The 3-2-1 backup rule
Updated: Apr 13
To prevent a data loss crisis, companies sometimes rely on a backup appliance, or a local-only backup to a nearby storage device. But in today’s environment these methods alone aren’t enough to ensure reliable protection from possible calamities like malware infection, insider attack, natural disaster, or physical hardware damage. Even if your data seems to be safe on the local backup drive, recovery from just a single backup source can rapidly become unreliable if that source becomes compromised or if you lose access to it.
One of the timeless rules that can effectively address any failure scenario is called the 3-2-1 backup rule.
The 3-2-1 rule is very general, and it works for all data types (individual and corporate) and all environment types (physical and virtual).
This approach helps to answer two important questions: how many backup files should I have and where should I store them? In other words, the 3-2-1 backup rule means you should:
3. Have at least three copies of your data. 2. Store the copies on two different media. 1. Keep one backup copy offsite.
Let’s consider these statements one by one in more details.
Have at least three copies of data
By three copies, I mean that in addition to your primary data, you should also have at least two more backups. Why isn’t one backup enough? Imagine that you keep your original data on device #1 and its backup is on device #2. Both devices have the same characteristics, and their failures are statistically independent (they have no common failure causes). For example, if device #1 has a probability of failure that’s 1/100 (and the same is true for device #2), then the probability of failure of both devices at the same time is:
1/100 * 1/100 = 1/10,000 This means that if you have your primary data (on device #1) and two backups of it (on devices #2 and #3, correspondingly), and if all devices have the same characteristics and no common failure causes, then the probability of failure of all three devices at the same time will be: 1/100 * 1/100 * 1/100 = 1/1,000,000 This is why having more copies of your data means you will have less risk of losing data during a disaster. In short, if your data is important to you, be sure to make at least two backup copies. Note: Another reason to create more than two copies of data is to avoid the situation when the primary copy and its backup are stored in the same physical location.
Store the copies on two different media
In the section above, we assumed that there were no common failure causes for all the devices where you store your data copies. Obviously, this requirement cannot be fulfilled if you save your primary data and its backup in the same place. (For example, disks from the same RAID aren’t statistically independent.) Moreover, it is not uncommon after one disk failure, to experience failure of another disk from the same storage around the same time. That’s why the 3-2-1 rule suggests that you keep copies of your data on at least two different storage types, such as internal hard disk drives AND removable storage media (tapes, external hard drives, USB drives, SD-cards, CDs, DVDs, or even floppy disks), or on two internal hard disk drives in different storage locations.
Keep one backup copy offsite
Physical separation between copies is important. It’s not a good idea to keep your external storage device in the same room as your production storage. If there was a fire (knock on wood!), you would lose all of your data. If you work for a company that’s an SMB with no remote or branch offices (ROBO), storing your backups to the cloud might also be an option. And tapes taken offsite are still popular among all company sizes.
Contact 5 Star Technology to implement a backup strategy, whether the backup is only for the data, for physical machines or for virtual machines we can help you keep the backup safe.
Also take note that we do have a backup solution as well for the Office365 email, One Drive and SharePoint products. We will cover these backup solutions in another post.
Since our company is located in Curaçao we have the advantage to provide either the US backup datacenters to our customers that prefer a datacenter that is closer to our region or we can provide the European datacenters to the customers that prefer to use the datacenters in the EU region which is more in line with the local laws and regulations of Curaçao.
Backup is only one of the many IT Services that we provide via the layered security approach to manage and secure our clients infrastructure.
Part of our commitment to our clients is sending weekly and monthly reports on the status of your devices (including the backup) therefor providing insights in your network environment.