Skip to main content


 

 

druva_logo.pngDruva
|
Documentation

How can we help you?

Trending articles:

 

Druva Documentation

Data Lock for preventing malicious or accidental deletion of snapshots

  1. Last updated
  2. Save as PDF
Heads up!

We've transitioned to a new documentation portal to serve you better. Access the latest content by clicking here.

Data Lock prevents modification, deletion, or tampering of business-critical data in Druva CloudRanger.  Immutability has gained widespread attention with rising ransomware attacks that can adversely impact enterprise data security. When it comes to preserving your data in the event of a ransomware attack, immutable snapshots are a critical component of your organization’s business strategy and data recovery plan.

Once enabled at the policy level, the retention for immutable snapshots cannot be altered allowing businesses to protect their data from a malicious insider. This is particularly significant when snapshots are under threat of modification or deletion, such as attempts by a rogue admin or in the event of credentials being compromised.

The following infographic explains how an immutable snapshot responds to ransomware compared to a mutable snapshot.

Data Lock.png

Benefits

Here are key benefits of enabling Data Lock on backup policies:

  • Data Lock prevents modification in retention settings, snapshot deletion, or tampering of critical data. Immutable backups are impervious to malicious deletion or ransomware encryption.
  • Data Lock helps minimize threats with the ease of data recovery. Keeping immutable backups on air-gapped servers ensures that you have a recent copy of encrypted data in the event of a breach.
  • Immutable backups of EC2 instances can be moved to Druva’s Data Resiliency Cloud to protect them from a malicious insider.
  • Ensure business continuity in case of ransomware attacks or a security threat with snapshot-level Data Lock enabled.

Use cases

Rogue admin

A potential rogue admin, who is a super admin or an insider who has acquired admin credentials, gains access to your backup environment and manually deletes snapshots. Data Lock prevents modification, deletion, or tampering of such critical data. When your organization detects such a threat, you can use Data Lock-enabled backups to recover to the last healthy state.

Use Case.png

Ransomware attack

Your organization succumbs to a ransomware attack, or an admin clicks a link on a suspicious email from an unidentified source, making your backup environment vulnerable to unauthorized access. With Data Lock, you can prevent the deletion or modification of critical backups.

Accidental deletion of snapshots

Users with access to the backup management interface may choose to delete or set backups to expire prior to the intended retention period. While this allows enterprises to manage and remove backups that are no longer important, this may be applied accidentally or maliciously to delete business-critical backups.

Who can access this feature

The availability of the Data Lock feature is by default limited only to customers with Enterprise and Elite licenses.

Support matrix

Products Entities Applied on License Editions

Native Workloads

Snapshots

Backup policy

Elite and Enterprise