Data Immutability – Retention Locking/WORM

Data immutability and retention locking have gained enormous traction over the last many years owing to a severe surge in number of cyber and ransomware attacks. This presentation covers many aspects of data immutability and retention locking/WORM in the backup ecosystem. It talks about regulatory requirements for long term data retention, variants of retention locking, dual authorization model and role of security officer, various attributes of retention locking, integration of backup applications with retention locking, retention locking in replication and cloud storage. It presents various challenges seen in data immutability and possible mitigations. This includes levels and layers beyond the namespace, such as operating system, hypervisor, bootloader, bios and server management interfaces, and even physical access to datacenters. It discusses how availability of appliance form-factors of backup systems, adaptation of shared-responsibility models and air-gapped vaults have aided to a greater degree of data protection.