Most companies are well aware of the importance of backing up their data. Without adequate data storage policies, a business is not only vulnerable to ransomware, but a single hardware failure can lead to data loss.
Unfortunately, having multiple copies of data is not always enough. If they are both stored on the same server, it is possible that a single incident can delete them both.
One way to protect important files is to use the 3-2-1 backup strategy. So what is it and how can it protect your business?
What is the 3-2-1 backup strategy?
The 3-2-1 backup strategy is a specific way to store data. It is designed to prevent data loss in the event of a security breach or natural disaster. The 3-2-1 strategy requires you to keep three copies of your data, two copies on different types of storage, and one copy outside the site.
Doing this makes it much harder for a single event to cause data loss. Here’s how to perform each step.
Keep 3 copies of your data
Having three copies of your data is considered necessary to ensure that data can always be recovered. In practice, this usually means having one primary copy that is easily accessible, and two additional copies to serve as a backup.
Use 2 different storage devices
If all your data is stored on the same type of storage, then all your devices are more likely to fail at the same time. To avoid this, data must be stored on at least two different types of storage. Storage types include hard drives, network storage, tape drives, and cloud storage.
Keep 1 copy off site
If all your data is stored in the same location, a natural disaster can lead to complete data loss, no matter how many copies you have. A single location also makes you much more vulnerable to a security breach. To protect against these scenarios, one copy of your data must be stored separately in a remote location.
Why is the 3-2-1 backup strategy important?
The 3-2-1 strategy protects against a variety of threats that can cause data loss. Among which:
After a successful ransomware attack, data is encrypted and cannot be retrieved without paying a ransom. The 3-2-1 strategy protects against this by ensuring that the business owner has another copy of their data stored elsewhere. It is important to note that this strategy does not protect against a hacker who manages to access both locations at the same time. To avoid this, the 3-2-1-1 strategy was invented (which we’ll come back to).
Important data is often accessed and manipulated. If the access to the data is the only copy, a single user error can lead to data loss. The 3-2-1 strategy protects against this by keeping a backup that no one has access to.
Companies often store all their backups in the same location. This could be because it’s cheaper or just the most convenient. Unfortunately, it also creates a situation where a single flood or fire can cause data loss. The 3-2-1 strategy specifically avoids this scenario by dictating that a single backup should be stored elsewhere.
Who should use the 3-2-1 backup strategy?
The 3-2-1 backup strategy is mainly used by large organizations where data loss can prove to be a costly problem. However, this strategy is useful for anyone who just wants to protect their files.
While an individual is less likely to fall victim to a ransomware attack, they are equally likely to experience a hard drive failure, fire, etc. Many implementations of the 3-2-1 strategy are also very affordable and cost nothing more than the purchase of additional storage space.
How to properly implement the 3-2-1 backup strategy?
The 3-2-1 backup strategy is only effective if it is implemented correctly. Here are some tips to protect your data.
- Backups should be made regularly. All three copies should be as identical as possible.
- The additional copies must be kept in secure locations where access is strictly controlled.
- If the stored data is confidential, it must be encrypted.
- The additional copies and storage devices should be tested regularly.
What is the 3-2-1-1 backup strategy?
The 3-2-1 strategy is very effective, but not perfect. That’s why many companies now use an expanded version known as the 3-2-1-1 backup strategy.
The 3-2-1-1 backup strategy includes the original steps and adds a fourth; namely that one copy of your data must be immutable or air gapped.
The goal of the 3-2-1-1 strategy is to add additional protection against ransomware attacks.
Immutable backups are copies of your data that are stored using the Write Once Read Many (WORM) model. Immutable files cannot be changed or deleted. This prevents a hacker from encrypting the files if they somehow access them.
Air-gapped backups are copies of your data that are stored completely offline. This can be achieved using removable storage such as USB drives or on a computer that is never connected to the internet. Since the data is not connected to the internet in any way, even the most sophisticated hackers cannot gain access to systems with holes.
All companies should implement a responsible backup strategy
We all know you need a backup to keep your data safe. Unfortunately, some backup strategies don’t go far enough in protecting against data loss. Backups alone are not enough; you also need to think about how and where they are stored.
The 3-2-1 backup strategy ensures that there are at least three copies, using different storage types and locations. This makes it significantly more difficult for a single incident to damage your data.
To account for the additional threat of ransomware, the 3-2-1-1 strategy also ensures that at least one copy is inaccessible to hackers. Due to the prevalence of ransomware, this strategy should be preferred by any business.