Updated on 2024-08-16 GMT+08:00

Data Protection

CBR takes many measures to keep data secure and reliable.

Table 1 CBR data protection

Measure

Description

Transmission encryption (HTTPS)

To ensure the transmission security, backup data is stored to OBS buckets via HTTPS.

Storage data redundancy

CBR allows you to create multi-AZ backup vaults so that your backup data can be stored in multiple AZs of a region. If one AZ becomes unavailable, backup data can still be accessed from other AZs. This feature is suitable for data storage that requires high reliability.

NOTE:

CBR storage data redundancy is implemented based on the redundancy storage technique of OBS. For details, see What Redundancy Storage Techniques Does OBS Use?

Backup data encryption

If a disk you want to back up is encrypted, the backups generated for this disk will also be encrypted. When such a backup is used to restore data, the encrypted data will first be decrypted and then restored to the target disk.

Cross-region replication

Cross-region replication allows you to automatically and asynchronously replicate backups from one region to a replication vault in a different region based on a replication policy. The cross-region disaster recovery capabilities it offers can cater to your needs for remote backup.

Backup locking

To prevent the backup data from being deleted by mistake or maliciously, you can enable backup locking for vaults to improve data security.

Once enabled, all backups in the vault enter the WORM (write once, read many) status. No one can delete the backups that are in their retention periods.