Ransomware Insurance Requirements in Backup Design

When ransomware insurance was first launched the requirements on the customer side were quite low. But as the successful attacks mount up and the providers margins shrink due to continued successful attacks, the requirements are becoming more and more strict.

Now as part of the sign up or renewal process a security questionnaire is required and as with home or car insurance the more alarms, immobilizers and monitored security systems that are in place the better the rate you will be quoted for protection. If none of these safe guards are in place insurance providers might not offer cover at all.

From a backup and recovery point of view this means that what used to be on the nice to have list is now more increasingly becoming must haves.

The backup protection now must have the following in place to qualify

 Data Protection:Routine, tested, and verifiable offline or "immutable" backups that cannot be altered or deleted by ransomware, ensuring restorability.

We all now know that immutability was not even a word most organisations used or knew of a few years ago.

Since then immutability has become a must have in almost every single design for a backup solution. Most companies initially solved this by using a cloud based backup copy, this gave the customer an immutable solution for no upfront investment on a cost per use basis. Which works at the start. But as data footprint increases and retention requirements become more enforced this cost grows.

                  While cloud copies gave companies an immutable copy to tick that compliance or insurance tick box. The  primary on-prem backup location was left as a standard repository with no immutability.  Time is moving on, most backup solutions are due for a refresh now and more increasingly the requirement is to have robust immutability on all copies of backup data. Faster recovery from local backups instead of cloud, and MFA in place along with fully tested backup recovery.

Systems like SureBackup are fantastic for testing recoverability automatically and providing a lab testing environment for the ever increasing patch Tuesday load.

But these lab systems and automatic test restores work best from local backup repositories so having primary immutable storage is key.

Veeam’s move in v13 to an all Linux solution is a great way to make the backup solutions less reliant on Windows, and also allows Linux backup storage appliances for native immutability that can tick the box for “tested and verifiable” using local SureBackup testing and automated reporting.

This really helps with the security questions from both auditors and insurance companies.


SureBackup is a Veeam feature that allows customer to automatically boot up backed up servers inside a sandbox segregated environment running from the backup storage. Allowing the customer to fully test the validity of the servers is a safe location away from the production systems.

SureBackup then runs these tests on a scheduled basis and provides test reports showing exactly what servers were tested and what the results are.

Along with SureBackup and advancements in Veeam Linux capabilities, a Local Immutable Linux repository gives the customer a hardened, Immutable, Tested, Verified and Secure backup solution providing the answers to those ransomware insurance requirements that are now all too common.

The Veeam hardened Linux appliance iso helps reduce the overhead with Linux knowledge for local IT staff to get the best from a Veeam repository, because this appliance acts just like any general use repository from a Veeam perspective. All backup jobs and SureBackup tests and labs can run from it as well as instant restore capabilities for the ultra-fast restore when needed.

Unlike dedicated deduplication appliances that use proprietary formats for storing backups, Linux repositories store data in Veeam’s native format. So there is no vendor lock in. the data can be moved and used on any storage system that is a general Veeam repository.

This gives piece of mind that you are not going to be held to Ransome on renewal, unlike traditional Deduplication appliances that keep you locked into their ecosystem due to proprietary formats, like catalyst and DDBoost.

An immutable Linux repository can be added to any Veeam system, it can be used as the primary location for backup,  as a secondary copy job target for DR immutability, or indeed as both.

As well as adding an immutable repo to a Veeam solution, MFA can be enabled on the Veeam console to further secure the solution.

This works for the main Veeam backup and replication software as well as Veeam for O365, Veeam One and backup for Azure. And you can use the authenticator of your choice. MFA along with Veeam RBAC controls bring the capability to decide which IT staff have access to what feature set or servers for backup and restore operations.

Cyber insurers and business leaders increasingly ask for evidence of recovery readiness that often goes beyond attestations, using measurable KPIs tied to response and recovery performance. Tracking varies widely, and many organisations still don’t measure these consistently.

Putting the tools in place and then measure the results are the key steps to ensure you are ahead of the game when it comes to resiliency. In the 2026 Veeam data resilience report
the results showed that the companies that invested in resilience and increased budget measured key metrics more often, these were the most common items tracked

Companies that measured these KPI’s increased budget and their protection status. This had real world outcomes that shows the return for that investment.  Those who invested, paid less Ransom and recovered a larger percentage of the data when they were attacked

In summary, An immutable repository with Veeam MFA, SureBackup, Role based access control and Linux based servers gives the most complete protection that your insurance provider and auditors will love by covering the key requirements we mentioned at the start.

Data Protection:

  • Routinely tested,
  • Verifiable offline or "immutable" backups
  • Immutable, Cannot be altered or deleted by ransomware,
  • Ensure restorability.

https://go.veeam.com/data-trust-resilience-report

Add comment

Comments

There are no comments yet.