Veeam execs examine backup and security blend, other trends

If there's a positive to ransomware, it's that is has brought together people and teams that didn't typically communicate with each other frequently.

This issue is forcing infrastructure teams -- including backup admins -- and security departments to figure out how to comprehensively protect their organizations. At the same time, backup vendors are trying to figure out how they want to tackle security issues and how much of a focus they want to place in that area.

At the VeeamON 2023 user conference in May, the collaboration and combination of backup and security was clear. Customer stories often had a ransomware recovery focus, and product updates featured several security enhancements.

In these interviews with TechTarget Editorial, Veeam's CTO Danny Allan and Shiva Pillay, newly appointed general manager and senior vice president of Americas, discuss the types of customers who attended VeeamON, best practices for businesses, security challenges for Veeam and where the company goes from here.

Editor's note: These interviews were edited for length and clarity.

In prior VeeamON conferences, the convergence of backup and security has been a major focus. How is this convergence different now? How has it evolved?

Danny Allan: We're beginning to see much more collaboration between the security buyer and the data protection buyer. The majority of VeeamON attendees would still be the data protection and IT professional, but for the first time, I had meetings with people at the conference who were security only. So it's manifesting itself in many different ways -- not only in the sales cycle, but also in attendees at conferences like this. I expect that convergence to continue.

Ransomware is a universal problem that affects more than just security departments -- it completely affects the company, affects the brand.

A lot of companies are wrestling with bridging the gaps between the security and infrastructure departments. What can businesses do to bridge those gaps?

Shiva Pillay: Those two departments were historically always separate and not always in lockstep. Ransomware is a universal problem that affects more than just security departments -- it completely affects the company, affects the brand.

I think it's a great time for some thought leadership. So as a customer, bring those two teams together, look at the overall budgets that they have to spend, and then be pragmatic about [how products can solve business problems].

Some backup vendors are turning more into cybersecurity vendors or focusing more heavily on it. Veeam has been doing a lot in cybersecurity -- where do you see the company heading in this area? What are customers looking for?

Shiva Pillay

Pillay: Would we be a security company? I'd cautiously say no. We'd solve customers' data resiliency problems, which is a broader issue than just security.

Providing some security layers in our technology that help make life a lot easier when things go wrong is definitely the direction we have to head in, and that is a common ask for our customer base. Backups become a bit more front and center as a result of ransomware, so for us, it's definitely a good time to be pushing down that security path.

On the other end of the security issue, there have been some reports about vulnerabilities in Veeam products -- are those all patched up?

Danny Allan

Allan: There are no open vulnerabilities that I'm aware of. Every software company ends up having vulnerabilities in their product. What we're extremely focused on internally is having the processes in place to respond when these occur and to make sure all the structures are in place to prevent them from happening in the first place.

But it's a bit like ransomware. I always tell customers, you can have the best-laid plans in the world. It's not a question of 'if,' it's not even 'when' -- sometimes it's a question of 'how many times.' So focus on your first line of defense. Make sure that your internal processes are in place to prevent ransomware, and then when it does occur, have the processes in place to recover quickly.

We have a SWAT team internally that responds to [vulnerabilities] immediately. And we're also very proactive in notifying our customers.

Backup for object storage was another element at VeeamON that seemed to engage customers. [Veeam said it expects to add that type of data protection to its Backup & Replication product by the end of the year.] Why hasn't there been more backup for object storage in the market at this point?

Allan: Object storage had not been ready for prime-time primary workloads. In the past 12 to 24 months, we've seen a huge increase in the performance that comes with object storage. It's just a lot faster than it used to be. And it gives you the added benefit of security -- the object lock in object storage is a really easy way to make it very secure. Customers are running primary workloads on it, and they want data protection for it.

Veeam also announced a new bidirectional integration with ServiceNow. Does Veeam expect to kick that protection up a level and offer a ServiceNow backup product like it has for other SaaS platforms Microsoft 365 and Salesforce? Are there other SaaS platforms that you're looking at for possible backup products?

Allan: It is something that we continuously evaluate, and clearly we have tighter relationships now with ServiceNow, so keep your ears open.

We continuously evaluate all of the SaaS products for backup, and it really becomes a matter of market timing. I get asked for G Suite [now Google Workspace] and [Microsoft] Dynamics and ServiceNow and Workday. We literally have a list that is about 25 different SaaS services, so we prioritize them and continuously evaluate the market opportunity.

Veeam executives have spoken in the past about potentially going public. What's the latest on the IPO front?

Allan: We have the largest market share, based on the recent IDC report. Our focus is just making sure that we're providing valuable outcomes for our customers: data security, data recovery, data freedom. We haven't announced plans for [an IPO], but we are continuing to be focused on being No. 1 in the space and continuing to grow. And then we'll see what the future holds.

Paul Crocetti is an executive editor at TechTarget Editorial. Since 2015, he has worked on TechTarget's Storage, Data Backup and Disaster Recovery sites.