Great content delivered right to your mailbox

Thank you! Check your inbox for our monthly recap!

This probably won’t come as a great surprise, but cyberattacks are a leading cause of data loss. Cybercrime will cost the world an estimated $10.5 trillion by 2025. Human error—which can of course be linked to types of cyberattacks such as phishing and ransomware—is another major cause.

Fortunately, there are specific measures and precautions which can help in preventing attacks and protecting your data. One effective method is to back up data frequently to avoid panic and losses in a crisis. As a business leader, you can use the “3-2-1 Backup Rule.” This strategy will strengthen your cyber defense and secure your crucial data.

What is the 3-2-1 backup rule?

Regardless of cyberattacks and accidental deletions by employees, hardware crashes and other disruptions are also common causes of data loss. There’s really a multitude of different ways your critical business data can be put at risk! So using the 3-2-1 backup rule to safeguard your files is always a good idea.

The 3-2-1 rule was first introduced by Peter Krogh in his digital asset management book for photographers in 2005. Since then, it has become a crucial methodology for data backup for businesses worldwide.

The method saves different copies of data on different levels, devices and locations. The backup strategy requires you to have three copies of data—your production data and two backup copies. The data is stored on at least two different devices, and one data copy is kept on the offsite device for disaster recovery.

So, breaking it down from the bottom, the 3-2-1 backup rule works as follows:

3. Have at least three copies of your data

The “3” in the 3-2-1 backup rule tells us to save three copies of data in unique places, away from each other. The set can have one primary production copy—production in this case referring to data that’s required for day-to-day business activities—and two copies. More copies mean greater chances of data recovery.

2. Save your backup data on two different types of media

After creating copies of your data, save them on two separate devices. This step is the “2” in the 3-2-1 methodology. The two locations or devices can be external hard drives, UBSs, magnetic storage devices, network-attached storage (NAS) or others. In worst-case scenarios, if one backup hard drive fails, the other will have your data safe and sound.

1. Keep at least one backup offsite

There’s always some risk of hardware malfunction and damage to physical storage devices, so keeping all your backup devices in one place is not recommended. An office fire or other natural disaster, for example, can destroy the data in one fell swoop. The 3-2-1 backup strategy encourages you to back up your data in remote locations where teams for other cities or countries can create further copies. That’s why it’s considered a best practice to upload at least one file to an external offsite platform like the cloud.

Different ways to achieve the 3-2-1 rule

There’s no particular approach to implementing the 3-2-1 backup rule. Businesses can use the following flexible methods to create unique 3-2-1 rule configurations. Not only will it provide data benefit protection, but it’s also cost-effective.

A comprehensive data backup strategy is vital for your business’s success. You can use the following data backup practices to support your adherence to the 3-2-1 rule.

  1. Regularly back up your data: Experts recommend backing up data as frequently as possible. This way, you’ll have complete data backup if attacks happen. Large intervals in data backup can result in potential data loss.
  2. Back up the correct data: Protect essential files first, including your company’s customer and financial data. Your operating system, registry and machine image files are also critical.
  3. Use automated backups: Compared to manual backups, automating data backups are more accurate and ensure that crucial files are uploaded without gaps.
  4. Secure your data: Using verification and tests, take the time to ensure your data backups are secure and not corrupted in any way. Make a separate copy for your backup data just in case one set fails or files are damaged or tampered with.

An alarming number of businesses haven’t invested in an incident response plan to deal with cyberattacks and data breaches. A business that does not have a disaster management plan will likely make rushed decisions and offer a panic response that does even more damage.

The ideal approach is to align your existing data backup and defense strategy with the 3-2-1 backup rule. If not, make a plan to implement it with your cloud service and hard drives. Review your process and create a recovery plan to protect your business.

Need to improve your cybersecurity? Sherweb can help

Do you want to improve your cybersecurity? As the cyberthreats continue to grow, we can help you to improve your (or your clients!) security posture and provide optimal protection for your data. Explore our portfolio of cybersecurity solutions for services that can help you today, or reach out to us to start a conversation. You can also check out our Partner Guide for more information about how Sherweb can help your business grow.

Written by The Sherweb Team Collaborators @ Sherweb