Thanks for asking question and reaching here! The Backup and Restore feature in App Service lets you easily create app backups manually or on a schedule. You can configure the backups to be retained up to an indefinite amount of time. You can restore the app to a snapshot of a previous state by overwriting the existing app or restoring to another app.
You might be aware that App Service can back up the following information to an Azure storage account and container, which you have configured your app to use:
• App configuration
• File content
• Database connected to your app
For security ensure that regular and automated back-ups are occurring at a frequency as defined by your organizational policies.
• Understand Azure App Service backup capability
• Customer-managed keys for Azure Storage encryption
Check this link: https://learn.microsoft.com/en-us/security/benchmark/azure/security-control-data-recovery
Further to elaborate on this, Microsoft Defender for Cloud provides you the tools to detect and block ransomware, advanced malware and threats for your resources. Keeping your resources safe is a joint effort between your cloud provider, Azure, and you, the customer.
You have to make sure your workloads are secure as you move to the cloud, and at the same time, when you move to IaaS (infrastructure as a service) there is more customer responsibility than there was in PaaS (platform as a service), and SaaS (software as a service).
Check this document on Implement general PaaS security best practices recommendations
Best practices for securing PaaS web and mobile applications using Azure Storage
Let us know if further query or issue remains.