The explanation is a part of my study for Enterprise service management course, of full, incremental, and immutable backups:
Full Backup
This is a complete and straight forward type of backup. It involves creating a copy of all selected data, such as: files, apps, folders, and system images at a specific point in time.
It works by reading all data from the source and writes it entirely to the destination backup storage (e.g., an external drive, NAS, or Cloud).
Pros: Restoring data is very fast and simple because everything needed is in a single location. You have a complete, self-contained snapshot of your data from a specific moment.
Cons: This is also the most storage intensive method, it copies everything every time it performs the backup. Due to that reason, it takes the longest time to perform and uses significant amount of system and network resources.
Incremental Backup
This method only copies the data that has changed since the last backup activity, regardless of its type. It relies on a previous full backup to be useful.
The backup software checks the “archive bit” (a file attribute flagging a file as changed) or uses a journal to identify new and modified files since the last full or incremental backup. It then only backs up those specific files.
Pros: It uses the least amount of storage space. And it is very quick to execute because it handles a small amount of data. Minimal bandwidth usage, making it ideal for remote and cloud backups.
Cons: Restoring data is a slower, multi-step process. You must first restore the last full backup and then restore every single incremental backup in the correct chronological order. If any chain in the sequence is corrupt, the restore can fail. The backup entirely dependent on the integrity of the initial full backup and all subsequent incremental backups.
Immutable Backup
This is not a method of what data is copied but a security feature applied to the backup storage. “Immutable” means the backup files cannot be altered, encrypted, or deleted for a predefined period of time, even by a system administrator or an attacker.
The backup storage system uses write-once-read-many (WORM) technology or object lock features to prevent any changes to the backup data for a set retention period.
Pros: The primary benefit is to protect your backup from ransomware attack. As it cannot encrypt or delete the immutable backups. Also prevents administrators or others from accidentally or maliciously deleting backup data. This method following the compliance practice for data integrity and retention.
Cons: Often requires more sophisticated (and expensive) storage solutions. As data cannot be pruned or deleted before the retention period ends, which requires careful capacity planning.