Azure Backup has launched immutable vaults for general availability. OSS Group has developed a Security Reference Model for enterprise: 1. Reduce the chances of being attacked - protect end users and end points 2. Enable survivability through autonomous recovery - immutable backups 3. Buying time - slow down the attack, limit the impact, speed up recovery
In this framework, immutable backups have a critical role to play to prevent the loss of access to business-critical data caused by a hostile threat actor - data encryption or wiping. So far, in the cloud, there has been a lack of facilities to support this. This feature in Azure now provides for both immutability and irreversibility - making it a key feature to enable protection against ransomware attacks.
Immutable vaults can help you protect your backup data better against ransomware attacks and other malicious actors. Immutable vaults protect your backups by blocking any operations that could lead to loss of recovery points if misused. Further, you can lock the immutability setting to make it irreversible, which can prevent malicious actors from disabling immutability and deleting backups.
Immutability is supported for Recovery Services vaults as well as Backup vaults.
Backup data stored using Azure Backup is not accessible directly and the only way to access or manage this data is through the vault. Immutable vaults help you by preventing any operations that, if used by malicious actors, could lead to the loss of backups. The Immutable vault setting on your vault enables you to block such operations to ensure that your backup data is protected, even if any malicious actors try to delete them to affect the recoverability of data.