--- title: What Is WORM Storage? Technical Fundamentals Explained date: 2026-04-08T11:20:00+02:00 author: FAST LTA canonical_url: "https://www.fast-lta.de//en/blog/was-ist-worm-speicher-technische-grundlagen-erklärt" section: "Entries: Articles" --- ### The WORM Principle [\#](#the-worm-principle "The WORM Principle") 1. **Write:** once only. Data is written one time. 2. **Read:** as many times as needed. 3. **No modify, no delete:** never, for the duration of the retention period. This differs from standard disk storage, where anyone with sufficient rights can write, overwrite, and delete at will. On WORM storage, written data is read-only, regardless of credentials. --- ### Technology Overview [\#](#technology-overview "Technology Overview") #### Optical Media (CD‑R, DVD‑R, Blu-ray WORM) [\#](#optical-media-cd-r-dvd-r-blu-ray-worm "Optical Media (CD-R, DVD-R, Blu-ray WORM)") The burner physically alters the disc surface; no changes are possible afterwards. Historically important for small archives, today largely obsolete: capacities are tiny (under 5 GB for CD/DVD), write speeds are slow, and reader hardware is disappearing. Relevant only for legacy archives that must remain readable. #### Tape with WORM Cartridges [\#](#tape-with-worm-cartridges "Tape with WORM Cartridges") Sequential writing to magnetic tape, with WORM enforced by cartridge firmware. Tape offers high capacity per cartridge at low media cost, which kept it in archives for decades. The structural drawbacks are why it is being replaced: sequential access makes retrieving a single record slow, media must be handled, stored, and migrated physically, integrity cannot be verified without loading each cartridge, and drive/​robotics infrastructure is expensive to maintain. Disk-based hardware WORM delivers the same immutability with random access, online integrity verification, and no media handling. #### Hardware WORM on Disk (Silent Cubes) [\#](#hardware-worm-on-disk-silent-cubes "Hardware WORM on Disk (Silent Cubes)") Specialized storage hardware enforces immutability at the system level. Once data is written, no software process and no administrator can alter or delete it before the retention period expires. Advantages: - Immutable below the software layer: cannot be bypassed with admin rights - Fast, random access like a NAS: any record retrievable in seconds - Continuous online integrity verification instead of media checks - Scales from terabytes upward by adding units Silent Cubes from FAST LTA are hardware WORM archive storage designed for compliance archiving: redundant storage with erasure coding, engineered for very long retention periods (10 to 30 years and beyond), with audited immutability. The trade-off versus generic storage is a higher entry price; the return is an integrity guarantee that holds up in an audit. #### Software WORM [\#](#software-worm "Software WORM") Protection at the operating system, file system, or application level: files are flagged read-only after writing. Examples: S3 Object Lock, Azure immutable blobs, file system retention flags. Advantages: low cost, runs on existing hardware, flexible. Disadvantages: the protection is software. Depending on configuration, privileged accounts can change policies, shorten retention, or destroy the storage underneath. The guarantee depends on organizational controls working perfectly, every day, for the entire retention period. --- ### Two Paths to WORM Implementation [\#](#two-paths-to-worm-implementation "Two Paths to WORM Implementation") #### Path 1: Organizational (Software WORM) [\#](#path-1-organizational-software-worm "Path 1: Organizational (Software WORM)") You use standard hardware with organizational measures: rules (“no one modifies archive files”), access control (the admin can, but is not permitted to), and audit logs (every change is recorded). The problem: if an admin does make a change, you only find out from the log, and a sufficiently privileged attacker deletes the log too. #### Path 2: Technical (Hardware WORM) [\#](#path-2-technical-hardware-worm "Path 2: Technical (Hardware WORM)") You use specialized WORM hardware: the system itself prevents changes, the admin cannot override it, and the immutability is verifiable. The advantage: the guarantee does not depend on people following rules. --- ### Why Hardware WORM Is Stronger for Compliance Archiving [\#](#why-hardware-worm-is-stronger-for-compliance-archiving "Why Hardware WORM Is Stronger for Compliance Archiving") An auditor’s core question is: how do you guarantee that this data has not been altered since archiving? With software WORM, the honest answer is: ​“Our controls were configured correctly and nobody with privileges misused them.” That is an assertion about behavior. With hardware WORM, the answer is: ​“The storage system technically prevents modification; here is the verification.” That is a property of the system, independent of who held which credentials. For records subject to statutory retention (financial records, invoices, contracts, patient data), the technical guarantee is the stronger evidence. Keep in mind that WORM covers only the immutability requirement of audit-proof archiving; completeness, correctness, timeliness, orderliness, and availability still require capture controls, indexing, and process documentation. --- ### Frequently Asked Questions [\#](#frequently-asked-questions "Frequently Asked Questions") **Can we combine WORM with cloud?** Cloud object lock features exist, but you are relying on the provider’s implementation, the provider’s jurisdiction, and your own credential hygiene. For statutory archives, on-premises hardware WORM under your own control is the safer baseline; cloud copies can serve as a supplement. **Can we delete WORM data when GDPR requires it?** Retention obligations take precedence over erasure for as long as they apply. WORM systems built for compliance manage retention per record: when the statutory period expires, the data becomes deletable and the deletion is executed and documented. This resolves the apparent conflict with GDPR Art. 17. **How long does WORM storage last?** The relevant question is not media lifetime but system continuity. Hardware WORM systems like Silent Cubes use redundant storage with erasure coding and are designed for very long retention; aging components are replaced without touching data integrity. Media-based approaches (optical, tape) instead require periodic migration of every medium. --- ### Further Resources [\#](#further-resources "Further Resources") → Audit-Proof Archiving Guide (/en/blog/revisionssicherheit-leitfaden/) → WORM Technologies Compared (/en/blog/worm-technologien-vergleich/) → Software WORM vs. Hardware WORM (/en/blog/software-worm-vs-hardware-worm/) → Silent Cubes: Hardware WORM Archive Storage (/en/produkte/silent-cubes/) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### Audit-Proof Archiving Audit-proof archiving describes the legally required property of an archiving system that preserves documents completely, immutably, traceably and accessibly at all times — and that this can be demonstrated without gaps to tax authorities, auditors and data protection supervisory bodies. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/audit-proof-archiving) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### Immutable Storage Immutable storage refers to storage technologies that protect stored data from subsequent alteration or deletion — where the decisive difference lies in whether this protection is enforced at the hardware level (cannot be circumvented) or at the software level (can be circumvented by administrators with sufficient rights). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/immutable-storage) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr) ### GDPR The GDPR (General Data Protection Regulation, EU 2016/679) is the European regulation for the protection of personal data — particularly relevant for IT infrastructure in Art. 5 (principles), Art. 17 (right to erasure), Art. 28 (processors) and Art. 32 (security of processing). [Mehr erfahren →](https://www.fast-lta.de//en/glossary/gdpr) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### Audit-Proof Archiving Audit-proof archiving describes the legally required property of an archiving system that preserves documents completely, immutably, traceably and accessibly at all times — and that this can be demonstrated without gaps to tax authorities, auditors and data protection supervisory bodies. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/audit-proof-archiving) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm) ### WORM WORM (Write Once, Read Many) refers to a storage principle in which data is written once and can technically no longer be altered or deleted — in hardware WORM, this immutability is a physical property of the storage controller, independent of software, operating system or user privileges. [Mehr erfahren →](https://www.fast-lta.de//en/glossary/worm)