Understanding WORM backup: Ensuring compliance and security

Acronis Cyber Protect Cloud
for service providers

What is WORM backup?

In the world of data protection and compliance, WORM (write once, read many) backup technology plays a crucial role. WORM backup technology allows data to be written to a storage medium once, and after this initial writing, the data cannot be altered or deleted for a predefined period.

Understanding WORM backup is essential for organizations to ensure data integrity and compliance with regulatory standards, and for industries where preserving unaltered records is essential, WORM backup provides a reliable solution.

Key characteristics of WORM backup:

·       Immutable storage: Once data is written, it becomes immutable, meaning it cannot be modified or deleted.

·       Time-defined data retention: Data stored using WORM technology has a predetermined retention period during which it cannot be altered.

·       Audit trails: WORM backup solutions often include audit trails, ensuring transparency and traceability of data access and modifications.

WORM backup and regulatory compliance

For industries regulated by bodies like the Securities and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA), WORM backup is not just a best practice but a requirement. These regulations mandate that certain types of financial data and communications are stored in an unalterable format for specific periods.

SEC and FINRA compliance:

·       SEC Rule 17a-4: This rule stipulates that electronic records, including emails and financial transactions, must be preserved in a nonrewriteable and nonerasable format.

·       FINRA rules: Similar to SEC, FINRA requires members to store business-related electronic records in a WORM format to prevent alteration or tampering.

Acronis Cyber Protect Cloud enables WORM backups:

·       Audit trails: Acronis has built-in audit capabilities and SIEM connector which enables data export in standard format (CEF/SYSLOG), with the possibility to configure alerts.

·       Immutable storage: By ensuring that backup data cannot be altered or deleted, this offers a robust solution for regulatory compliance and data security.

·       Time-defined data retention: Acronis enables flexible configuration of retention policies for backups and separately for immutable storage. These policies for immutable storage still can be edited in the Governance mode, but can’t be changed once the Compliance mode has been enabled.

All together, these features improve the protection of backups for our partners and their customers:

·       Protection against data tampering: Immutable backup safeguards against unauthorized changes, deletions, or ransomware attacks.

·       Compliance assurance: By providing WORM capabilities, immutable backup solutions help organizations comply with regulatory requirements.

·       Enhanced data security: Immutable backup adds an extra layer of security, protecting against both internal and external threats.


In conclusion, WORM backup technology is an essential component for organizations looking to ensure data integrity and comply with regulatory standards like those set by the SEC and FINRA. With the advent of immutable backup solutions, achieving WORM compliance has become more accessible and secure. As data protection becomes increasingly vital in the digital age, understanding and implementing WORM backup with Acronis Cyber Protect Cloud is a critical step toward safeguarding valuable information assets.

About Acronis

A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.