Backup Immutability
When creating a backup job and selecting the Amazon EC2, Amazon S3, generic S3-compatible storage, Wasabi, Azure Blob Storage, Backblaze B2 Cloud Storage, or Local Folder type of Backup Repository, NAKIVO Backup & Replication allows you to make the recovery points in these repositories immutable. With immutability enabled, the recovery points are stored using the write-once-read-many (WORM) model. Immutability adds another layer of security to backups by protecting recovery points from encryption by ransomware or accidental deletions/modifications.
For the Amazon EC2, Amazon S3, generic S3-compatible storage, Wasabi, Azure Blob Storage, or Backblaze B2 Cloud Storage type of Backup Repository, Object Lock or version-level immutability support should be enabled for the bucket or blob container used to store backups. This type of immutability cannot be shortened or lifted, not even by the root user.
With the Local Folder type of Backup Repository, immutable recovery points cannot be overwritten, deleted, or changed by anyone except the root user before the specified period expires.
When the Local Folder type of Backup Repository is deployed as part of a VMware vSphere, Nutanix AHV virtual appliance, or a pre-configured AMI in Amazon EC2, NAKIVO Backup & Replication provides an even higher level of ransomware protection. You can make recovery points stored in this type of repository immutable, and the immutability cannot be lifted or changed by anyone, not even the root user.
You can find more details on how to enable immutability in the following articles: