Understanding the 3 2 1 Backup Rule

If you’re anything like most people, chances are that you’ve experienced—at some point in your life—the devastation of watching hours of work disappear before your eyes as your computer crashes, the electricity goes out, or any of the myriad reasons that your unsaved work is gone forever. There’s also a good chance that you took immediate steps after that to make sure it never happened again—like turning on auto-save or consistently backing up your files. Now imagine that type of calamity multiplied exponentially with your company’s most important data—whether the data loss is from human error, natural disaster, or cyber attackers, it can cost your company millions of dollars and countless hours.

Backing up your data is a critical part of your company’s overall disaster recovery plan! Why? Because data is precious. Backups restore data and systems to their state at the start of a critical data incident, minimizing the damage to the company. An effective backup strategy lets you:

  • Restore your data. Backups can be used to restore lost, encrypted, or corrupted data.

  • Restore your systems. Backups can be used to restore entire operating systems and applications. 

  • Reduce your downtime. Effective backup systems quickly restore those data and systems—helping organizations meet their recovery time objective (RTO).

  • Reach your recovery point objective (RPO). Backups can be used to restore data and systems to a specific point in time, known as the recovery point objective (RPO)

Thankfully, you’re not on your own to create an effective backup strategy from scratch. There’s already a handy guideline that is a best practice throughout the world of IT: the 3 2 1 rule. Let’s dive into this popular backup strategy and how to ensure you’re following data best practices and securing your company’s most valuable data assets.

What is the 3 2 1 backup rule?

Great rules keep things simple and easy to remember, and the 3 2 1 backup rule is no different. What does it mean?

3—Always keep 3 copies of your data. This includes the original and two backups. Why the extra? Extra protection. Having three copies means that even if the original and one of the backups is damaged or destroyed, you still have a copy. And more and more, cyber attackers are targeting backups.

2—Keep those backups on different 2 media types. Keeping your copies on different media ensures that one point of failure cannot damage or destroy both copies. For instance, you can keep one copy in your data center and another in the cloud.

1—Keep 1 of the copies at an offsite location. Securing one of the copies in a geographically different location ensures that a catastrophic event or natural disaster at one location does not destroy all copies of the data. Keep in mind that the cloud is a convenient and economical way to achieve this!

Implementing a 3 2 1 backup strategy to prevent data loss

Of course, implementing a rule can be easier said than done. 

Keeping three copies of your data: It’s integral to ensure that you are consistently backing up your data and the copies of your data. It does you no good if the three versions of your data don’t match. It’s also crucial to make sure at least one of those copies is an immutable, air-gapped backup like the solutions that Rubrik offers with its zero trust data management solutions.

Storing the copies on two different media types: Great. What are your options? Well, you have quite a few, including external hard drives, network-attached storage (NAS) devices, cloud storage services, dedicated backup devices, and others. 

Keeping one copy at an offsite location or on a replicated device at another location: One of the reasons for this rule is to prevent data loss of all copies in the event of a natural disaster or another catastrophe that affects a geographical location. That being said, “next door” is not a great solution. Making sure the geographic locations are far enough apart is important, but the cloud also counts as a separate location—after all, your cloud-stored data isn’t actually in a cloud. It lives on a server in—that’s right—a different geographic location. That’s just one of the many reasons working with data management experts, like Rubrik, for all your data storage, backup, and recovery needs can keep you on top of your data game and help mitigate the risk of data loss.

At the end of the day, your business can’t survive without your data, and keeping the 3 2 1 rule top of mind in your disaster recovery plan is a strong start to protecting your data, your company, and your reputation.