Azure-VirtualMachines-VM-Instant-Restore-Backup-Retention-Period

Severity : Medium

Description: This control ensures that Azure backup recovery service have recovery points retention period configured to keep all the VMs data intact for recovery. Azure backup service provides automatic backup which creates recovery points for the VM. The retention of these recovery points are driven by the retention periods for the backup. The initial backup is full backup and subsequent backups are incremental backup. When the recovery points have the retention periods expires, they are merged to next recovery points. If a recovery point is deleted before the next one created , the recovery mechanism will be broken as previous data has already been deleted. It is recommended to have the retention period long enough so that the next backup happens before the retention of previous recovery point expires.

Remediation Steps:

Perform following to configure retention period for recovery point :

  1. Login to Azure Portal using https://portal.azure.com.

  2. Navigate to All services.

  3. In All services, enter Recovery Services to list Recovery service Vaults.

  4. From the Recovery service Vaults list select the desired vault.

  5. Select the Backup Policy.

  6. Update the Retention Range for the back up policy to make sure that it beyond the backup period.

  7. Select OK.

Important:

Reference:

Blue Hexagon Proprietary