Back to overview

Protection of your objects and backup data with the S3 Object Lock

With the S3 Object Lock, objects are stored in a WORM model (WORM = write-once-read-many). WORM protection makes sense if it is absolutely necessary that objects or data cannot be changed or deleted.

Regardless of whether an enterprise has to comply with regulations, for example in the financial or healthcare sector, or whether copies of important business documents are simply to be backed up; NetApp’s S3 Object Lock offers unalterable storage and protection against the deletion of objects and data.

Vorteile von NetApp StorageGRID Object Lock

  • With StorageGRID Object Lock, organizations prevent an object from being deleted or overwritten for a specified time or indefinitely.
  • The Object Lock helps to meet legal requirements that require WORM storage.
  • In addition, another layer of protection against object modification and deletion can be added (for example, especially useful in ransomware attacks)
  • There are no additional costs for using this feature

Example for the successful use of the Object Lock

Many enterprises which use StorageGRID of NetApp profit today also from the WORM function.

  • Protection against ransomware attacks
    The WORM function provides additional protection for objects. In the event of a ransomware attack, objects cannot be encrypted or deleted, which leads to increased protection of these objects.
  • Protect unchangeable documents
    The WORM function is helpful everywhere where unchangeable recordings must be stored and a certain retention period must be kept. If for example a row of recordings must be stored ten years and another row only five years, the two rows of recordings can be provided with the respective desired storage duration. This means that the retention period of different objects within the same bucket in S3 can be adjusted to the desired length.
  • Retaining objects in the same storage resource
    The S3 Object Lock also provides high flexibility for companies that keep a large number of objects in the same storage resource and only want to apply locks to a subset of them.

Options for managing the retention of objects

NetApp’s S3 Object Lock provides two ways to manage the retention of objects. These are the retention periods on the one hand and the legal retention periods on the other.

Retention periods
A retention period protects an object for a fixed period. During this period, the desired object is protected against manipulation and cannot be overwritten or deleted. To do this, a retention period must be defined, which is provided with a time stamp in the object’s metadata by StorageGrid S3. This shows when the retention period expires. The object can only be overwritten or deleted after the defined retention period has expired, unless a legal retention period has also been defined for the object. A retention period is defined either in number of days or in number of years.

Legal retention periods
Thanks to the S3 Object Lock it is possible to define a legal retention period for objects. The legal retention periods also prevent objects from being overwritten or deleted. Retention periods are valid until they are removed.

Legal retention periods are to be considered independently of retention periods. If the object lock is activated for the bucket that contains the object, legal retention periods can be defined or removed, regardless of whether a retention period has been defined for the specified objects.

Does the S3 Object lock sound interesting for your company?

I would be happy to guide you through the process.

Michael Trutmann

Michael Trutmann, Solution Architect & Consultant