Veeam is introducing its Zero Trust Data Resilience (ZTDR) model in partnership with Numberline Security. This zero-trust model with new principles and reference architecture specifically addresses cybersecurity risks to backup and recovery data.
The ZTDR model, now developed by Veeam in collaboration with Numberline Security, is an extension for backup and recovery of the existing CISA Zero Trust Maturity (ZTM) model. With this ZTM principles will be part of the security of data backup and recovery systems.
Zero-trust for backup and recovery data is much needed, according to the specialists. Until now, most zero-trust environments have not had security options for backup and recovery systems even though this data is often the primary target of ransomware attacks.
Backup and recovery data are still vulnerable
Backup and recovery systems are often the victims of (ransomware) attacks because of a large attack surface, according to specialists in this area. This is because of their large “read and write” access to virtually all corporate IT environments. From on-premises to (multi)cloud environments.
In the CISA ZTM model, zero-trust for data is one of the five pillars, but it lacks specific attention to backup and recovery data. Attention is only given to data inventory management, data categorization, data availability, data access and data encryption.
Additional principles for the ZTM model
Veeam and Numberline Security are now extending this specific CISA focus with an extension to specifically backup and recovery data. This introduces new principles and, most importantly, a reference architecture as an addition to the “old” ZTM model.
Specifically, ZTDR adds five new principles to the “data pillar” of the ZTM model. These are least privilege access, immutability of data, resilience of backup and recovery systems, proactive validation and operational simplicity.
New ZTDR reference architecture.
To implement the model, a ZTDR reference architecture with two features was developed. First, there is the segmentation between backup software and its intended storage layers to create different so-called resilience zones. This should limit the attack surface and reduce the impact of any (ransomware) attacks.
The second feature is that all stored backup data is ‘immutable’. In this way this data cannot be modified in case of any (ransomware) attack or deleted.
More information about this new ZTDR model for backup and recovery data from Veeam and Numberline Security is available here.