Home > Data Protection > PowerProtect Data Manager > White Papers > Dell PowerProtect Cloud Snapshot Manager: Architecture and Security > Expanded Security with Copying Snapshots to a Restricted Account
CSM has expanded its capability to address the security concerns customers have regarding deletion of backups either by malicious attacks or internal security breaches. CSM supports copying snapshots from primary AWS accounts to another AWS account configured using IAM policies that has restricted access. This feature helps customers protect their data if there is a security breach in their original account, as an isolated copy of the snapshot is available in another account for recovery. CSM also enables customers to control cleanup of snapshots in the restricted account by either allowing CSM to automatically delete expired snapshots or by opting to run a lambda script from within the restricted account for added safeguarding.