Increasing Operational Efficiency With Kasten K10 V6.0

Image
We are excited to announce the release of Kasten K10 version 6.0, the latest and most advanced version of our industry-leading platform that provides enterprise-grade Kubernetes data protection and application mobility. This release helps customers scale their cloud native data protection efficiently. Kubernetes deployments are growing at an unprecedented rate. Gartner predicts that by 2027, more than 90% of global organizations will be running containerized applications in production. However, today’s market conditions are scarred with financial uncertainty and a shortage of cloud native skills. Therefore, you must ensure operational efficiencies are in place to unleash the full potential of your cloud native environments while protecting your data. Additionally, security remains an imperative as organizations focus on keeping their businesses running. With this release, we also continue to innovate in this growing ecosystem, so that you can take advantage of the best-of-breed inn...
Post a Comment

Software Security Certifications: A Primer and Update

Security is becoming increasingly critical as the world becomes more digital and interconnected. Security is paramount at Veeam Software. We understand the importance of maintaining the highest level of security to protect our customers’ information. We are pleased to announce that we are undergoing Common Criteria certification, DoDIN APL certification, CMMC v2 and Independent Verification & Validation (IV&V) to enhance our products’ security measures.

What Is Common Criteria Certification (IV&V)?

Common Criteria is an internationally recognized standard for evaluating the security of information technology products. It involves rigorous testing and evaluation to ensure our products meet specific security standards. Common Criteria certification is recognized by over 30 countries worldwide, making it a highly sought-after certification for companies that do business globally.

What Is DoDIN APL?

The Department of Defense Information Network (DoDIN) Approved Products List (APL) is a list of products that have been evaluated and approved for use in the DoDIN. The DoDIN APL is managed by the Defense Information Systems Agency (DISA) and is used by the Department of Defense (DoD) to ensure that products meet strict security requirements.

What Is CMMC v2?

The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for assessing the cybersecurity posture of the defense industrial base (DIB). The CMMC v2 is the latest version of the standard, and it provides a comprehensive framework for measuring a company’s security capabilities and processes.

What is Independent Verification & Validation?

Independent Verification & Validation (IV&V) is a process that verifies and validates the performance, functionality and security of software applications. The IV&V process involves a third-party organization that is independent of the development team to perform testing and evaluation of the software.

What Is the SSDF?

The System and Software Development Framework (SSDF) is a comprehensive framework for developing secure systems and software. The framework provides guidance on how to design, develop and test software to ensure that it meets specific security standards.

Why Are These Certifications Important?

Certifications are critical because they demonstrate a company’s commitment to security and provide assurance to customers that products meet specific security standards. Certifications also help companies comply with regulatory requirements and industry standards, which is essential for companies that deal with sensitive data.

For Veeam Software, these certifications are vital because our customers deal with data backup and recovery. We ensure the highest levels of security in our product development standards to protect our clients and their customers or business information. By achieving these certifications, Veeam demonstrates that we take security seriously and continuously strive to improve our products’ security.

What Is FIPS 140-2?

The Federal Information Processing Standards (FIPS) Publication 140-2 is a U.S. government standard that specifies the security requirements for cryptographic modules used in electronic devices. The standard defines four levels of security, with Level 4 being the highest. FIPS 140-2 Level 2 certification requires that the module undergoes physical security testing to ensure that it can resist attacks.

What Is SOC Type 2?

SOC 2 is a type of report that evaluates a company’s information systems security, availability, processing integrity, confidentiality and privacy. The report is based on the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria and is conducted by an independent third-party auditor.

What Is ISO 27001?

ISO 27001 is an international standard that specifies the requirements for an information security management system (ISMS). The standard provides a systematic approach to managing sensitive information so that it remains secure. ISO 27001 certification involves a comprehensive review of a company’s security policies, procedures and controls.

Why Did We Pursue These Certifications?

At Veeam Software, we understand that our customers’ trust is critical and take security seriously. Pursuing these certifications was a natural step for us to demonstrate our commitment to security and ensure we meet the highest standards possible.

We have completed FIPS 140-2, SOC Type 2 and ISO 27001 certifications to reinforce our commitment to security. In addition, we are implementing the System and Software Development Framework (SSDF) to enhance our software development practices to ensure that our products meet the highest security standards.

We understand that security is an ongoing process, and we are continuously evaluating and improving our security measures to ensure that we meet the evolving security needs of our customers. We are committed to maintaining the highest levels of security and providing our customers with the peace of mind that comes with knowing their data is secure.

Veeam is proud to be undergoing Common Criteria certification, DoDIN APL, CMMC v2 and Independent Verification & Validation (IV&V) to enhance security measures. These are only a few of the certifications Veeam is pursuing. Veeam is committed to security and our customers, and we will continue to evaluate and improve our security measures to provide the highest level of security possible.

The post Software Security Certifications: A Primer and Update appeared first on Veeam Software Official Blog.



Original post here: Software Security Certifications: A Primer and Update

Comments

Post a Comment

Popular posts from this blog

How to use a SOBR with Veeam Backup & Replication

Image
For those of us who have been in the business of backing up data for a while, we’re used to making copies of data on different types of media. I won’t date myself by mentioning reel-to-reel tapes, but the journey started with tape and then backing up data to block/file-based disk storage came along. More recently, a new kid on the block has become a popular destination for backed up data, object storage. Veeam started to use object storage as a target when we released Veeam Backup & Replication 9.5 Update 4 in January 2019 by introducing our use of AWS S3 compliant object storage via the Capacity Tier. A year later, we launched Veeam Backup & Replication v10 which featured support for object locking to provide data immutability for object storage. Immutability provides protection from ransomware attacks by locking the objects which prevents them from being modified or deleted by malicious software or humans. Today, Veeam Backup & Replication is protecting hundreds of petab...
Read more

How To Migrate a Veeam Backup & Replication Configuration Database to PostgreSQL

Image
Before Veeam Backup & Replication v11, the product used SQL Server to create and store its configuration database. It has always been possible to use SQL Server Express to store a Veeam Backup & Replication, however, this version of SQL Server had some critical limitations. In the 2022 version of SQL Server Express, the most relevant limitations were: Use of one socket or four cores Use of only 1.4GB per instance 10GB limit for databases In an environment of 500 machines or fewer, these limitations may not have an impact, but if you have a large backup environment, you had to migrate to one of the paid SQL Server versions to avoid these limitations. You can check the limits for each version of SQL Server 2022 by clicking this link . For V12 and with scalability, performance and licensing cost in mind, Veeam introduced the possibility of using PostgreSQL as a configuration database. PostgreSQL is a relational database management system that’s been used for over 35 years...
Read more

Use Snapshots to backup SMB File Shares on your NetApp ONTAP system

Image
update notice: The information in this blog post has been updated on April 1st, 2022. Since Veeam Backup & Replication version 10, it’s possible to back up NAS shares with the SMB (CIFS) and NFS protocol. One of the challenges with backing up large file shares is doing so in a consistent state. This blog post shows how to create a consistent backup of an SMB share hosted on a NetApp ONTAP based storage. NetApp storage snapshot, Microsoft VSS snapshot or Storage Integration? Veeam offers three ways to back up a NetApp ONTAP SMB share in a consistent state. With NetApp storage integration From a NetApp storage snapshot (without integration) With Microsoft remote VSS snapshot Using the storage integration is the easiest way to get the latest state with very few configuration steps. Using an alternative snapshot path allows complex scenarios like backing up from a SnapMirror/SnapVault location but it involves scripting or a schedule on NetApp to create and delete t...
Read more