All Products
Search
Document Center

Object Storage Service:Preventing accidental data loss

Last Updated:Apr 30, 2026

Accidental deletions of data are common and can affect business operations. This topic describes the preventive methods that you can use to prevent data loss related to accidental operations.

Important

The following best practices follow general guidelines and are not a complete security solution. The best practices are provided only for reference and may not be suitable for your business scenarios. We recommend that you remain aware of data security threats and take the necessary preventative measures.

Enable versioning for a bucket

Object Storage Service (OSS) allows you to configure versioning for a bucket to protect objects that are stored in the bucket. When you overwrite or delete objects that are stored in a versioning-enabled bucket, OSS saves the objects as previous versions in the bucket. Versioning allows you to recover a previous version of an object to protect the object from being accidentally overwritten or deleted.

If versioning is enabled for a bucket, OSS specifies a unique ID for each version of an object stored in the bucket. For more information about how to enable versioning, see Overview.

Configure a retention policy for a bucket

The Write Once Read Many (WORM) feature of retention policies in OSS allows you to prevent users from modifying or deleting objects. If you do not want anyone, including resource owners, to modify or delete objects in a bucket within a specific period of time, you can configure a retention policy for the bucket. Before the specified retention period ends, you can only upload objects to or read objects from the bucket. You can modify or delete objects only after the retention period ends. For more information about how to configure a retention policy for a bucket, see Retention policies.

Enable CRR for a bucket

Cross-region replication (CRR) performs automatic and asynchronous (near real-time) replication of objects across buckets in different OSS regions. Operations such as creating and overwriting objects can be synchronized from a source bucket to a destination bucket.

CRR is useful for cross-region disaster recovery and data replication. To protect against accidental deletions and enable cross-region disaster recovery, configure the replication rule to sync only Add/Change operations.

This way, if data is accidentally deleted from a source bucket, you can recover the deleted data by retrieving its copy from the destination bucket.

For more information about CRR, see CRR overview.

Configure scheduled backup for a bucket

OSS provides the scheduled backup feature that you can use to back up objects in a bucket to Cloud Backup on a regular basis. If an object is accidentally lost, you can recover the object from Cloud Backup.

After you configure a scheduled backup plan for a bucket, Cloud Backup backs up all objects in the bucket from a specific start time and retains the backups in the vault for a specific period of time based on the retention policy. For more information, see Scheduled backup.

After Cloud Backup performs a full backup, you can create an OSS restore job in the Cloud Backup console to restore an object accidentally deleted from the bucket to the version before the object was deleted. For more information about how to create an OSS restore job, see Restore OSS objects.