Problem
Users often need to distinguish between the Legal Hold and Data Lock features in Druva to ensure proper data protection, compliance, and litigation readiness. Misunderstanding these features can lead to improper configuration, risking data loss or non-compliance.
Cause
1. Both Legal Hold and Data Lock are designed to prevent data deletion or modification, but they serve different purposes and operate at different levels within the Druva platform:
Legal Hold is primarily for litigation and compliance, preserving data for specific users or devices.
Data Lock enforces immutability at the policy level, protecting all backup data from deletion or alteration
2. Scope & Application
Legal Hold
Applied at the user or device level.
Can be granular—specific users workloads can be placed under Legal Hold.
Multiple Legal Holds can be applied to the same user (custodian).
Data Lock
Applied at the backup policy/profile level.
All data under the policy/profile is protected.
Once enabled, it affects all backup sets/devices under that profile.
3. Feature Behavior Matrix
Feature Set | Compaction | Standard Snapshot Expiry | Snapshot Deletion | User Deletion | File Deletion | Retention Policy Change |
Data Lock | NA | NA | ❌ | ❌ | ❌ | ❌ |
Legal Hold | ❌ | ❌ | ❌ | ❌ | ❌ | NA |
❌: Operation is blocked/prevented.
NA: Not applicable.
Notes:
Data Lock blocks deletion and retention changes at the policy/profile level.
Legal Hold blocks compaction, expiry, and all deletion at the user/device level.
4. Immutability & Enforcement
Legal Hold
Data is made immutable for the duration of the hold.
Compaction and deletion are blocked for users/devices under hold.
Admins cannot delete users, devices, or snapshots under Legal Hold.
End-users are unaware of being placed under Legal Hold.
Data Lock
Immutability is enforced at the storage level (Immutability Shield).
Prevents deletion of policies, backup sets, and snapshots.
Cannot be disabled by the customer directly; requires druva support intervention to disable it.
5. Administration & Reversal
Legal Hold
Can be enabled/disabled by authorized legal or compliance admins.
Once removed, normal retention and deletion policies resume.
Data Lock
Can only be enabled/disabled by the Support Team with multi-admin approval.
Reversal is a controlled process, often requiring backend scripts.
6. Workflows & Integration
Legal Hold
Integrated with eDiscovery tools for data search, collection, and export.
Supports additional data collection (ADC) for covert investigations.
Detailed reporting and role-based access for legal teams.
Data Lock
No direct integration with eDiscovery.
Focused on data retention and deletion prevention.
7. When to Use Legal Hold Vs Data Lock.
Legal Hold
Litigation, regulatory investigations, internal audits.
Need to preserve all data for specific users/devices for legal review.
Data Lock
Regulatory compliance (e.g., SEC, FINRA), ransomware protection.
Preventing accidental or malicious deletion of backup data.
References: