Veeam provides modern data protection for Lembaga Lebuhraya Malaysia to meet government compliance requirements for business continuity

 “Veeam protects the IT applications that support highway management and maintenance, so travel can be safer, faster and easier.” 

— Gs. Ts. Mohd Sukri bin Shuib, Assistant Director of Technology, Lembaga Lebuhraya Malaysia – 2021

 The business challenges 

Lembaga Lebuhraya Malaysia (LLM) plays an important role in the lives of many Malaysians. LLM constructs, manages and maintains highways and expressways that connect families and friends to each other and to employment opportunities, educational institutions, healthcare services, retail stores and more. By building, monitoring and renovating roadways, LLM contributes to the country’s wellbeing. 

Millions of people travel on Malaysia’s highways, but they’re probably not aware that LLM assesses every kilometer to improve safety, reduce traffic congestion and integrate automation. Several IT applications assist in this process, including an expressway performance indicator system, a highway construction monitoring process and a toll-road evaluation system. 

While travelers may not be familiar with these applications, many of them are familiar with LLM’s website because it provides helpful maps, construction updates, traffic status and toll-rate information. Protecting this website and the IT applications supporting highway management, maintenance and customer service is critical, so when the backup solution became more of a challenge than an asset, the IT Division searched for a replacement. 

“Our backup solution was becoming outdated,” said Mohd Sukri bin Shuib, Assistant Director of Technology at LLM. “There were times when backup was slow and recovery was unreliable, making it more difficult to meet recovery objectives in the business continuity standards required by our government.” 

To strengthen its backup and disaster recovery (DR) strategy, LLM’s IT Division contacted Infinity Consulting Technology (ICT), a Platinum Veeam® Cloud & Service Provider (VCSP) partner in Malaysia. ICT is widely recognized as a cloud backup and DR service provider in Malaysia, providing Aegis, the in-house brand of ICT, which focuses on delivering cloud disaster recovery services. Aegis manages and monitors customers’ daily backup operations, maintenance and support of customers’ backup and DR operations. Aegis also offers complimentary and unlimited DR resources, including dedicated drill personnel who assist customers when performing drills, so they complete successfully. Aegis obtained Disaster Recovery Certified Expert (DRCE) certification in 2012, giving it more than a decade of cloud backup and DR expertise. 

“Aegis is well respected among government agencies, and ICT is well known for matching organizations with the technology that best meets their needs, so that’s how we learned about Veeam Availability Suite™,” Mr. Sukri bin Shuib said. We quickly realized that Veeam and Aegis offer the most comprehensive backup and DR solution.” 

The Veeam and Aegis solution 

Veeam and Aegis modernized data protection so LLM can easily meet recovery objectives in the business continuity standards required by the Malaysian government. Veeam and Aegis also extend backups and replicas to a secure private cloud to increase ransomware protection. Moreover, they support compliance with the ISO/IEC 27001 Information Security Management System (ISMS) standard and reduce annual IT costs by 50%. 

“Our goal is to improve the country’s highways,” Mr. Sukri bin Shuib said. “Veeam and Aegis protect the IT applications that support highway management and maintenance, so travel can be safer, faster and easier.” 

Veeam backs up and replicates 10 TB across more than 20 physical and virtual machines (VMs) on premises and off premises to Aegis. Veeam Cloud Connect links LLM to Aegis, enabling the agency to extend data protection to the cloud without the cost and complexity of managing a second infrastructure. Backups and replicas are encrypted and secure, which increases ransomware protection. 

Mr. Sukri bin Shuib said Veeam offers several features legacy backup did not offer such as reliable backup and high-speed recovery that enables the IT division to meet recovery objectives more easily. Additional features in Veeam ONE™ include monitoring and reporting for resolving issues proactively and Veeam DataLabs™ for verifying the recoverability of backups and replicas. Scalability is another key feature because LLM’s data grows quickly due to a CCTV video that monitors traffic. Veeam is also hardware, software and storage neutral. 

“Veeam backs up any workload on any hardware to any storage, so we don’t have to invest in new resources,” Mr. Sukri bin Shuib said. “Veeam is also more affordable than our previous solution, which reduces annual IT costs by 50%.” 

Aegis helps LLM save money too. Instead of a costly capital expenditure to build and maintain a separate DR structure, LLM opted for an affordable operating expenditure for DR as a Service (DRaaS) from Aegis. In addition, ICT is ISMS-certified, enabling LLM to attain ISO/IEC 27001 compliance. 

“Veeam and Aegis make data protection easy and efficient,” said Mr. Sukri bin Shuib. 

The results 

Modernizes Data Protection to meet recovery objectives in government policy “Veeam and Aegis protect the IT applications that support highway management and help us meet recovery objectives in the business continuity standards required by our government more easily,” Mr. Sukri bin Shuib said. 

Extends backups to a secure private cloud to boost ransomware protection Veeam Cloud Connect offers a seamless and secure way to send backups and replicas off premises for DRaaS, so organizations like LLM can avoid the cost of managing a second infrastructure. 

Supports compliance with ISO 27001 and reduces annual IT costs by 50% “Veeam is more affordable than legacy backup, saving us a significant amount each year,” Mr. Sukri bin Shuib said. 




Lembaga Lebuhraya Malaysia oversees the design, construction, operation, maintenance and toll collection for highways and expressways spanning 1,820 kilometers countrywide. The government agency was established in 1980 under the Ministry of Works and employs approximately 400 people. 


When Lembaga Lebuhraya Malaysia discovered its backup solution was becoming outdated, the IT division replaced it immediately. Unreliable backup and slow recovery could make it difficult to meet recovery objectives in business continuity standards required by the government. 


  • Veeam Availability Suite 
  • Veeam Cloud Connect
  • Secure Cloud Backup and Disaster Recovery (DR) Service from Aegis


  • Modernizes data protection to meet recovery objectives in government policy 
  • Extends backups to a secure private cloud to boost ransomware protection 
  • Supports compliance with ISO/IEC 27001 and reduces annual IT costs by 50%

About Veeam Software 

Veeam® is the leader in backup, recovery and data management solutions that deliver Modern Data Protection. We provide a single platform for cloud, virtual, SaaS, Kubernetes and physical environments. Our customers are confident their apps and data are protected and always available with the most simple, flexible and reliable platform in the industry. Veeam protects over 400,000 customers worldwide, including more than 82% of the Fortune 500 and over 60% of the Global 2,000. Veeam’s global ecosystem includes 35,000+ transacting technology partners, resellers, service providers, and alliance partners, and has offices in more than 30 countries. To learn more, visit or follow Veeam on LinkedIn @veeam-software and Twitter @veeam

About ICT 

A world-class Disaster Recovery as a Service (DRaaS) and Infrastructure as a Service (IaaS) expert based in Malaysia, Infinity Consulting Technology (ICT) partners with the world’s leading software and platform brands to deliver cloud-based backup and recovery solutions to customers from blue chips to start-ups across a range of industry sectors. A Platinum VCSP, ICT aims to shape the future of cloud DR revolution. 


Are Your WFH Employees’ Personal Devices Secured?

This crisis-ridden era has accelerated the work from home (WFH) business model as enterprises scrimmage to remain financially sound. Alas, this practice places company data in jeopardy of cyberattacks, even more so for employees unsure about the security protocols on their devices.

With 56% of employees using personal computers as their work device, leaders are scrambling to reexamine their cybersecurity. Since workers access sensitive accounts and data via their personal devices, securing your company network should be a top priority.

Otherwise, who’s to say if your WFH model is a viable, long-term solution?

Establishing a Secure WFH Network

The surge in WFH employees has prompted enormous pressure on IT departments at office-based organisations. Ideally, companies should provide work-issued laptops or computers that were vetted and secured by the IT staff. These machines should have endpoint protection, encrypted drives, antivirus software, etc., while the IT department can manage security updates and patches across the remote team.

However, not every business can afford to equip its remote workers with secured devices. Security professionals barely had ample time to create the required architecture for moving entire companies to remote status. To make matters worse, they’ve had to deal with a larger attack surface prompted by this work style.

Employees were left to rely on personal endpoints, accessing sensitive information from unprotected home networks. It’s also tricky to maintain governance over what your employees are doing and whether they follow the security guidelines provided. Regardless, implementing strict data protection ground rules is essential for safeguarding your business.

Establishing a Secure WFH NetworkEstablishing a Secure WFH Network

The Truth About WFH Security Concerns

As stated, the overnight transition forced most employees to use personal devices, which lack the precautions and security measures that corporate devices usually boast. Sometimes even the latter can put critical data at risk, as they are exposed to others in the household.

The amount of adware (games) and unwanted software on these devices increased tenfold, indicative of children use. This is further concerning because adware is the go-to delivery mechanism of highly nefarious malware on such gadgets.

Moreover, operating outside the office means utilising your own WiFi networks that have proven to be less sturdy than in-house connections. While crucial applications include Office 365 and Google Workspace (formerly G Suite), these apps present yet another avenue of security vulnerability.

At the end of the day, IT teams must emphasise being wary of suspicious emails, attachments, and pop-ups.

Network Security Checklist

The problem with home networks involves the sheer number of connected devices, causing vulnerability to cyberattacks and malware. Many homes have IoT devices such as connected appliances as well. Thus, the first step to securing home networks would be an employee checklist identifying every single device accessible to the network.

After that, remote employees should:

  • Change default passwords
  • Change the default IP address
  • Disable remote access to the home network
  • Regularly update their router and network devices’ software

What if your employees don’t own their routers and modems? Well, you can always insist on separating work and personal activities on the device by implementing split networks.

Try VPNs, MFA & Cloud DR

Virtual personal networks (VPNs) have benefits that go beyond bypassing geographical restrictions. They are powerful tools that grant robust online privacy. Secure VPNs create a private connection where data travelling from a VPN-connected device is encrypted and sent through, allowing for safer connections to business information systems.

Aside from that, multifactor authentication (MFA) helps ward off phishing attacks often targeted at employees’ email accounts. Hackers wield urgent-sounding emails directing users to change personal information on legitimate-looking websites, gaining access to passwords and security questions. On the other hand, MFA requires users to provide information beyond passwords, including:

  • QR codes on portable devices
  • Biometrics, i.e. fingerprint, face, retina scans and voice ID
  • Time-based, one-time passwords for authentication codes sent via email or text message
Try VPNs, MFA & Cloud DR

Lastly, it’s wise to have a Cloud Disaster Recovery (DR) plan in place in case of unexpected events rendering data loss, not forgetting to include a proper backup strategy for the business endpoints such as laptops and PCs. By backing up business data to the Aegis cloud, clients can quickly recover and restore what was accidentally or intentionally deleted, stolen or lost, ensuring business continuity. 

Find out more about the Aegis CDR 12+12 Program, a newly launched disaster recovery promotion that comes with complimentary Cloud Endpoint Backup plus installation and data migration. Whether you’re an SME or a big corporation, Aegis CDR 12+12 aims to offer more protection and value for your money with unlimited cloud backup storage.

Need help?