Administration Guides

Supported Data Security & Storage Class Life Cycle Options

Home

Overview

Data that is copied to objects can have several policies applied for security , retention and versioning. This section covers supported options.

Adding endpoints using https ensures that inflight data will be encrypted using TLS security protocol.
The endpoint can use self signed or signed certificates. Certificate signing is external to Golden Copy, and no configuration is required to support signed or unsigned.

S3 targets that support customer provided keys to encrypt data at rest would be configured on the S3 provider bucket level.
Consult S3 target documentation about default at data at rest encryption keys are applied without any configuration at the storage bucket level.
No support for object level encryption keys.

Data retention for objects is configured at the bucket level using the S3 target administration policies.
Create different storage buckets to set different retention levels for copied objects.

Version control is configured at the bucket level following S3 target documentation. Golden Copy supports versioning by updating existing objects with a newer version, NOTE: No configuration is required within Golden Copy to use Versioning on your S3 target device. If versioning is enabled on the storage bucket both versions will be available using S3 bucket browsing tools.
A future version of Golden Copy will support version aware recall feature that allows a specific version of data to be recalled based on a date range. Check documentation for the build and version number that support version aware recall. The command supports recall data older than or Newer thann x date and time.
1. Azure object versioning configuration
  1. General Overview
  2. How to Enable or disable Blob Versioning
2. AWS object versioning configuration
  1. General Overview
  2. How to Enable S3 Versioning
3. All other supported S3 targets consult vendor documentation.