Loading...

General Availability: Vaulted backups for Azure Blob Storage

General Availability: Vaulted backups for Azure Blob Storage

We are excited to announce the general availability of vaulted backups for Azure Blob Storage. Vaulted backups can help you achieve complete protection for your blobs data against data loss. We encourage you to consider adding vaulted backup protection to your Azure Blob Storage data protection strategy.

Vaulted backup for Azure Blob Storage is a native, fully-managed backup solution from Azure Backup. It enables comprehensive protection of your blob storage data against data loss scenarios by storing a dedicated backup copy of the data in an Azure . These backups can be used to recover data in the event of any data loss on production systems. Vaulted backups, used in conjunction with other data protection capabilities (for example: soft delete, versioning and operational backups), provide multilayer protection against data loss. Vaulted backups can be configured together or separately from operational backups.

 

UtsavRaghuvanshi_4-1722528230629.png

 

Protecting your data against loss or corruption has become even more important with the increased frequency and sophistication of cyberattacks. Azure Blob Storage offers several data protection capabilities within the same storage account such as resource locks, soft delete, versioning, and point-in- time restore. However, these capabilities alone might not comprehensively protect from events such as accidental or malicious storage account deletion. Vaulted backups provide an additional, complementary protection layer against these events.

 

Example use cases

Here are a few of the common scenarios where vaulted backups can help you.

 

Scenario 1: Better protection against ransomware attacks

In a ransomware attack, backups enable organizations to recover their data without succumbing to ransom demands. Vaulted backups, independent of the primary storage account's status or availability, ensure that you can reliably recover your data. There are several ways that vaulted backups can help protect you in such scenarios. First, all vaulted backup data is isolated from the production storage accounts and stored in a separate tenant that is managed by Microsoft. The only way to manage this data is through the Backup with its own separate permissions, allowing for the separation of responsibilities. Second, for additional protection, vaulted backups allow you to leverage advanced security capabilities provided by Azure Backup, such as immutable vaults, multiuser authorization and soft delete, which can help you make sure that your data is protected and recoverable when it’s needed. Third, Azure Backup also allows you to better manage and govern the security of your backups with the business continuity and disaster recovery (BCDR) security posture. This helps ensure that backups have the right level of security (refer to the image below).

 

UtsavRaghuvanshi_5-1722528230637.png

 

 

Scenario 2: Accidental or malicious storage account deletion

Mistakes are made, insider threats exist, and credentials can be stolen. All of these can lead to storage accounts being deleted. Thankfully, with vaulted backups, your backups are stored securely in storage managed by Microsoft. So, an additional copy of your data exists outside of your storage account. This additional copy can help recover in cases where the entire storage account is deleted accidentally or maliciously. Vaulted backups allow you to recover all blobs or a subset of blobs in a storage account (refer to the image below). You can also leverage advanced security capabilities such as immutability, multiuser authorization, and soft delete. When used together, these capabilities add multi-layered protection against accidental and malicious data loss and ensure your backups are there when you need them.

 

UtsavRaghuvanshi_6-1722528230639.png

 

 

Scenario 3: Regulatory Compliance

In some industries, regulations require offsite backups and/or long-term retention of data. The backup vault can help create an offsite backup that will be in the same Azure region as the primary storage account and can optionally be replicated to another region. With vaulted backups, data can be retained for up to 10 years which allows for audits, legal holds, and compliance retention. Azure Business Continuity Center makes it easy to manage and govern backups of your blob data across your estate (refer to the image below).

 

UtsavRaghuvanshi_7-1722528230647.png

 

 

Pricing and availability

Vaulted backup for Azure Blob is available in these regions. To learn about pricing, refer to the Azure Blob backup pricing page. Consistent with the billing experience we had in public preview, the Azure Backup protected instance fee and the vault backup storage fees are not currently charged. We will enable these charges starting in October 2024. Now is a great time to give vaulted backups a try!

 

Getting started

Here are three simple steps to help you get started with configuring vaulted backup for Azure blob storage:

  1. Create a backup vault: A vault is a management entity that stores backups and allows you to access and manage them.

 

  1. Create a backup policy: Backup policy enables you to configure the frequency and retention of backups based on your business requirements.

 

  1. Select the storage account and containers to backup: You can choose to back up all containers or select specific containers depending on the criticality of the data they contain.

To learn more about vaulted backup for blobs, refer to this article.

 

Contact us

If you have questions or feedback, please reach out to us at [email protected].

Published on:

Learn more
Azure Governance and Management Blog articles
Azure Governance and Management Blog articles

Azure Governance and Management Blog articles

Share post:

Related posts

Announcing the new Azure DevOps Server RC Release

We’re excited to announce the release candidate (RC) of Azure DevOps Server, bringing new features previously available in our hosted version....

2 days ago

How to Integrate Azure Service Bus with Microsoft Dynamics 365 CRM Step by Step with Example?

Keeping data flowing between applications is critical in today’s connected business world. Organizations using Microsoft Dynamics 365 CR...

5 days ago

Enhancing Secure Sign-Ins with Temporary Access Pass in Azure Active Directory

Introduction While working on improving user account recovery scenarios, a common challenge often arises: how to securely allow a user to sign...

6 days ago

Azure SDK Release (September 2025)

Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (September 202...

7 days ago

Batch Processing Triggered Pipeline Runs in Azure Synapse

This post describes a pattern for batch processing triggered pipeline runs in Azure Synapse

7 days ago

Reliably refreshing a Semantic Model from Azure Data Factory or Synapse Pipelines

This post describes a pattern for reliably refreshing Power BI semantic models from Azure Data Factory or Azure Synapse Pipelines.

7 days ago

Power Pages Fundamentals #24: Boosting Portal Security with Azure Single Sign-On: Quick Read Series

Contoso Motors is a large automotive service company.They have built a Power Pages customer portal for their external partners and customers t...

9 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy