Veritas Cyber Strategy—Secure by Ecosystem

BlogHeroImage

We know security is a multi-player, multi-discipline team sport. You can’t go at it alone. Your environment already has multiple solutions to ensure your security posture. We hear that organizations use between 25 and 75 solutions, ranging from front-line intrusion prevention all the way to long-term, off-site storage protection. That’s a lot to manage.

At Veritas, we want to provide you with complete control across your data infrastructure, wherever it lives. That means that we’ve built our solutions to be Secure by Design and Secure by Default. And because we believe that integration with your existing solutions is critical, we also build our solutions to be secure with leading industry partners.

The Veritas 360 Defense architecture uniquely brings together data protection, data security, and data governance with an ecosystem of partners. This ensures that our solutions can interoperate with your tools and processes so you can secure your business.

Here are some of the kinds of partners we work with today.

Identity and Access Management

By implementing strong access controls and monitoring mechanisms, you can significantly strengthen your overall cybersecurity posture and safeguard your critical assets. This includes effective access management, ensuring that only authorized individuals can access sensitive systems, data, and resources. It also plays a vital role in maintaining the confidentiality and privacy of sensitive data.

As a first line of defense, you want to ensure that only verified users can access resources. Veritas uses the SAML 2.0 Single Sign-On open standard, which means we work with trusted vendors and solutions including Entra ID (Azure Active Directory), IBM, Okta, Ping Federate, and the open-source Shibboleth.

Along with verified user access, you want to be sure to manage privileged account access. We rely on CyberArk Privileged Access Management and Central Policy Manager to completely guard Veritas appliances. This helps with identify management and makes it more difficult for threat actors to penetrate a network and obtain privileged accounts. Your backup and recovery teams can share administrative responsibilities without sharing passwords or accounts. And you can enable functionality like changing the password between every login or using adaptive multifactor authentication (MFA), which provides more ways to spot and mitigate anomalous user and device behaviors.

Access management data and logs play a critical role in incident response and forensic investigations in the event of a cybersecurity incident. These systems provide valuable information about user activities, authentication attempts, and authorization decisions. The data aids in identifying the source of an incident, understanding the extent of the breach, and taking appropriate remedial actions. Not only is the information useful for post-incident forensics, but you can use it to prove adherence to your controls to an auditor.

Active Directory

Active Directory is the most common first point of attack because it’s the identity system for users and machines — and it includes your global policies for Windows. It’s often part of a cyber-attack because threat actors can use it to add users or change critical policies. During a recovery, you need to bring back AD first. But how do you know someone hasn’t made risky changes to your configuration? Our integrated solution with Semperis enables fine-grained recoverability of an AD configuration that spots and mitigates risks.

Detection

Anomalous activity may be the first sign of an attack. Your security operations (SecOps) team is likely using SIEM, SOAR, and/or XDR to collect signals and indicators to find new threats. Veritas has integrated with all three to connect primary infrastructure with the backup and recovery or secondary infrastructure. This includes data-related events like malware or anomalies in backups. We also detect anomalous user behavior, so that if there’s an administrative credential theft, you can stop a malicious insider who is trying to delete backups or access data to which they aren’t entitled. We have standard integrations with Microsoft Sentinel and Splunk, and will add more. And nearly any event management system can get data from our standard log-forwarding interfaces. 

Veritas 360 Defense in NetBackup includes simple workflows to scan for malware and anomalies that might indicate maliciously encrypted data in the backup set. This prevents you from restoring infected data. We work alongside Symantec, Microsoft Defender, and OEM NetBackup Malware Scanner (Avira) to ensure you can confidently recover when needed. We’ll add more scanners in future releases.

Veritas 360 Defense

Protecting your organization’s data and applications can feel like a daunting task. With the Veritas hybrid, multi-cloud platform and our ecosystem of partners, you can manage and protect across all workloads and environments.

Learn more about the Veritas 360 Defense and the companies in our security and technology partner ecosystem.

blogAuthorImage
Tim Burlowski
Global Lead Cyber Resilience and Data Protection Strategy