At one point, businesses relied on old tape backup systems to backup and store an entire copy of their data each night. The tapes were generally cheap, and it was better than nothing. When high-capacity hard drives started to become more cost-effective, they started taking tape’s place. Soon after, when cloud computing was in its infancy, it made sense to start storing backed-up data off-site. Today, with all of these elements in careful sync, fully managed, and monitored closely, the modern backup standard all businesses should lean on is known as the 3-2-1 rule.
If you have been in business for some time, you may be familiar with the sounds of storage device failings. Whether it was a ZIP or Jaz drive, a SyQuest, or the hard drive in your workstation, you dreaded the sound of the click, click, click, as you lost your data. Worse, most backups used to require that you weren’t actively working in order to run… which meant they often needed to be done manually and were usually stored on less-than-reliable mediums. The 3-2-1 rule was advocated as a remedy and best practice to prevent data loss in a catastrophic event.
When considering the effectiveness of the 3-2-1 rule, it acknowledges that technology's reliability has grown considerably since its origination. Due to the limitations of the past’s technology and despite manufacturers’ best efforts, drive failure was a common occurrence. This is where the second part of the 3-2-1 rule came into effect and why you saved your data on different types of media or devices; to reduce the chance of similar devices failing at the same time. Data redundancy is a critical component of a successful backup plan.
The 3-2-1 rule is simple in scope:
It is also important to acknowledge that the 3-2-1 Rule works best when there are AT LEAST three copies of your data. Maintaining more up-to-date copies means that you are more protected against disasters of any scale.
It is easy to see how critical and revolutionary the 3-2-1 rule was in preserving business’ data when the majority of data was on physical devices that the consumer or business had to manage. It is fair to say that many companies have stories of losing critical data because of device failure and a lack of efficient methods to recover their data. However, the complete reliance on physical devices for storage was nearly a decade ago, and as technology evolved, so must the means to protect it. So the question is, is the 3-2-1 rule still a best practice in the modern age of computing, where solid state drives continue to usurp traditional HDDs?
Instead of thinking about the 3-2-1 rule as a relic of the age of magnetic media, or one whose time has passed, you should think of its functionality as evolving. In its original incarnation, the 3-2-1 rule was designed to offset the inherent risks of data loss using physical devices to store data. While viruses and malware were an issue when the 3-2-1 rule was conceived, their scope and complexity are far removed from the cybersecurity attacks businesses face today. Data is a precious commodity and cybercriminals know they can exploit it. Even though hardware has gotten more capable and less error-prone, there are still risks to justify taking the safe route.
One way to view the necessity of the 3-2-1 rule is through the lens of how technology itself has evolved. For example, the transition from primarily using physical devices for storage to the cloud has profoundly affected how data is used, managed, shared, and protected. Moreover, the transition to cloud computing has reduced the risk of data loss due to hardware failure, the main issue the 3-2-1 rule was designed to address.
Ironically, as the means to store data has become more reliable, data has become more valuable. Data protection has shifted to protecting data from cyber criminals more so than bad hardware or a natural disaster. We see this shift reflected in the increasing number of cyberattacks, most notably phishing and ransomware. Fortunately, the 3-2-1 rule is well-suited to address today’s cybersecurity issues.
The main benefit of the 3-2-1 rule is that it separates copies of your data from each other. One of the first things some ransomware attacks do is seek out any backups you have and eliminate your ability to access them. Without a backup, you cannot resist a ransomware attack and have no choice but to either pay the ransom or lose your data. The 3-2-1 method of creating multiple backups makes it an effective tool in the fight against cyberattacks.
In most cases, cloud computing might make the second step of the 3-2-1 rule seem redundant. Multiple copies of your data are essential to effective data security—relying strictly on the cloud as your only backup means it’s more difficult to restore all of your data, manage snapshots, or access your backup when the Internet is out. The cloud is a hugely important piece of the puzzle, but you still need that extra redundancy.
Like any tool, the 3-2-1 rule must be part of a data backup and recovery plan in order to be effective in protecting your data. KT Connections is Rapid City’s premier cybersecurity expert, offering a wide range of cybersecurity solutions for any size business or industry.
While having a backup is your best option, we understand that sometimes you have to get your data off of a failing hard drive. Don’t worry, we can help. Our data retrieval process can pull your critical data from your failing device. Call 888-891-4201 today to learn how we can help you keep your most valuable asset, your data, safe.