an IaaS environment designed for the highest level of security, a service provider may decide to deploy VMware vSphere, with or without Cloud Director, and leverage the VMware capability of registering multiple Key Management Servers (KMS). Each tenant then receives a dedicated KMS service, either directly offered by the service provider or provided by the tenant (Bring Your Own Key – BYOK).
This solution guarantees complete confidentiality of data hosted in the virtual machines, as each tenant exclusively owns the keys required to decrypt the data within their own VMs.
In this document we’ll explore how Veeam Backup and Replication will behave in such environments, to guarantee the highest confidentiality of data.
