Understand: Immutable backup data

Our backup service is created with a high focus on security, by having tamper-proofed its backup data by having immutable data; once backup is complete, it cannot change. We do not expose any backup data through any APIs or other interface, that can have data changed or overwritten.

This protects the end customers 365 environment from an attack where backup data are deleted before proceeding to encrypt or destroy the primary data within Microsoft 365.

This backup job structure requires all backup points to be intact in order to perform a restore. Within each restore, a verification is done, making sure that no data within the backup chain has been changed.

If the end customer deletes a backup job from the backup system, data remains within the retention period. If the reseller deletes the entire end customer - data will remain within the platform for a fixed retention period, just like the Insider threat protection feature, implemented on a per user level, alerting the reseller, allowing to cancel the end customer deletion.