Public Preview: Azure Backup enables vaulted backups for Azure Blob for comprehensive data protection.
Published date: 09 March, 2023
Azure Backup now supports transferring your Azure Blob backups to the vault. A vault is a logical entity that stores the backups and recovery points created over time. You can define a backup schedule for creating recovery points and specify retention settings that determine how long backups will be stored in the vault. The vaulted backups are isolated from the source data enabling you to continue your business operations even if the source data is compromised by performing seamless restores using existing recovery points. You can configure and manage vaulted and operational backups via a single backup policy.
Below are some of the key capabilities of vaulted backups:
1.) Off-site copy of data- It enables you to recover your mission-critical data from backups, irrespective of the state of the source data.
2.) Protection from accidental or malicious deletion of specific containers, or the complete source storage account. No user or attacker has direct access to the backups stored in the vault. Hence, the existing backup data can’t be tampered with or deleted even if a ransomware attacker gets access to your source data.
3.) Long-term retention of backup data for up to 10 years, enabling you to meet your compliance requirements, especially in the finance and healthcare industries with strict guidelines on data retention period.
4.) Alternate location recovery- It enables you to restore data to an alternate account if the source storage account is compromised or spin up different copies of data for testing or development purposes.
5.) Centralized management via backup center-The vaulted backups can be monitored and analyzed at scale along with other workloads protected using Azure Backup via Backup center.
6.) Secure backups - The built-in security capabilities of Azure Backup, like multi-user authorization (MUA) for critical backup operations, data encryption, and role-based access control (RBAC), etc. help you protect your backups in the vault and meet the security needs of your business.
In the preview, currently, you can configure vaulted backups for block blobs in a standard general-purpose v2 storage account (non-HNS enabled) in the regions mentioned here. We would incrementally add support for the other regions.
Click here to get started