Security of uploaded files during Support Call ( aws )

hirratas · Post by **hirratas** » Dec 29, 2022 11:44 am this post

Hello
when I upload files to a veeam support case it is being uploaded to aws and is available with a url.
This url can be accessed by anyone if he has this url (or was able to construct it) from anywhere and I can not check if and by whom the file has been downloaded.

Is this correct?
If yes, is there another way to send a file to veeam support. I think it makes sense that the file can only be accessed by the case handler (or his veeam account).

Because the files can contain sensitive information.
Thanks

Post by **Mildur** » Dec 29, 2022 12:37 pm this post

Hi Hirratas

Yes, if someone has access to this random generic URL or can create the URL with the file name and correct signature, he can access the logs.

As an alternative, please use SFTP to Veeam's own FTP Server (on demand access). While the SFTP link is publicly available, you would need credentials to access the content of the FTP folder. https://www.veeam.com/kb1661

Please see also this document which explains the different methods:
https://www.veeam.com/processing_of_sen ... ort_ds.pdf

Thanks
Fabian

hirratas · Post by **hirratas** » Dec 29, 2022 12:40 pm this post

Ok, thanks. I will use sftp next time.

R&D Forums

Security of uploaded files during Support Call ( aws )

Re: Security of uploaded files during Support Call ( aws )

Re: Security of uploaded files during Support Call ( aws )

Who is online