The 3-2-1 Backup Rule – Back to Basics

What exactly is the 3-2-1 backup rule?

The 3-2-1 rule is a strategy for data protection, specifically for backups, that ensures you will always have a “good” copy of your data. It has been around and in use for many years, but it is good to review basic best practices from time to time. It mitigates single points of failure, location failures or destruction, and provides for good data protection practices. The rule states you should have three (3) copies of your data on two (2) different type of media, with one (1) of those copies being offsite.

How do I easily get three copies of my data? Does that not add a lot of storage requirements?

If you follow the rule, you will easily have the three copies. One copy is your production data, a second is a backup, and the third is the offsite version. Storage requirements vary greatly and depend on change rates, types of data, and retention policies. Software such as Veeam Backup & Replication has compression and deduplication built in, furth reducing storage needs.


3-2-1 Rule


Two different types of media?

In this instance, media is storage hardware. Best practices strongly advise against keeping your backups on the same storage system on which your production data lives as this is a single fault domain, or single point of failure. If that storage system fails, you will have neither your production data nor a backup. In years past, it was a server and a tape drive, but tape drives are generally much too slow for today’s availability requirements. Most companies use tier-1 storage for production workloads and a tier-2 or 3 storage system for backups. These could be the same brand as long as they are not connected/dependent on one another, or they could be special appliances.

One offsite copy?

The goal for offsite copies is to protect against site failure. This could be at a disaster recovery location or with a backup-as-a-service and disaster recovery-as-a-service provider such as Global Data Vault. Since malware can infect and encrypt backup files and propagate itself across network connections, adding an air gap to the 3-2-1 backup rule is extra protection from determined cyber attacks, and nowadays is really a requirement more than an option.

3-2-1 Backup and Enhanced Data Protection


Submit a Comment

Your email address will not be published. Required fields are marked *