Share on facebook
Share on linkedin

The 3-2-1 Rule: Apply it to for the backup of your data

According to best practices, there’s a practical and timeless rule to be respected when you want a  backup of your data: it’s the 3-2-1 rule. Unfortunately, it’s not a rule of my own invention and must be credited to the photographer, Peter Krogh. This rule means that you always have available a copy of your data and systems. In a world where ransomware can instantly disconnect you, it’s a necessary precaution.

So, how does the 3-2-1 rule work? It’s likely that you already apply a similar process if you’re thorough in the protection of your data.

The Rule of Three

Make sure you always have three copies of your data; one principal and two backups. Why?

If you want to validate the integrity of a file, you probably use something like “hash” or “checksum” as a verification method. If you only have one copy of your backup, you have no idea if it’s corrupted. If you have two, it means you can compare the “checksum” of one against the other to know whether or not your update is good.

Having a third copy means you have a deciding vote. If your first two “checksums” don’t match, a third will allow you to decide which backup is corrupted between the first and the second.

The Rule of Two

Use at least two different types of digital media to store your backups. Why? All types of media deteriorate: cassettes, DVDs, flash drives, and others. They’re all vulnerable to environmental factors and the technology you used may also become obsolete. Two types of standard media should suffice for the protection of your data.

The Rule of One

Keep at least one copy of your backup off-site and offline. Why? To protect your backups from environmental factors such as fire, flood, theft and electromagnetic problems. These days, it’s probably the best practice that you can follow. Also, ensure that your offsite storage is secure. In your car or in a cupboard at home is not considered a secure environment for your off-site data. The Cloud can be used for off-site backups, but make certain that they remain offline until you need them. Remember that certain ransomwares are able to encrypt data that may be situated on a mapped network reader. Veeam Cloud Connect can provide a solution. Request a quote online.

When you backup your VMware or Hyper-V environments with Veeam, this rule becomes the “3-2-1-0 Backup Rule” where the 0 means “0 error” during the automatic consistency verification of each backup, thanks to the SureBackup function in Veeam.

In Conclusion

The 3-2-1-0 strategy is, in a way, the basis of best practices for the protection of your data. Certainly there are other good practices, such as the use of service accounts to execute the backup task and the removal of local administrator rights from users on their workstations.

Lastly, another good practice would be to have an external audit of your backup solution performed by a firm like Malicis. An external firm has seen the errors that have happened elsewhere, and is often able to find less common, little-known flaws.