Increasing Operational Efficiency With Kasten K10 V6.0

Image
We are excited to announce the release of Kasten K10 version 6.0, the latest and most advanced version of our industry-leading platform that provides enterprise-grade Kubernetes data protection and application mobility. This release helps customers scale their cloud native data protection efficiently. Kubernetes deployments are growing at an unprecedented rate. Gartner predicts that by 2027, more than 90% of global organizations will be running containerized applications in production. However, today’s market conditions are scarred with financial uncertainty and a shortage of cloud native skills. Therefore, you must ensure operational efficiencies are in place to unleash the full potential of your cloud native environments while protecting your data. Additionally, security remains an imperative as organizations focus on keeping their businesses running. With this release, we also continue to innovate in this growing ecosystem, so that you can take advantage of the best-of-breed inn...

Software Security Certifications: A Primer and Update

Security is becoming increasingly critical as the world becomes more digital and interconnected. Security is paramount at Veeam Software. We understand the importance of maintaining the highest level of security to protect our customers’ information. We are pleased to announce that we are undergoing Common Criteria certification, DoDIN APL certification, CMMC v2 and Independent Verification & Validation (IV&V) to enhance our products’ security measures.

What Is Common Criteria Certification (IV&V)?

Common Criteria is an internationally recognized standard for evaluating the security of information technology products. It involves rigorous testing and evaluation to ensure our products meet specific security standards. Common Criteria certification is recognized by over 30 countries worldwide, making it a highly sought-after certification for companies that do business globally.

What Is DoDIN APL?

The Department of Defense Information Network (DoDIN) Approved Products List (APL) is a list of products that have been evaluated and approved for use in the DoDIN. The DoDIN APL is managed by the Defense Information Systems Agency (DISA) and is used by the Department of Defense (DoD) to ensure that products meet strict security requirements.

What Is CMMC v2?

The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for assessing the cybersecurity posture of the defense industrial base (DIB). The CMMC v2 is the latest version of the standard, and it provides a comprehensive framework for measuring a company’s security capabilities and processes.

What is Independent Verification & Validation?

Independent Verification & Validation (IV&V) is a process that verifies and validates the performance, functionality and security of software applications. The IV&V process involves a third-party organization that is independent of the development team to perform testing and evaluation of the software.

What Is the SSDF?

The System and Software Development Framework (SSDF) is a comprehensive framework for developing secure systems and software. The framework provides guidance on how to design, develop and test software to ensure that it meets specific security standards.

Why Are These Certifications Important?

Certifications are critical because they demonstrate a company’s commitment to security and provide assurance to customers that products meet specific security standards. Certifications also help companies comply with regulatory requirements and industry standards, which is essential for companies that deal with sensitive data.

For Veeam Software, these certifications are vital because our customers deal with data backup and recovery. We ensure the highest levels of security in our product development standards to protect our clients and their customers or business information. By achieving these certifications, Veeam demonstrates that we take security seriously and continuously strive to improve our products’ security.

What Is FIPS 140-2?

The Federal Information Processing Standards (FIPS) Publication 140-2 is a U.S. government standard that specifies the security requirements for cryptographic modules used in electronic devices. The standard defines four levels of security, with Level 4 being the highest. FIPS 140-2 Level 2 certification requires that the module undergoes physical security testing to ensure that it can resist attacks.

What Is SOC Type 2?

SOC 2 is a type of report that evaluates a company’s information systems security, availability, processing integrity, confidentiality and privacy. The report is based on the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria and is conducted by an independent third-party auditor.

What Is ISO 27001?

ISO 27001 is an international standard that specifies the requirements for an information security management system (ISMS). The standard provides a systematic approach to managing sensitive information so that it remains secure. ISO 27001 certification involves a comprehensive review of a company’s security policies, procedures and controls.

Why Did We Pursue These Certifications?

At Veeam Software, we understand that our customers’ trust is critical and take security seriously. Pursuing these certifications was a natural step for us to demonstrate our commitment to security and ensure we meet the highest standards possible.

We have completed FIPS 140-2, SOC Type 2 and ISO 27001 certifications to reinforce our commitment to security. In addition, we are implementing the System and Software Development Framework (SSDF) to enhance our software development practices to ensure that our products meet the highest security standards.

We understand that security is an ongoing process, and we are continuously evaluating and improving our security measures to ensure that we meet the evolving security needs of our customers. We are committed to maintaining the highest levels of security and providing our customers with the peace of mind that comes with knowing their data is secure.

Veeam is proud to be undergoing Common Criteria certification, DoDIN APL, CMMC v2 and Independent Verification & Validation (IV&V) to enhance security measures. These are only a few of the certifications Veeam is pursuing. Veeam is committed to security and our customers, and we will continue to evaluate and improve our security measures to provide the highest level of security possible.

The post Software Security Certifications: A Primer and Update appeared first on Veeam Software Official Blog.



Original post here: Software Security Certifications: A Primer and Update

Comments

Popular posts from this blog

How to use a SOBR with Veeam Backup & Replication

How To Migrate a Veeam Backup & Replication Configuration Database to PostgreSQL

Use Snapshots to backup SMB File Shares on your NetApp ONTAP system