- 
				ruidc
- Influencer
- Posts: 10
- Liked: never
- Joined: Feb 26, 2015 7:52 am
- Full Name: Rui Da Costa
- Contact:
Encryption and security in the Cloud
I'd like to clarify two questions:
1. A representative from our cloud service provider has told me that despite having encryption turned on for our backup job, upon replicating to the cloud, the data stored on their side is in the clear, this is contradictory to what i see in the encryption white paper, can anyone confirm the truth?
2. The only thing keeping us from accessing our backups in the cloud is a username+password pair, again the cloud service provider suggested that something like two-factor authentication (eg. a one-time-password) would need to be incorporated by Veeam as a future feature, is this correct?
Thanks in advance,
R
			
			
									
						
										
						1. A representative from our cloud service provider has told me that despite having encryption turned on for our backup job, upon replicating to the cloud, the data stored on their side is in the clear, this is contradictory to what i see in the encryption white paper, can anyone confirm the truth?
2. The only thing keeping us from accessing our backups in the cloud is a username+password pair, again the cloud service provider suggested that something like two-factor authentication (eg. a one-time-password) would need to be incorporated by Veeam as a future feature, is this correct?
Thanks in advance,
R
- 
				foggy
- Veeam Software
- Posts: 21182
- Liked: 2164 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Encryption and security in the Cloud
Hi Rui, how do you replicate data to the cloud? If you're using backup copy job, you can enable encryption on them.
			
			
									
						
										
						- 
				Vitaliy S.
- VP, Product Management
- Posts: 27700
- Liked: 2909 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: Encryption and security in the Cloud
Cannot comment on the future releases, but two-factor authentication is, indeed, would be a good feature to have.
			
			
									
						
										
						- 
				ruidc
- Influencer
- Posts: 10
- Liked: never
- Joined: Feb 26, 2015 7:52 am
- Full Name: Rui Da Costa
- Contact:
Re: Encryption and security in the Cloud
thanks for the replies:
1. No, job is implemented via replication so VMs can be started in partial or full failover on cloud infrastructure. Given this setup, what would be the encryption status of my replicas?
2. but is it something that can be implemented by the cloud provider or does it need to be by the Veeam product?
Regards,
R
			
			
									
						
										
						1. No, job is implemented via replication so VMs can be started in partial or full failover on cloud infrastructure. Given this setup, what would be the encryption status of my replicas?
2. but is it something that can be implemented by the cloud provider or does it need to be by the Veeam product?
Regards,
R
- 
				foggy
- Veeam Software
- Posts: 21182
- Liked: 2164 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Encryption and security in the Cloud
Replication jobs do not use encryption and replicas are stored in their native format (otherwise hypervisor will not be able to access/manage this VM), so unencrypted. You should look at some datastore encryption solution or enable permissions control to the datastore.
			
			
									
						
										
						- 
				Vitaliy S.
- VP, Product Management
- Posts: 27700
- Liked: 2909 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: Encryption and security in the Cloud
It depends. For example, if service provider has its own portal, then he might already have this feature. If not, then it has to be done on Veeam side.ruidc wrote:but is it something that can be implemented by the cloud provider or does it need to be by the Veeam product?
- 
				ruidc
- Influencer
- Posts: 10
- Liked: never
- Joined: Feb 26, 2015 7:52 am
- Full Name: Rui Da Costa
- Contact:
Re: Encryption and security in the Cloud
Can you elaborate or point me at some relevant documentation?foggy wrote:You should look at some datastore encryption solution or enable permissions control to the datastore.
- 
				ruidc
- Influencer
- Posts: 10
- Liked: never
- Joined: Feb 26, 2015 7:52 am
- Full Name: Rui Da Costa
- Contact:
Re: Encryption and security in the Cloud
but if i connect from veeam console to set up the service provider, the service provider could theoretically add 2FA there?Vitaliy S. wrote:It depends. For example, if service provider has its own portal, then he might already have this feature. If not, then it has to be done on Veeam side.
- 
				foggy
- Veeam Software
- Posts: 21182
- Liked: 2164 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Encryption and security in the Cloud
I cannot elaborate on the particular solution, but Google says there're some that implement VMs encryption that is transparent both to the hypervisor and VM itself.ruidc wrote:Can you elaborate or point me at some relevant documentation?
- 
				Vitaliy S.
- VP, Product Management
- Posts: 27700
- Liked: 2909 times
- Joined: Mar 30, 2009 9:13 am
- Full Name: Vitaliy Safarov
- Contact:
Re: Encryption and security in the Cloud
Theoretically - yes, that's a possibility.ruidc wrote:but if i connect from veeam console to set up the service provider, the service provider could theoretically add 2FA there?
- 
				dellock6
- Veeam Software
- Posts: 6208
- Liked: 1995 times
- Joined: Jul 26, 2009 3:39 pm
- Full Name: Luca Dell'Oca
- Location: Varese, Italy
- Contact:
Re: Encryption and security in the Cloud
If you are talking about Veeam Cloud Connect (it seems so by reading the thread...) then native accounts in VCC only have username and password. 2FA can be applied to a custom portal for self-service, but as of today the account login to Veeam Cloud Connect is username/password.ruidc wrote:but if i connect from veeam console to set up the service provider, the service provider could theoretically add 2FA there?
Luca
Luca Dell'Oca
Principal EMEA Cloud Architect @ Veeam Software
@dellock6
https://www.virtualtothecore.com/
vExpert 2011 -> 2022
Veeam VMCE #1
			
						Principal EMEA Cloud Architect @ Veeam Software
@dellock6
https://www.virtualtothecore.com/
vExpert 2011 -> 2022
Veeam VMCE #1
Who is online
Users browsing this forum: No registered users and 37 guests