Moving Data Protection Beyond the Traditional 3-2-1 Rule


Today, data security is more important than it's ever been. With numerous threats ranging from phishing attacks to ransomware, SQL injections, and DDoS attacks, it is important for you to secure your data.

We've all heard about the 3-2-1 rule for data protection and backups.

It seems like every backup vendor has endorsed it - but is it enough? 

What is the traditional 3-2-1 Rule for backups?

The 3-2-1 rule was originally created for backing up photography files; however, so much is done in the digital world today that this rule has extended to all areas of information technology. To follow the 3-2-1, you should back up your data as follows:

  • You should have three separate copies of data
  • These data copies should be stored in two different forms of media
  • One of these media copies should be off-site

You should make sure your data backups can be used to address almost any failure scenario. That way, if something happens to your initial data copy, you can restore your data from one of your backups. 

How can you follow the 3-2-1 Rule?

There are multiple ways you can achieve the 3-2-1 data backup rule, so you can tailor them to meet the needs of your business.

A few examples of common data backups include:

  • You can back up your information on a disk, such as NAS, SAN, and appliances
  • You can use a removable storage drive to back up your data
  • You can store a copy of your data on a tape
  • You can back up your information to the cloud, such as Veeam Cloud Connect
  • You can replicate your data to another host site
  • You can back up your information in cold archive storage on the public cloud
  • You can back up your copy jobs to another storage location

Every business is different, so you need to think about these options and figure out what works best for your company.

With the threat of cyberattacks growing constantly, it is important to think about upgrading this rule through Veeam and Probax with the 3-2-1-1-1-0 rule.

What is the 3-2-1-1-0 Rule?

The 3-2-1 rule is a great starting point for data security; however, with numerous digital threats growing, two additional steps are needed.

Often skipped, these steps are most important because they validate how effective the backup policy and procedures are.

3-2-1-1-0 Rule Explained

With the 3-2-1-1-0 rule, you can ensure that your data is recoverable no matter what type of incident takes place.

To follow the 3-2-1-1-0 rule, you should back up your data as follows:

  • You should have three separate copies of data
  • These data copies should be stored in two different forms of media
  • One of these media copies should be off-site
  • One copy of your data has to be immutable, offline, or air-gapped
  • You should make sure there are zero errors with backup testing and recoverability verification

The extra two steps are critical today.

If you have a copy that is offline or immutable, then your data can still be recovered in the event of a ransomware attack. You also must make sure there are no surprises when you backup your data.

With automated testing and recovery verification from Probax, you can rest assured that you can restore your data in the event of an incident.

The 3-2-1 Rule vs the 3-2-1-1-0 Rule: What's the difference?

The primary difference between the 3-2-1 Rule vs the 3-2-1-1-0 Rule is simple: while both approaches provide comprehensive data security, only the 3-2-1-1-0 Rule offers complete backup-saving mechanisms.

The 3-2-1 Rule is a good start, but the 3-2-1-1-0 Rule goes further by prioritising continuity, avoiding downtime, and avoiding long-term reputational damage when outages happen. From malware and malicious events to human error and physical damage, the 3-2-1-1-0 rule provides the highest level of protection available.

Every organization needs to determine its own level of security based on the different values, standards, regulatory frameworks and operating approaches when it comes to data. The 3-2-1-10 Rule is the best approach for every organization.

Protect your MSP clients' data with the 3-2-1-1-0 Rule

Data loss prevention is vital to any business, and minimizing risk to the smallest percentage possible is the purpose of any disaster recovery or mitigation plan. As a Managed Service Provider, you should be regularly reviewing your backup and business continuity strategy to ensure it remains effective and continues to meet the needs of your growing client base. 

If you're thinking about upgrading to a 3-2-1-1-0 backup strategy, why not try it out with a 14-day 20TB free trial of Probax? Your no-obligation free trial gives you full platform access so that you can experience what next gen data protection could mean for your business and your clients. The best part? It only takes a few minutes to set up and we won't ask you for payment details.

You need disaster recovery in your MSP toolkit

Traditional backup only protects a segment of data. That's why our practical and free white paper Most MSPs Have Inadequate Disaster Recovery Solutions outlines everything your MSP needs to know about the importance of DRaaS. 

Simply click below to download your copy today!