To help you protect your backup data and meet the security needs of your business, Azure Backup provides confidentiality, integrity, and availability assurances against deliberate attacks and abuse of your production data and systems. Ensuring the recoverability of backup data is crucial for maintaining business continuity and minimizing downtime during data loss incidents. To ensure your backup data is safe, you can now leverage immutable vaults and for scenarios where you want to actively recover accidentally or maliciously deleted data you can leverage soft delete. Tune in to Ignite to hear details about the advancements in our security offerings that will further protect you from ransomware attacks.
General Availability: Immutable vault with WORM storage
Now with Immutability “Locked” we ensure storage level immutability in addition to management level immutability. Once “Locked” the storage will go into WORM (write once read many) state.
Immutable vaults ensure that the backup data once stored cannot be deleted until the specified retention period has expired. This feature ensures that backup data remains intact and secure, protecting it from malicious insider or outsider attacks. Immutable vaults block any operations that can result in destruction of data like reducing retention, stopping backups and deleting data.
Immutable vault setting has 2 states: “Enabled” and “Locked”. When immutability is in enabled state, the Backup Contributor can disable it when needed to allow for flexibility of retention periods or stopping backups. When immutability is in locked state, the setting is irreversible making it more secure and impossible to destruct the data.
Public Preview: Secure by Default with Soft Delete
By default, all new vaults have soft delete enabled on them, with a retention period of 14 days, which can be disabled if needed. It will be permitted to increase the retention beyond 14 days but not reduce.
Soft delete ensures the recovery of backup data even if it has been accidentally or maliciously deleted. With soft delete, deleted backup data is retained for an additional period which is configurable up to 180 days (default 14 days), allowing Backup contributors to restore it if necessary. This feature acts as a safety net, ensuring that critical data is not permanently lost due to inadvertent actions.
Safeguard your data from accidental activities and malicious attacks by configuring Immutability Locked and be assured to recover quickly by yourself with secure by default soft delete. Further restrict critical actions on your vault with multi-user authentication to prevent any unintended and malicious actions.
Microsoft
