As its name implies, the basic idea behind immutable storage is that the data storage will remain completely static and pristine for its entire existence. Immutable storage enables adopters to designate specific data that will be stored in a form that can never be tampered with, modified or removed.
"With immutable storage ... once something is written, it cannot be changed or deleted," said Scott Swigart, CTO at market research firm Cascade Insights.
Immutable storage can be applied to data stored on most conventional storage media and platforms, including tape, disk and SSDs. It's the cloud, however, that's now helping to make immutable storage an easy and flexible way to ensure data permanence.
One of the significant points of value in cloud computing is the element of managed services. "Immutable storage is an excellent example of how the meta/management layer actively works for IT security teams," said Bart Castle, cloud and network instructor for online training firm CBT Nuggets. With immutable storage, the user simply creates a file incorporating the desired immutability policy. "The service provider then takes on the burden of enforcing that policy and protecting the data itself," he said.
Benefits of immutable storage
Trust and compliance are the twin pillars of immutable storage. "If you need to know that a document hasn't been altered, immutable storage ensures that," Swigart said. "If you need to retain records for a period of time and don't want them accidentally deleted, immutable storage ensures that." Adopters of immutable storage technology can use it for legal holds, to supply a chain of custody, to secure digital evidence and to protect data from cyber attacks.
Another advantage is that immutable storage makes it hard to lose information through equipment failure or simple human error. "It also takes up less memory than conventional storage methods," said Eric McGee, senior network engineer at colocation services provider TRG Datacenters.
A key immutable storage benefit is that the data is virtually impervious to ransomware. "Corporations can use this form of storage to quickly recover their data to the latest healthy backup, knowing that it is unaffected by malware," said Rick Vasko, director of service delivery and quality at technology and managed service provider Entrust Solutions.
Immutable storage effectively prevents ransomware perpetrators from fulfilling their strategy. "If anybody tries to do something [to the data], it just pops up an error message," said Jack Zmudzinski, senior associate at software development firm Future Processing.
For all its benefits, immutable storage also presents a few drawbacks. "The downside ... is, if you can't delete the data, you're stuck with storing it for some amount of time, which could bring additional costs," Zmudzinski explained. "These costs are marginal, though, as cloud storage is getting cheaper and cheaper as time goes by."
Although immutable storage provides added security, the technology can't do anything to prevent physical damage to data caused by storms, fires and other disasters or hands-on tampering with the media. "It's recommended that organizations keep multiple copies of their data," Vasko said.
Who uses immutable storage?
Businesses tend to use immutable storage whenever they need to follow government or industry regulations or litigation requirements. "Some industry compliance mandates ask organizations to delete certain kinds of data after a set period of time," Vasko said. "With immutable storage, data can be maintained safely for a long time, while also giving organizations the power to set a date for it to be removed from their systems completely."
Law enforcement and private security organizations that routinely bank large volumes of video and audio surveillance data frequently turn to immutable storage to guarantee data authenticity. "These [immutable files] are used as evidence in most formal judicial setups and can vouch for someone's life or sentence," McGee said.
Organizations that store critical medical, pharmaceutical and scientific data are also prime immutable storage candidates. Zmudzinski pointed to the example of a university observatory. "Losing all those terabytes of data, even from one day of observation, would be catastrophic," he said.
Costs and providers
Immutable storage is generally no more expensive than storing conventional files. There's a catch, however. Storage costs can rapidly spiral upward if an organization stores a large number of immutable files tagged with lengthy timespans. "lf, for example, you set a policy that a piece of data must be retained for a year, you can't delete it, and you have to keep paying for the storage until the data retention period expires," Swigart said.
When evaluating the overall cost of immutable storage, Vasko recommended factoring in whether or not the provider partner is write once, read many (WORM)-compliant. "WORM compliance guarantees that sensitive data remains secured for the time that it's stored," he said.
A wide range of on-site and cloud storage technology providers offer immutable storage-compliant products and services, including NetApp, Dell Technologies, HPE, Cisco Systems, AWS, Microsoft Azure, Google Cloud and Wasabi.