Ransomware, Kubernetes, and security were just some of the key themes at the Veeam 2023 conference.
This week Veeam is holding its annual user event, VeeamON, in Miami, FL. This is the 9th year that Veeam has held the event, and attendance has steadily grown as Veeam’s customer base has enlarged.
Headcount this year topped 16,000 people, an impressive number for a company not even two decades old. This is also the first year that Veeam will be hosting the event as the backup and recovery market leader. At VeeamON 2022, IDC predicted Dell would be fractions of a percentage point ahead of Veeam. But in the second half of 2022, Veeam experienced 8.1% YoY growth while Dell shrank 2%, putting Veeam in the pole position.
Backup and recovery certainly doesn’t have the same sex appeal and sizzle as some other technology categories, such as AI or collaboration. Still, it remains important as data remains the lifeblood of companies.
Digital transformation, AI, customer experience, collaboration, and other trends have one thing in common: they rely on the organization’s effective data backup and recovery strategy – a critical process that most companies do not do well.
Given the struggles organizations have with backup and recovery, there is lots of room for innovation, so I was looking forward to what Veeam had in store for the show. Below are my top five takeaways from the show.
Simplicity Wins
Like many vendors, if one asks Veeam about its differentiators, you’ll likely get a laundry list of technical advantages. While Veeam does have a leg up in several areas, such as Kubernetes, its big differentiator is that the product is easy to use, particularly in data recovery.
I’ve often said that this industry is filled with vendors that do a great job of backing up data, but the recovery process is slow and error-prone. Veeam CTO Danny Allan echoed this during his keynote when he stated that backup was pointless without the ability to recover, and Veeam does that better than anyone.
At the event, Kim LaGrue, CIO of the City of New Orleans, talked about her experience with Veeam. I asked her post-keynote why she chose Veeam, and she said that the operator console was easy to use and intuitive, making recovering files fast and easy.
During his keynote, Veeam CEO Anand Eswaran cited an IDC study that found that Veeam recovers data from AWS, Azure, and GCP 5x faster than any other solution, and that translates into significant operations savings as well as better business continuity.
Backup and Recovery Combats Ransomware
How to handle ransomware? That is certainly the question for many organizations today. Some companies have a policy to pay it, particularly if they have good insurance. Others may keep Bitcoin on hand to pay the ransom when their organization is hit. Other organizations may choose not to pay and deal with the consequences when it happens.
At the event, Veeam released its ransomware report, which showed that insurance companies paid 77% of ransoms, but 74% of companies saw an increase in premiums, and 43% saw their deductible go up.
Relying on insurance is becoming increasingly expensive, which may only be a viable route for a short while longer. The best approach is to have a proven and tested backup and recovery strategy that can quickly restore the organization’s information and get things back to normal operations.
During her time on stage, New Orleans’ LaGrue talked about how, by using Veeam, the city can now recover its full data set in a day or two, removing any advantage a fraudster may have when seeking a ransom payment. One important point is that when data is recovered, it must also be analyzed and cleaned so as not to reinstate the initial cause of the breach, which can then cause another ransom event.
In sum, backup and recovery preparedness is the best, fastest, and most cost-effective way to combat ransomware.
Security Operations Should Focus on Backup and Recovery
Cybersecurity is going through its own modernization process. Companies are implementing zero trust, SSE, multi-factor authentication, XDR, SOAR, and other technologies to prevent breaches.
Yet no matter how good the technology is and how smart the engineers are, breaches happen, and the question is, what happens then?
The security team should ensure that if a threat does slip through all the cyber protection and the company is breached, the right backup and recovery solution is in place to ensure operations can be restored quickly.
Typically, backup would fall under the CIO, and security would be the responsibility of the CISO, but these organizations must work together. This would open a new set of technology partners for Veeam and the backup and recovery industry, so I’m hoping to see more from Veeam here.
Kubernetes is the Next Frontier for Veeam
At VeeamON, the company announced version 6.0 of its Kasten K10 product, which is used for Kubernetes data protection. New features in the latest version include:
- Enterprise-grade ransomware protection for Kubernetes via suspicious activity detection capabilities, which provides immutable backups enabling instant recovery. This new release also extends threat detection capabilities by logging all events into Kubernetes Audit natively.
- Scale and efficiency improvements. The new version includes an application fingerprinting feature to enable newly deployed stateful applications to be automatically mapped to specific blueprints to achieve proper data consistency. This can reduce the risk and minimize complexity allowing for faster scaling of the environment.
- Cloud-native expansion. Kasten K10 now supports Kubernetes 1.26, Red Hat OpenShift 4.12, and Amazon RDS allowing for better interoperability. Veeam also added hybrid support on Google Cloud and cross-platform restore targets for VMware Tanzu and Cisco Hybrid Cloud.
Kasten is currently a small part of Veeam’s overall business, but as companies move to cloud-native application design, this should be its fastest-growing area.
Veeam Helps with Cloud Repatriation
During his keynote, CTO Allan talked about Veeam’s core tenets, one of which is data freedom.
The Veeam platform was designed to enable customers to back up data in one place and restore it elsewhere, which is necessary for disaster situations. As an example, in the event of a natural disaster, a company may choose to restore its private cloud to a public cloud temporarily while the physical facility is not available.
Over the past year or so, I’ve talked to many companies that have moved data and workloads to the cloud, but the cost of the service has grown to the point where they want to bring them back on-prem. Veeam’s ability to move data from one environment to the other can provide customers with a fast and cost-effective way of repatriating workloads and data back in-house.
On an earlier call with analysts, Danny Allan stated that Veeam is and will remain, unapologetically, a backup and recovery vendor, and that seems to be serving the company well. Too often, tech vendors want to jump on the latest bandwagon, and that derails them from their core competency.
Even in ransomware recovery, Veeam is steadfast in its statement that it’s not a security company, although it can play a key role in recovering from a breach. As I stated earlier, backup and recovery are hard to do well. Veeam’s focus on being the best at what it does, regardless of compute model or data type, has served its customers well – and will continue to – as distributed organizations put more data and workloads in more places.