In today’s post I’d like to talk about what WORM storage is and how it can help with compliance and security. With the recently added WORM storage in Azure, Microsoft supports immutable storage with their blob storage accounts, allowing various regulated industries and legal situations to be properly supported in Azure.
If you’re unfamiliar with the terms immutable or WORM storage, let me clarify. Immutable storage is also referred to as WORM compliance storage which is write once read many. This means once the content is written, it cannot be altered or deleted. Typically, this is time box as the same data may need to be removed for compliance reasons at some point.
CEFC, FCC and FINRA all have compliance policies which require businesses under compliance to store certain data with WORM compliance. Up until this Azure release, most companies had to maintain multiple storage environments to meet the regulatory needs. Microsoft added WORM compliance as an enforced, audited policy feature for all blob storage.
This is a big cost savings in management simplification for businesses under compliance. These businesses can now use Azure storage and add compliance to the storage as needed. Another cost reduction is that all levels including archive support the immutable storage policy.
There are 4 key areas that immutable storage supports in Azure:
1. Time-based retention policy support – Users can specify the length of time the data needs to be stored immutably. This is key for FINRA where the regulations require the ability to show the state of the data when decisions were made.
2. Azure storage supports legal holds – This is often required during various lawsuits or investigations, including patent lawsuits. You can now put the data, including files, emails and other types required for that legal hold into a blob container and add a legal hold onto it.
3. All blob tiers, hot, cold and archive, are supported – You can use archive for long term immutable storage as needed, which should simplify and reduce your cost, instead of a third-party WORM compliant solution.
4. These policies can be added to the container level which will simplify management of the data for the containers. You can put it all in a container, lock it down and add whatever you need to meet the compliance policies that are in place on that container.
You may be thinking, what does this cost? This is a policy and is added as such, which means it’s an add that you have available to you and you can start using it immediately with no cost. You pay for the storage and this is a policy that gets applied to the storage. It’s no additional cost to become more compliant and secure – need I say more?
This is one more step Microsoft has taken to make their cloud pattern more compliant and secure and to best serve the needs of their customers, especially the financial industry, but it could help any industry that has legal holds, which is more common than you may think.
If you have questions about using Azure storage, immutability, WORM compliance or anything Azure related, you’re in the right place. Click the link below or contact us—we’re here to help.