Data Lock prevents modification, deletion, or tampering of business-critical data in Druva CloudRanger. Immutability has gained widespread attention with rising ransomware attacks that can adversely impact enterprise data security. When it comes to preserving your data in the event of a ransomware attack, immutable snapshots are a critical component of your organization’s business strategy and data recovery plan.
Once enabled at the policy level, the retention of immutable snapshots cannot be altered, allowing businesses to protect their data from a malicious insider. This is particularly significant when snapshots are under threat of modification or deletion, such as attempts by a rogue admin or in the event of credentials being compromised.
The following infographic explains how an immutable snapshot responds to ransomware compared to a mutable snapshot.
Benefits
Here are the key benefits of enabling Data Lock on backup policies:
Data Lock prevents modification in retention settings, snapshot deletion, or tampering of critical data. Immutable backups are impervious to malicious deletion or ransomware encryption.
Data Lock helps minimize threats with the ease of data recovery. Keeping immutable backups on air-gapped servers ensures that you have a recent copy of encrypted data in the event of a breach.
Immutable backups of EC2 instances can be moved to Druva’s Data Resiliency Cloud to protect them from a malicious insider.
Ensure business continuity in case of ransomware attacks or a security threat with snapshot-level Data Lock enabled.
Use cases
Rogue admin
A potential rogue admin, who is a super admin or an insider who has acquired admin credentials, gains access to your backup environment and manually deletes snapshots. Data Lock prevents modification, deletion, or tampering of such critical data. When your organization detects such a threat, you can use Data Lock-enabled backups to recover to the last healthy state.
Ransomware attack
Your organization succumbs to a ransomware attack, or an admin clicks a link on a suspicious email from an unidentified source, making your backup environment vulnerable to unauthorized access. With Data Lock, you can prevent the deletion or modification of critical backups.
Accidental deletion of snapshots
Users with access to the backup management interface may choose to delete or set backups to expire prior to the intended retention period. While this allows enterprises to manage and remove backups that are no longer important, this may be applied accidentally or maliciously to delete business-critical backups.
Who can access this feature
The availability of the Data Lock feature is, by default, limited to customers with Enterprise and Elite licenses.
Support matrix
AWS Workloads | Entities | Applied on | License Editions |
|
Snapshots |
Backup policy |
Elite and Enterprise |