Home > Data Protection > Data Protection (general) > DDVE In-cloud Retention Lock Compliance: Best Practices to Secure In-cloud Deployments > Introduction
Starting at DDOS 7.12, the Dell PowerProtect Data Domain Retention Lock (RL) feature is available for APEX Protection Storage (DDVE in-cloud), providing secure retention locking capabilities for customers looking to protect their information on public clouds with the same corporate governance and compliance standards applied on-premises.
The main objective of the feature is to fulfill file immutability requirements for sensitive data workloads that must be retained according to a defined timestamp. For our APEX Protection Storage customers, this means that data files with retention lock compliance set cannot be altered or deleted until the lock expires, independent of the public cloud provider used.
To complement any data protection needs, it is vital to properly harden the public cloud infrastructure underneath APEX Protection Storage deployments. This shared responsibility approach requires the following considerations:
A common public cloud management practice relies on defined DevSecOps procedures to clearly identify roles, responsibilities, and action plans derived from alert monitoring looking to enhance the overall security posture. This methodical approach allows teams to consistently assess public cloud security and be prepared with mitigation plans.