Two person control for certain operations

[brucquat]

Hello,

I would like to know if Veeam has foreseen in the future a 'Two person control' feature.
In other words, a 2nd backup administrator account is required to approve certain actions on the backup environment (eg deleting backup, config adjustment,…).

Thanks

[Mildur]

Hi brucquat

Thanks for the question.
It is not on our roadmap for one of the next versions. But thanks for the request.
Can you explain your scenario why you need such a feature?

From my opinion I see two situations where a "two person control feature" doesn't give you any benefits. Backup files can be deleted on non immutable storage without a second admin. And the configuration can be changed by an SQL administrator inside the database. In both cases, a two person control feature wouldn't help.

Instead of using a 'Two person control' feature for the backup deletion you could use immutable or air gapped backup storage.
Config adjustments can be monitored with Veeam One and in case an attacker changed something, you can restore the configuration backup to the healthy state of the config.

Thanks
Fabian

[brucquat]

Sometimes, the question is posed in some RFPs. But I will provide your arguments which are really valuable! Many thanks.

[vmtech123]

Well, i guess for us, we have physical Veeam boxes that are not network attached. Our SQL is domain joined. If somehow the Veeam server was compromised it doesn't mean the SQL server has been. Or the SAN.

I supposed someone could go delete the backups still, but then I could say it would idiot proof Veeam from ourselves from accidently deleting a job / backup at 4AM using the GUI. Or if someone left their PC on with the client up.

I could see some reasons for having it, but I also see it not being the end all be all of security.

[Mildur]

Thank you both for explaining.

Or if someone left their PC on with the client up.

Veeam V12 will bring an "Auto-Logoff feature". That should help