Object Lock Best Practices

When managing data in SCS3, it's important to consider how best to protect your objects from deletion, especially when dealing with sensitive or critical information. SCS3 provides different modes to secure your data, each suited to various scenarios.

Governance Mode is ideal if you need to safeguard your objects from deletion for a set retention period, but still require flexibility. With this mode, all users except for the bucket owner will be restricted from deleting or modifying the retention settings.

On the other hand, Compliance Mode ensures that no user, not even the owner of the bucket, can delete the objects during the specified retention period. This mode is particularly useful when there is a stringent requirement to maintain compliance with regulatory standards, as it provides the highest level of protection for your data.

If you're uncertain about the duration for which your objects need to remain unaltered, you can opt for a Legal Hold. This option is useful in situations such as pending external audits or ongoing projects. It allows you to maintain the immutability of your data until the audit concludes or the project reaches completion.

However, keep in mind that increased locking can lead to higher storage usage and potentially slower workloads due to additional requests. This makes it essential to evaluate your operational needs and choose the settings based on your application’s requirements. You might want to consider the below:

• Keep the retention period under 90 days whenever possible.
• Use Compliance Mode sparingly, as it can limit flexibility and create operational challenges.
• Only use Legal Hold when there is no alternative.