I'm trying to figure out some guidelines for immutability periods in my on-prem backup repositories as I'm doing some capacity planning and there aren't any company policies in place yet. Some people suggest setting immutability for several months since cyber threats can linger unnoticed for a while, while others think a few weeks is enough since attackers often act quickly to avoid detection. I'm curious about what periods others are using for their on-prem backups—like 3 months, 2 weeks, etc. Also, just to clarify, we keep backups for years; I'm specifically asking about how long we should keep them immutable.
1 Answer
Typically, people align the immutability period with their data retention policies. If your backups need to be retained for years, then that's how long they should remain immutable too. Otherwise, what's the reason to shorten that period?
That's true, but money should also be a factor. Even though storage prices have dropped, there's still a cost, and you might want to consider pruning those old backups if they aren't needed anymore. Plus, immutability can sometimes get mixed up with the idea of being un-deletable, which isn’t necessarily the same thing.