Since the earliest days of data protection, the 3-2-1 rule (three copies of data– one production and two back-ups, stored on at least two different media types, with one copy kept offsite of your organization) has been touted as one of the most effective strategies for keeping data safe. But is this tried and true principle still relevant in our modern threat environment?
3-2-1 Data Backup Rule History
The modern computing world looks very different than when the 3-2-1 rule was first conceived. Networking was much less advanced, and the internet was more of a toy for computer geeks than a tool for business. At that time, the biggest threats to data often originated inside the organization, from equipment glitches, employee actions, or data corruption.
Today, organizations process exponentially more data. There are also options available for backup, including cloud-based storage. How does this affect the 3-2-1 data backup principles?
Things to Consider with the 3-2-1 Data Backup Rule
The 3-2-1 backup principles are still promoted as an effective strategy for individuals and businesses by organizations like the federal Cybersecurity and Infrastructure Security Agency (CISA). While the basic principles behind 3-2-1 still stand, you must consider both the intent and execution you seek.
Suppose you are dealing with static data kept for archival purposes (like records from previous years, completed projects, etc.). In that case, it is relatively simple to protect your data using a practical solution like traditional 3-2-1 data backup procedures.