Home > Data Protection > Data Protection (general) > Dell PowerProtect Data Domain Retention Lock > Consolidate Governance and Compliance Archive Data
Recent security threats have resulted in users searching for better options to protect their backups and meet an increasing list of regulations. PPDD provides the most secure, reliable, and easy to configure approach, by allowing the consolidation of Governance and Compliance retention features in a single storage system. This approach, combined with Data Domain data invulnerability architecture delivers data integrity, deduplication performance, and the security needed to protect valuable data.
To facilitate this consolidation and protection, the PPDD managed tree (Mtree) entry is used. An Mtree is a user defined logical partition that enables granular management of the file system. This approach helps assign a specific MTree as backup application destination, helping manage independent retention settings. It also allows backup administrators to replicate its content to a disaster recovery (DR) site for additional protection. Once an RL license is installed on the system, it enables RL settings at an individual Mtree level. When the RL-C feature license is installed, it allows additional security measures available to restrict data modifications on the entire system. For enhanced data protection, it is recommended to enable both features on the same system. With this approach, it is possible to configure a set of MTrees with Governance and a different set of MTrees with Compliance. Although no additional steps are required to enable RL-G mode, note that a single MTree cannot be configured as both governance and compliance mode at the same time.
This flexible deployment model allows users to apply different retention periods for different types of archived data stored on MTrees, while meeting both corporate governance and compliance standards on the same system.
Users enable (RL-G or RL-C at an individual Mtree level before any data stored on that MTree is locked for a specific time period. Before an MTree can be compliance enabled, the Data Domain system must be configured for additional security measures. These measures ensure that administrative actions that could compromise the integrity of records are not under the control of just one administrator. For specific instructions on configuring and enabling Data Domain RL software, see the Data Domain Operating System Administration Guide.