Establish WORM policy for backups #22

New Issue

lukas · 2024-03-26T22:29:29+01:00

lukas commented

2024-03-26 22:29:29 +01:00

A time-based retention policy using Write-Once-Read-Many allows control over data immutability. WORM is as close to an air-gapped backup as you can get in the cloud. Utilizing this can ensure that backups running against the Azure target will guarantee that no data can be manipulated or deleted during its intended lifetime.

Backups to the Azure target are already very safe:

Microsoft Azure is in the top 3 of public clouds, they are very well trusted in the industry and probably have a very stable infrastructure
ZRS storage employs 3 copies in 3 nearby DCs, pretty much nothing but a catastrophic natural disaster can impact data integrity.

The addition of WORM can also add:

protection against ransomware or other attacks on libre.moe, as no kind of API-request should be able to delete these backups
protection against human error and accidental deletion, as no kind of UI-interaction should be able to delete these backups

On the other side, utilizing WORM means:

mistakes can not easily be deleted
a solid plan has to be made beforehand, to ensure the policy will work as expected

A [time-based retention policy](https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-time-based-retention-policy-overview) using Write-Once-Read-Many allows control over data immutability. WORM is as close to an air-gapped backup as you can get in the cloud. Utilizing this can ensure that backups running against the Azure target will guarantee that no data can be manipulated or deleted during its intended lifetime. Backups to the Azure target are already very safe: - Microsoft Azure is in the top 3 of public clouds, they are very well trusted in the industry and probably have a very stable infrastructure - ZRS storage employs 3 copies in 3 nearby DCs, pretty much nothing but a catastrophic natural disaster can impact data integrity. The addition of WORM can also add: - protection against ransomware or other attacks on libre.moe, as no kind of API-request should be able to delete these backups - protection against human error and accidental deletion, as no kind of UI-interaction should be able to delete these backups On the other side, utilizing WORM means: - mistakes can not easily be deleted - a solid plan has to be made beforehand, to ensure the policy will work as expected

lukas added the

labels 2024-03-26 22:30:31 +01:00

lukas self-assigned this 2024-03-26 22:30:36 +01:00

lukas added this to the Issue Board project 2024-03-26 22:30:44 +01:00

leon commented

2024-03-26 23:40:52 +01:00

https://music.youtube.com/watch?v=jeICC5SFpP0

lukas added the

Involves

Testing

label 2024-04-02 13:46:11 +02:00

lukas started working 2024-04-12 12:33:39 +02:00

lukas commented

2024-04-12 12:40:57 +02:00

sieht promising aus

sieht promising aus ![image](/attachments/4034cec2-19c7-4ddc-addf-b44b994e567e)

image.png

20 KiB

lukas commented

2024-04-12 12:45:55 +02:00

reminder to self: morgen nochmal schauen, ob die Dateien auch nicht durch automatische Routinen entfernt werden können, und: ob sie dann auch nach 2 Tagen (aktuelle test policy) wirklich entfernt werden, als test für die automatische Rotation von Backups

lukas worked for 12 minutes 21 seconds

2024-04-12 12:46:00 +02:00

lukas commented

2024-04-15 10:56:49 +02:00

confirming scenario

lukas started working 2024-04-15 10:57:02 +02:00

lukas worked for 2 hours 14 minutes

2024-04-15 13:11:44 +02:00

lukas started working 2024-04-15 13:50:52 +02:00

lukas referenced this issue

2024-04-15 13:54:35 +02:00

Move Seafile backups to new backup location #26