How long backup data is kept before being deleted or overwritten.
Backup retention defines how long backup copies are maintained before deletion. Retention policies balance storage costs against recovery needs—keeping more history provides more recovery options but costs more. Retention requirements may be driven by compliance (legal hold, regulatory requirements), business needs (recovering from delayed detection of problems), or ransomware protection (ensuring clean recovery points exist beyond attacker dwell time).
Why It Matters
The DSC Perspective:
Retention affects recovery options. If ransomware went undetected for 30 days, you need backups older than 30 days to recover clean data. Align retention with business and compliance requirements.