dynamic documentation

• Reliable, scalable orchestration • Non-disruptive • Audit trails

• Application-centric • Scheduled and on-demand • Compliance reporting
• Readiness checks • Built-in change tracking
• Proactive remediation

Most organizations have many types of Business Continuity (BC) plan will improve. The true purpose of a test is to find out if
and Disaster Recovery (DR) plans. Here are a few examples: your plan works or not.
• Application-level failure Cyber resiliency, and ransomware remediation need
• Site-level failure to be part of your overall disaster recovery plan. One
of the clearest ways you can prepare for cyber security
• Infrastructure component failure
incidents is to draw up an incident response plan. Creating
• Mission-critical applications a clearly defined incident response plan will enable you to
• Dev/test applications outline procedures for detecting, communicating, controlling
Much like automated backup verification, such as and remediating security incidents so that employees know
Veeam’s SureBackup, is important in daily backup how to respond to cyber security events in case they happen.
operations, so too is regular testing of your overall cyber Further, this plan needs to be capable of being automatically
resiliency recovery plan. After creating a recovery plan, tested, dynamically updating critical documentation, and
the most important thing you can do is test it. You need to allow for integration with other necessary tools and workflows
know if the plan you put together works. There is a tendency that will ensure resumption of critical business operations.
to not fully test disaster recovery plans, or not test them at
all. At best, most organizations partially test their DR plans
once or twice a year.
Continuous testing is important, especially since applications 1-click site recovery
are constantly changing. To respond to changes and and DR testing
configuration drift, recovery plans must be updated any time
a change is made to an application, such as adding more Veeam Disaster Recovery
servers for additional capacity, or removing older servers. Orchestrator
When testing, be sure to pay special attention to what did
not go as desired. This is the only way your disaster recovery

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 10
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

Conclusion About Veeam Software

A company's data is its most valuable asset; however, ransomware is a rising Veeam® is the leader in backup,
threat for organizations of all sizes, industries and geographic locations that recovery and data management
puts critical data at risk. It is imperative that companies continue to improve solutions that deliver Modern
their security programs to ensure that data is properly and securely protected, Data Protection. We provide
and that robust capabilities are at every organization’s disposal to recover a single platform for cloud,
from an incident quickly and safely. Building a comprehensive security program virtual, SaaS, Kubernetes and
requires the merging of people, processes and technology in ways that focus on physical environments. Our
continuous improvement while providing the best defenses possible. No matter customers are confident their
the methodology companies choose the framework needs to define measurable apps and data are protected
outcomes that allows IT teams to defend against attacks and recover quickly if and always available with
an attack is successful. the most simple, flexible,
reliable and powerful platform
The response to threats like ransomware requires the implementation of
in the industry. Veeam protects
a comprehensive remediation strategy. Veeam’s broad set of ransomware
over 400,000 customers
remediation capabilities provide the most complete set of capabilities on
worldwide, including more than
the market and the most expertise in ensuring data is available during a crisis.
82% of the Fortune 500 and
We do this by taking a software first approach which gives you the flexibility to
over 60% of the Global 2,000.
maintain resilient, immutable storage on premises and in the cloud without being
Veeam’s global ecosystem
locked into proprietary hardware. By following best practices, and deploying
includes 35,000+ technology
Veeam’s modern data protection platform, Veeam can help your organization
partners, resellers and service
achieve digital resiliency which will minimize downtime after a ransomware attack
providers, and alliance partners
using fully automated processes to provide ransomware free restore and DR
and has offices in more than
orchestration no matter where your data resides.
30 countries. To learn more,
No matter if your data resides on premises or in the cloud, having a complete set visit www.veeam.com or
of ransomware remediation capabilities is key. Bringing these best practices into follow Veeam on LinkedIn
your security program simplifies the response to cyber-attacks and avoids data @veeamsoftware and
loss or paying a costly ransom. Twitter @veeam.

Veeam Products for Your Ransomware Remediation Practice

Veeam products for your ransomware remediation practice

• Veeam Backup & Replication

• Veeam ONE

• Veeam Disaster Recovery Orchestrator

• Veeam Backup for AWS, Azure, and Google Cloud Platform

• Veeam Backup for Microsoft Office 365

• Kasten K10 by Veeam

More information regarding Veeam’s ransomware capabilities can be found

at this dedicated web site: https://www.veeam.com/ransomware-protection.html.

A detailed, long form technical white paper of ransomware best practices and
in-depth coverage of Veeam’s cybersecurity capabilities is available at:
https://www.veeam.com/wp-protection-yourself-from-ransomware.html?wpty.

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 11
Ransomware: 6 Capabilities Enterprises Need for Rapid Recovery

About the Authors

Dave Russell is a 32-year veteran in the storage industry, serving
as Veeam’s Vice President of Enterprise Strategy, responsible for
driving strategic product and go-to-market programs, spearheading
industry engagement and evangelizing Veeam’s vision for Modern
Data Protection. Prior to Veeam, he held the role of Vice President
and Distinguished Analyst at Gartner for 13 years and spent 15 years
at IBM in product development for mainframe & open systems
backup/recovery.

Jeff Reichard is Senior Director of Enterprise Strategy at Veeam, where

he focuses on risk, compliance, and partnerships. Jeff has 25 years of
experience in data protection/availability, business continuity, and
regulatory compliance solutions. His previous roles have ranged from
designing SAN and data backup solutions to systems engineering and
engineering leadership serving public sector and enterprise customers.
Prior to Veeam, Jeff most recently led Commvault’s federal civilian
SE team. At Veeam, Jeff works with partners, customers and industry
analysts to evangelize Veeam’s vision for cloud data management and
digital transformation.

Chris’ career has been deeply rooted in cyber security with over
15 years of diverse technical experience. He is currently driving
the Security and Data Protection Marketing effort at Veeam. Before
joining the team, Chris has held various engineering, sales, and
product management roles. During his career, he’s helped numerous
organizations manage cyber risks by designing solutions that align with
industry frameworks, programs, and compliance mandates.

i https://www.infosecurity-magazine.com/news/cybersecurity-skills-shortage-1/

ii Technical certifications for immutable storage came in response to the world of financial industry
regulation. Numerous government rules are designed to ensure that regulated organizations retain unaltered
copies of financial records for a prescribed time (for example in the US, see SEC Rule 17a-4(f), FINRA Rule
4511 and CFTC Rule 1.31 (c)-(d)). Fortunately, the same control certifications that guarantee financial probity
can also guarantee undeletable and unalterable backup data.

iii See https://www.veeam.com/blog/hardened-repository-passes-compliance.html for the recent

compliance certifications of Veeam’s Hardened Linux Repository

© 2022 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. 12