Security

This section lists fundamental security features of Veeam Data Cloud for Microsoft 365.

Certifications

Veeam holds numerous certifications, including ISO/IEC 27001, and is continuously investing, innovating, and adding to industry and regulatory credentials to help ensure your data is protected and secure. For more information, see Veeam Trust Center.

Data Sovereignty

Data is stored in a dedicated storage account in the region of your choice.

Redundant Storage

Utilizes Local Redundant Storage (LRS) by default, where three copies of customer data are stored on three separate disks within the primary Azure region.

Isolated Environment

Backup data is stored in a virtually air-gapped location, hosted by Veeam in Microsoft Azure. This environment is isolated and decoupled from both Microsoft 365 and customer infrastructure. Customers also benefit from the inherent data security provided by Microsoft Azure at the storage level.

Encryption

Utilizes 256-bit encryption for all data in-transit and at-rest.

Immutability

Offers service-level immutability capabilities on the primary backup. Once the data is backed up, it cannot be altered, tampered with, or deleted by users, including administrators or attackers.

Multi-Factor Authentication (MFA)

Utilizes Microsoft single sign-on with Multi-Factor Authentication.

Retention Period

Retention is set to 7 years by default, and can be customized to offer an unlimited time period.

Pen-tested

Regular penetration tests carried out by a 3rd party specialist provider.

Service Level Agreements (SLAs)

99.9% uptime — excluding planned outages.