3-2-1 backup rule – how to protect your business against data loss and downtimes

What exactly does the 3-2-1 backup rule mean? And why do so many security specialists emphasize incorporating the rule into a data protection strategy? Does fulfilling three basic requirements could eliminate the consequences of business downtime due to outages, cyber-attacks, or natural disasters?

Basics of the 3-2-1 backup rule 

“Clients are divided into two groups, those who create copies of their data, and those who will be creating them soon.” – this is one of the most popular sayings in the cybersecurity world. You will probably agree that the first group of people are by nature more cautious and think about data security, or simply have experienced the effects of data loss already. The truth hides in facts and the probability of data loss comes near certainty. 

The 3-2-1 backup rule is one of the most common concepts in the data protection literature. How does this rule exactly work, and how to deploy it into your security policy? Let’s find out together. 

3-2-1 backup rule – the meaning behind the numbers

The 3-2-1 rule is an easy-to-remember name for a recommended approach to data security. It says that you should:

3 – keep at least three copies of your data,
2 – keep them in at least two different localizations,
1 – and keep one copy outside your office.

3 – keep at least three copies of your data

A stolen or damaged device, ransomware attack, unintentional or intentional data loss due to some careless employee. The scale of risk is different for each of the presented examples. But no matter what, the benefits of keeping three backup copies, instead of one or two are real.

Let’s assume that we keep our data on device A, and the copy of that data on device B. Probability of losing data from device A or device B is identical and equals 1/100. The probability of losing data from both devices at the same time is:

1/100 x 1/100 = 1/10 000

But if we have another device on which we keep yet another backup of our data, independently outside the company’s office (p.e. in the cloud), and let’s assume that the probability of losing data from that device is the same – 1/100, the chance of losing your data lowers to:

1/100 x 1/100 x 1/100 = 1/1 000 000 (!)

Is this calculation enough to convince you that following the 3-2-1 backup rule will significantly lower the chances of data loss and benefit your organization? Then let’s move on. 

2 – keep copies in at least two different localizations

There is no doubt that any hard drive sooner or later fails. Even the best one on the market has a limited lifespan. That’s why using more than one location or data storage to keep backup copies secure comes as another crucial point is the comprehensive DR planning. If you have it covered we can move to the final issue. 

1 – keep one copy outside your office

Fire, flood, theft – there are threads that can affect the whole IT infrastructure. If you don’t want your data gone up in flames, as the 3-2-1 rule says, we recommend keeping one of your copies outside the office. A good way for that is to use cloud storage like AWS, Wasabi, or another one from some trusted provider.

Are you ready to implement the Rule into your organization’s data security planning? If so, we can move into the backup itself and a preferred backup solution for your business. 

Enter the… Xopero ONE

Xopero ONE is a backup solution that allows performing comprehensive protection of the physical, virtual, SaaS, and Git environment – the way you want it to be done. It enables us to set up everything we talked about in this article. Create a backup plan that fits your needs perfectly, with ease, and with the best security in the package. You can test in for free – start your 30 days trial now.

Xopero offers you:

  • Backup on-premise or in the cloud – You can choose where to store your copies, on your local machine, on your NAS device, or in the cloud AWS or Azure, it’s your choice!
  • Unlimited data retention – store your data as long as you need it, you set up how long you want to keep it.
  • Granular recovery – Take advantage of the fast, point-in-time recovery of only the files you want to recover – any folder, any files, any mailboxes, or even particular emails.
  • Central, user-friendly management #1 – simple, the most intuitive central management web console. Thanks to the most user-friendly interface, setting up efficient backup and recovering data are the simplest ever. 
  • Automatic backup – Define whether the backup should be made once, or automatically at a specified frequency. Set it up once, and forget about it – it will work as you set it.
  • Encrypted backup – your data is always encrypted, choose a preferred encryption algorithm and length of the encryption key to make sure nobody, except you, can decrypt your information.
  • and many more…