DATA PROTECTION

How Cloud Storage Fees Can Make You More Vulnerable to Cyber Attacks

April 22, 2025By David Boland

This is the third in a series of blog posts based on excerpts from our new cloud cost optimization eBook. It is designed to explore how hyperscale cloud storage fees can put your most critical data at risk.

Security often comes at a price, a reality that is felt acutely with hyperscale cloud storage where charges for data security countermeasures can add up—sometimes to the point where enterprises elect to go without, suffering risk exposure as a result.

Where do these variable fees come from, what are they for, and how do they create a disincentive to apply data security countermeasures? Let’s begin with the data.

The impact of fees on cloud storage budgets

The 2025 Wasabi Cloud Storage Index, a survey of over 1,500 IT decision-makers, found that 62% of organizations exceeded their budgeted spend for cloud object storage last year due to additional fees beyond simple storage capacity. These cloud storage fees, typically based on usage, arise for nearly every type of data access and management operation, including API requests, transport, replication, egress, and more. At first glance, these fees appear low—just a fraction of a penny per 1,000 API requests, for example—but for enterprises that routinely store millions, if not tens of millions of objects, a simple but business-critical task such as verifying and testing your backups can add thousands of dollars to your monthly bill.

Demystifying Cloud Object Storage Costs

Tired of going over your cloud storage budget? Download the ultimate guide to hidden fees that can break your budget, or watch the Webinar to learn more!

Get the eBook
Watch the Webinar

The impact of fees on security practices

In the same survey, nearly all (99%) respondents stated that using public cloud storage helps increase their security posture. Yet, fewer than half (47%) use Object Lock today. This feature “locks” objects or storage buckets by creating a Write Once, Read Many (WORM) storage architecture. It’s a baseline immutability feature that prevents objects from being deleted or overwritten for a specified period of time—an essential tool in the fight against ransomware.

What’s going on? Could excessive costs be a factor? While hyperscale services like AWS don’t charge you to turn on Object Lock, multiple API operations are required to enable and maintain locked objects and their associated retention and lifecycle policies—and these API requests do come with a cost.

As a result, backup applications that frequently utilize object lock can generate a significant number of related API operations, like PutObjectRetention, GetObjectVersion, or GetBucketObjectLockConfiguration, all of which can add up to a price tag that is nearly half the cost of your total storage capacity!

The hidden costs of data backup

Utilizing cloud object storage for backup is fundamental to many cyber-resilience strategies, but here, too, data access fees can fun afoul of your budget. How? Popular backup software solutions like Veeam, Rubrik, and Commvault don’t just upload data and then “set it and forget it,” they also:

  • Regularly verify backups: These applications routinely LIST objects in your bucket to ensure that every backup file is still there.

  • Perform metadata checks: Operations like HEAD object requests (to check timestamps or version details) are run frequently.

Table comparing LIST and HEAD request fees for different storage tiers, including S3 Standard, S3 Standard-IA, S3 One Zone IA, and Wasabi.

Furthermore, many organizations test and validate their backups weekly or biweekly—that’s 4-8 additional full checks per month. To demonstrate how quickly these fees can add up, our chart includes LIST and HEAD request fees for just 1 full check. Multiply that figure by the number of times you validate your own backups in a given month to get a better idea where your money is going.

Chart showing the cost of fees per 1000k requests for AWS S3 vs. Wasabi

Do the fees make you less secure? No, not on their own. However, if budget constraints force you to perform fewer backup tests, then your risk exposure starts to go up, and you run the risk of not having the most recent data to restore in the event of a cyber attack. Your preparedness decreases, all because it was too expensive to prepare in the first place.

Wasabi’s solution

We believe security shouldn’t be a surcharge—it’s integral to your organization’s cloud storage strategy.

Wasabi doesn’t charge for Object Lock or Object Lock-related features like setting and updating retention periods, or for any API requests or security features. Why should you pay extra to ensure your data is protected? Wasabi gives you the freedom to test, restore, and validate your backups so that you’re always ready to recover.

Enjoying the series? Read the next installment, Turning Cloud Migration Costs into Cloud Storage Savings

ebook cover image

eBook

Demystifying Cloud Object Storage Costs

Download the ultimate guide to hidden fees that can break your budget

Download the eBook

Related article

cloud icon in front of a pixelated world map
DATA PROTECTIONSecurity and compliance concerns for AI datasets

Most Recent

On-prem NAS vs. cloud NAS: optimizing long-term storage costs

Learn how cloud NAS can help balance ever-growing data volumes with longer retention requirements without breaking the bank.

Advanced data protection and cyber resilience for surveillance systems

As the volume of surveillance video grows, the work of storing and protecting the data has become increasingly challenging.

Hybrid and multicloud strategies: avoiding vendor lock-on

Restrictions and the hidden costs that come with them make it challenging for MSPs who want to adopt hybrid or multicloud approaches.

SUBSCRIBE

Storage Insights from the Storage Experts

Storage insights sent direct to your inbox.

Subscribe