Administration Guides
Supported Data Security & Storage Class Life Cycle Options
Home
- Overview
- Data Inflight Encryption
- Data at Rest Encryption
- Data Retention Policies
- Object Data Version Control
Overview
Data that is copied to objects can have several policies applied for security , retention and versioning. This section covers supported options.
Data Inflight Encryption
- Adding endpoints using https ensures that inflight data will be encrypted using TLS security protocol.
- The endpoint can use self signed or signed certificates. Certificate signing is external to Golden Copy, and no configuration is required to support signed or unsigned.
Data at Rest Encryption
- S3 targets that support customer provided keys to encrypt data at rest would be configured on the S3 provider bucket level.
- Consult S3 target documentation about default at data at rest encryption keys are applied without any configuration at the storage bucket level.
- No support for object level encryption keys.
Data Retention Policies
- Data retention for objects is configured at the bucket level using the S3 target administration policies.
- Create different storage buckets to set different retention levels for copied objects.
Object Data Version Control
- Version control is configured at the bucket level following S3 target documentation. Golden Copy supports versioning by updating existing objects with a newer version, NOTE: No configuration is required within Golden Copy to use Versioning on your S3 target device. If versioning is enabled on the storage bucket both versions will be available using S3 bucket browsing tools.
- A future version of Golden Copy will support version aware recall feature that allows a specific version of data to be recalled based on a date range. Check documentation for the build and version number that support version aware recall. The command supports recall data older than or Newer thann x date and time.
- Azure object versioning configuration
- AWS object versioning configuration
- All other supported S3 targets consult vendor documentation.