The 3-2-1 backup rule refers to a tried-and-tested approach to data retention and storage:
By applying this rule, you ensure that data can be recovered in almost any failure scenario. One of the most common practices is to keep one copy of production data, one backup on a local repository and one backup copy in offsite storage or in the cloud.
This approach is not about choosing one medium over another but rather about finding the right combination of storage media and locations in terms of cost-efficiency, security and flexibility. Let’s take a closer look at each point of the 3-2-1 rule.
Three copies mean the primary production data and two backup copies. Keeping 3 copies of data is the bare minimum required to ensure that you can recover in any failure scenario, keep recovery objectives low and avoid a single point of failure.
It follows then that the more backup copies you have, the less likely it is that you would lose them all at once. Having a single backup stored in the same location as the primary data means that any disaster that hits your production can also affect your secondary copies.
Having all your backups on the same type of storage media makes it more likely that both devices would fail at about the same time due to a defect or simple wear and tear.
To abide by the 3-2-1 rule, you need to store your primary data and backup copies on at least two different storage media, including internal or external hard drives, NAS, tape and others.
Keeping all of your backups in a single place is not recommended since they could be entirely wiped out in a natural disaster or a building emergency like an office fire. For this reason, the 3-2-1 backup strategy dictates that you should store one or more backup copies in a remote location, for example, in another city, state, country or even continent. A remote location in this case can be physical offsite storage or the cloud.
Keep in mind that while remote backups improve your chances of recovery, keeping local copies provides faster and easier recovery. To ensure business continuity and prepare for all potential risks, the 3-2-1 backup rule should be part of a comprehensive disaster recovery plan.
The original 3-2-1 backup strategy was conceived before the internet era and is perfectly sufficient in most scenarios. However, in recent years, this approach has been expanded to the 3-2-1-1 backup rule in response to the cyberthreat landscape and data compliance requirements. The 3-2-1-1 backup strategy:
Immutable backups are backup files stored using the write-once-read-many (WORM) model. These backups cannot be modified or deleted making them immune to new ransomware attacks and accidental or intentional deletion.
Different storage devices, like tape and optical disks, allow you to apply immutability to backups. Immutable storage can also be configured on Linux OS-based machines or in the cloud, for example, in AWS using the Amazon S3 Object Lock feature.
You can create air-gapped backups by storing data offline on detachable disks, NAS or tape and disconnecting them from the production site. Similar to immutable backups, air-gapped backups are ransomware-proof and can be used for swift recovery following a disaster or a cyberattack.
Modern solutions like NAKIVO Backup & Replication offer numerous backup features that allow you to implement the 3-2-1 rule and extend it to the 3-2-1-1 backup strategy to include immutable backups.
Along with direct backups, these features include:
The 3-2-1 backup rule has been the most effective approach in data protection for decades. By keeping three different copies of your data, stored on two storage media with one kept offsite, you significantly reduce the chances of losing all of your data. However, as threats continue to evolve, so should your security techniques. The recent 3-2-1-1 backup strategy provides a more robust defense against cyberattacks thanks to immutable and air-gapped backups.
