NovaBACKUP Security Blog

How to Follow the 3-2-1 Backup Rule


In a business, time is precious. Every minute lost due to downtime, results in lost revenue or possibly even closure. One security measure that can quickly restore productivity is your backup solution. It has the power to recover entire systems during a disaster scenario. It is the system administrators "ace in the hole" when all other security technologies fail. It only works however, if a reliable and restorable backup is accessible during a time of crisis. There are guidelines which can help to ensure this, the most popular being: the 3 2 1 backup rule.

What does it entail?

Although this precedent may not be discussed specifically within compliance or business regulations, it has become the minimum standard for backup strategies and will facilitate your recovery. It will get your organization back up and running in the event of a breach, and several other types of increasingly common threats that cause downtime. The 3 2 1 backup rule states that you should:

  • Have 3 copies of your data
    Copies should be in the form of secure, encrypted backups

  • Stored on 2 different types of media
    Examples: Solid State Drive, Magnetic Disk Drive, Flash Media, Magnetic Tape, etc.

  • With 1 backup kept off-site
    A cloud backup for your off-site requirement can create better accessibility.

The beauty of this rule is that it's simple for everyone understand and easy to maintain. It is one of the ways to ensure that backups are always restorable and that organizations always have a copy of their resources available during a disaster.

Cloud based storage has made it far more convenient and affordable to diversify and access your backup storage devices and locations (Example: Backup to a NAS device at a different physical office).


The Benefits of 3 2 1

Besides its simplicity, this rule has numerous other business benefits. For one, the redundancy ensures that when one copy is destroyed or otherwise unavailable, there are other backup copies accessible. This will increase your organization's chances of getting your systems back online in a reasonable amount of time, and helps to mitigate the effects of such a disaster.

The 3 2 1 rule also provides you with flexibility to customize the specifics in a way that best suits your organizations needs. You can utilize any supported and reliable storage media that you like, and select whichever vendor will best support you and cater to your off-site requirements.

Virtual Machines

These days most organizations are utilizing virtual machine technology in one way or another, and the 3 2 1 rule can play an important role here. It's not unheard of for a VM to become corrupt and require some data restoration. Your backup solution should be able to capture VM's at different points in time, with the ability to restore specific files as needed. Having backup data stored in multiple locations creates the flexibility to quickly access specific lost data, possibly preventing the need to spend time rebuilding the entire machine.

Follow the details

"Make sure that your backups are successfully following these guidelines."

Because the 3 2 1 rule explicitly states the steps you should take to secure your data, make sure that your backups are successfully following these guidelines. As InformationWeek contributor Doug Hazelman pointed out, although 3 2 1 is an effective strategy, there have been some high-profile cases that have failed to adhere to the details stated within the rule.

For example, Pixar almost lost "Toy Story 2" due to failed backups and a rogue command. Luckily, someone had saved a third copy to a home computer off-site, mitigating the potential damage. This instance shows just how important the redundancy is within the 3 2 1 rule.

"The 3 2 1 rule sounds easy when you first think about it, but the devil is in the details," Hazelman wrote. "As the producers of 'Toy Story 2' no doubt learned, it can be all fun and games until a backup is missing - then things can get awfully serious."

Want to take your backup strategy to the next level? Download our free Backup Strategy Guide.