Secure 0118 359 2220 Get Started

Press ESC to close or Enter to search

Popular Pages
Managed IT Cyber Security Case Studies Pricing Contact
Home
About Us
Services
Managed IT Services Cyber Security & Compliance Microsoft 365 Cloud & Hosting Backup & Disaster Recovery Connectivity & Telephony Incident Response & 24/7 IT Support Reading
Pricing
Tools
Domain Health Check About You Password Generator
Resources
Case Studies Threat Intelligence Blog & Insights Guides FAQs Customer Portal Remote Support
Contact
Get Started
Live Security Feed
Your IPDetecting...
NCSCUK organisations urged to strengthen cyber defences ALERTPhishing attacks targeting Microsoft 365 users on the rise CISACritical vulnerabilities identified in popular software NEWSRansomware groups increasingly targeting SME businesses NCSCNew guidance released for securing remote workers ALERTBusiness email compromise attacks cost UK firms millions CISAZero-day exploits require immediate patching attention NEWSAI-powered threats becoming more sophisticated in 2025 NCSCUK organisations urged to strengthen cyber defences ALERTPhishing attacks targeting Microsoft 365 users on the rise CISACritical vulnerabilities identified in popular software NEWSRansomware groups increasingly targeting SME businesses NCSCNew guidance released for securing remote workers ALERTBusiness email compromise attacks cost UK firms millions CISAZero-day exploits require immediate patching attention NEWSAI-powered threats becoming more sophisticated in 2025
View Dashboard
Microsoft

What Is Immutable Backup and Why Does It Matter?

Quick Answer

Immutable backup can't be modified or deleted for a set period—not by users, not by admins, not by ransomware. It's backup that attackers can't destroy.

Quick answer: Immutable backup can't be modified or deleted for a set period—not by users, not by admins, not by ransomware. It's backup that attackers can't destroy.

Why This Matters

Ransomware attackers know you have backups. Modern ransomware specifically targets backup systems:

  1. Gain access to your network
  2. Find and encrypt your backups
  3. Then encrypt your production systems
  4. Now you have no recovery option except paying
If your backups can be deleted or encrypted by someone with admin credentials, your backups are vulnerable.

How Immutable Backup Works

Immutable backups use technology that prevents modification or deletion for a defined retention period.

Write Once, Read Many (WORM): Once data is written, it cannot be overwritten or deleted until the retention period expires.

Even administrators can't delete it. This is the key point. Ransomware operators who compromise admin accounts still can't touch immutable backups.

Air-Gap vs Immutable

These are different concepts:

Air-gapped: Physically disconnected from the network. Ransomware can't reach it because there's no connection.

Immutable: Connected but unchangeable. You can access it for restores, but nothing can modify or delete it.

Best practice: Both. Immutable backups for rapid recovery. Air-gapped (or offline) backups as ultimate fallback.

What to Look For

When evaluating backup solutions:

  • True immutability: Can an administrator delete backups? If yes, it's not truly immutable.
  • Retention lock: Is the retention period locked at creation?
  • Independent authentication: Is the backup system's authentication separate from your main domain?
  • Geographical separation: Are immutable copies stored in a different location?

The 3-2-1-1 Rule

The traditional 3-2-1 backup rule (3 copies, 2 media types, 1 offsite) needs updating:

3-2-1-1: Add one immutable or air-gapped copy.

This ensures at least one copy survives even a sophisticated ransomware attack that compromises your backup infrastructure.

Real World

We've seen organisations hit by ransomware who:

Had backups, recovered quickly: Their backup system was immutable and separate. Ransomware couldn't reach it. They were back online in hours.

Had backups, still paid ransom: Backups were on the same network, same credentials. Ransomware encrypted everything including backups. Recovery impossible.

The difference was architecture, not luck.

What We Provide

Our backup solutions include:

  • Immutable storage - Backups can't be modified or deleted during retention
  • Separate authentication - Backup systems don't use your domain credentials
  • UK data centres - For organisations with data residency requirements
  • Regular testing - We verify backups actually work
Because backups you can't trust aren't backups.

---

about a backup assessment.

---

Related Questions