Expressvpn Glossary
Data deduplication
What is data deduplication?
Data deduplication removes duplicate data by storing a single copy and replacing the rest with references. This reduces storage use, backup size, and bandwidth during transfer or replication. It is commonly used in backup systems, cloud storage, and environments with repeated files or datasets.
How does data deduplication work?
A deduplication system splits data into chunks and generates a hash for each one. The hash acts as a fingerprint, allowing the system to quickly check whether identical data already exists.
If a match is found, the system verifies it (for example, with a byte-level comparison) before storing a reference instead of a duplicate copy. Unique chunks are stored once and reused wherever needed.
Deduplication can run in two main ways:
- Inline deduplication: Removes duplicates before writing to disk, saving space immediately but potentially increasing write latency.
- Post-process deduplication: Writes data first, then removes duplicates later, improving ingestion speed but delaying space savings.
Types of data deduplication
Data deduplication can be categorized based on how and where duplicates are identified:
- File-level deduplication: Removes duplicate files by storing a single copy and referencing it multiple times.
- Block-level deduplication: Splits files into fixed-size blocks and removes duplicate blocks across files.
- Variable-length deduplication: Uses content-defined chunking to detect duplicates even when data shifts slightly.
- Source-side deduplication: Removes duplicates before data is transferred, reducing bandwidth usage.
- Target-side deduplication: Removes duplicates after data reaches the storage system.
- Global deduplication: Identifies duplicates across multiple datasets, systems, or backup jobs.
Why is data deduplication important?
Data deduplication helps reduce storage use, improve backup efficiency, and lower bandwidth requirements. It also makes long-term data retention more practical and can support compliance by reducing the overhead of storing repeated data.
Where is it used?
Data deduplication is widely used in backup systems, cloud and object storage, virtual desktop infrastructure, email systems, file servers, and disaster recovery environments where repeated data is common.
Limitations of data deduplication
Data deduplication improves efficiency but also comes with several limitations:
- Adds CPU and memory overhead when the system checks large amounts of data for matches.
- Data encrypted before deduplication often dedupes poorly, since encryption makes identical original files look different. Some systems use convergent encryption or related approaches to preserve deduplication on encrypted data, though these designs involve trade-offs.
- Restore performance depends on how the system rebuilds files from stored chunks and metadata.
Risks and privacy concerns
Deduplication can create security and privacy risks, especially in shared cloud environments. For example, cross-tenant deduplication may reveal whether another user or tenant already stores a particular file if the system is not properly isolated.
It can also introduce data integrity risks. Hash collisions are mostly theoretical in modern systems, as strong cryptographic hashes like Secure Hash Algorithm 256-bit (SHA-256) and additional verification checks make false matches unlikely. However, weak validation can still cause different data to be treated as identical.
Deduplication metadata may also expose patterns in stored data, such as file sizes, similarities between files, and how often data is accessed or modified. In addition, ransomware can reduce deduplication efficiency because encrypted files often appear completely new and quickly take up more storage space.
Further reading
- What is network-attached storage (NAS)?
- What is data encryption?
- What is data exfiltration? A complete guide
