Behind the scenes, security has also been a priority for Veeam, which hired Gil Vega, previously chief information security officer at CME Group, the U.S. Department of Energy, and the U.S. Immigration & Customs Enforcement agency, to be its CISO last January.
According to Allan, Vega and his team have helped harden Veeam products by enforcing compliance with ISO security standards and the NIST Cybersecurity Framework. “Every new release that we do, they do a source code analysis and architectural analysis,” he says.
Other examples of Vega’s influence include the addition of immutable backups, which can’t be changed or deleted by ransomware, to Veeam’s platform. Those restrictions, Allan notes, expire after preset intervals. “If you made everything immutable forever, then you’re going to end up with a lot of [storage] costs,” he says.
Earlier this year, Veeam introduced a series of changes to its licensing and sales compensation models aimed at helping both end users and partners embrace the industry-wide shift toward everything as a service.