A backup strategy is the best defence against data loss. Data loss can happen for many reasons, including but not limited to hardware failure, power outages, software and data corruption, computer viruses and attacks, and, perhaps the most surprisingly common cause, human error.
Every company, even those relying on enterprise private cloud and business cloud providers, should have a strategy in place to protect and restore their data in the case of critical data loss. A sound backup strategy mitigates and can even entirely prevent downtime and critical data loss that be costly or, in the worst cases, fatal to a business.
Having a backup strategy in place to protect and quickly restore data in any scenario keeps your business going and minimizes disruption to customers and in-house users.
Creating your first backup plan with the 3-2-1 rule
If you’re currently sitting on business-critical data that isn’t backed up you should take action now.
The 3-2-1 backup rule is a simple yet efficient strategy to protect your data, and it’s principles hold true for any physical or virtual environment. It’s an ideal starting point to build any disaster recovery plan on and It helps you get protected as soon as possible.
Have at least three copies of your data
Three copies mean two backups, plus the single production copy of your data.
A single backup copy isn’t enough. Sure, a single copy will be able to pull you out of most tight spots, but in general, the more backup copies you have the less likely you are to experience simultaneous issues with all available copies of your data. There is simply less chance of losing them all.
A single backup is a good start, but it isn’t resilient enough for data that could make or break your business. If you lose or somehow corrupt your sole backup then you have no backup. If it helps, think of the second copy as a backup of your backup.
The obvious follow-up of “Why not four?” is an interesting one. More backups require more time and resources to be spent on the problem. Four or more backups may be a viable option in some situations but three tends to be the most cost-effective strategy for most use-cases.
The other reason for having a pair of backups leads us neatly into the next rule.
Store your copies on two different media
Storing all your backups using the same technology leaves all of your data vulnerable to the weaknesses of that storage medium. For example, hard disk drives purchased at around the same time or used around the same have to potential to fail at a similar time with a similar Mean Time Between Failures (MTBF).
Storing your data across multiple technologies in this way mitigates this risk and as failure prevention is impossible risk mitigation should always be the goal.
In most cases, one copy is held on a fast and easily accessible local storage medium such as an SSD, NAS, or even tape storage to ensure time to recovery is as low as possible. With a second copy held on more robust cheaper storage – often more resilient but slower to restore.
Keep one backup copy offsite
You want multiple copies of your data, but you want them in multiple physical locations. Offsite storage is likely the most important factor of the 3-2-1 strategy as adherence to this rule helps enforce the others.
Keeping all your eggs in one basket is a bad idea, and keeping all your backups in one place is too. Environmental issues such as power surges, fire, flooding, or otherwise, have the capacity to destroy or at least render inaccessible all data in a local area.
Many organizations are attracted to enterprise private cloud storage and business cloud providers who often provide managed off-site backup solutions to back up locally stored data to a remote datacenter. If your data is already stored remotely an alternative solution would be to take your data off-platform to another provider for safe-keeping – sometimes referred to as a 3-1-2 strategy (one medium, two locations) – or even download a copy to a local storage device in your office.
The limitations of the 3-2-1 backup rule
The 3-2-1 plan is a great starting point for putting a disaster recovery plan in place, but it is by no means infallible, and other approaches should be considered to discover the plan which best suits your needs.
For example, the changing nature of data isn’t really covered by this plan. If you overwrite your backups each night and the following morning discover that you’ve overwritten your backup with corrupted or missing data, you’re going to be in the same position as you were without a backup.
Differential backups can resolve this as they support data versioning, allowing organizations to roll-back to an earlier point in time, meaning that not all historical versions of data can be recovered.
The best time to backup your data was yesterday, the second-best time is now.