Integrity of Data in Amazon Backup - Amazon Backup
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Integrity of Data in Amazon Backup

Amazon Backup data integrity goal

Amazon Backup seeks to maintain integrity during transmission, storage, and processing of your data. Amazon Backup treats stored resource data as content-agnostic critical information, in that we offer the same high level of security to customers, regardless of the type of data you store. We are vigilant about our customers' security and have implemented sophisticated technical and physical measures against unauthorized access. You retain complete control over how your data is classified, the Regions in which you store your data, and how you control, archive, and protect your data against disclosure.

Amazon Backup data integrity implementation

Amazon Backup works in concert with other Amazon and Amazon services to maintain integrity of the data it stores and with which it interacts. The tools used may vary and can include (but are not limited to):

  • Continuous object validation against their checksum to prevent object corruption

  • Internal checksums to confirm integrity of data in transit and at rest

  • Checksums calculated on data in backups created from the primary store

  • Automatic attempt to restore normal levels of object storage redundancy in the event of disk corruption or detection of device failure

  • Redundant storage of data across multiple physical locations

  • Object durability enhancement across multiple availability zones during the initial write, combined with further replication in the event of device unavailability or detected bit-rot

  • Checksums on all network traffic to detect corruption of data packets when storing or retrieving data

Amazon Backup natively stores data for Amazon DynamoDB with advanced features, Amazon EFS, Amazon S3, Amazon Timestream, and virtual machines running with VMware connected through Backup gateway. Amazon Backup facilitates backups of data stored with other services, including Amazon Aurora, Amazon DocumentDB, Amazon DynamoDB, Amazon EBS, Amazon EC2, Amazon FSx for Windows File Server, Amazon FSx for Lustre, Amazon FSx for OpenZFS, Amazon FSx for NetApp ONTAP, Amazon Neptune, Amazon RDS, and Amazon Redshift.

Objective confirmation and audit of Amazon Backup data integrity

The data stored directly by Amazon Backup and the data stored in partnership with fellow Amazon services with which Amazon Backup interacts is subjected to the rigorous process of Amazon Simple Storage Service (Amazon S3) underpinning this data integrity. This integrity is confirmed by an independent, third-party auditor through an annual SOC audit report which is available through Amazon Artifact in the Amazon Web Services Management Console.