3-2-1 rule is a business data backup and recovery paradigm created to help businesses create a backup and recovery strategy. Originally coined in 2005 by Peter Krogh, it has proven an effective way to help IT professionals and business owners secure their data across backup size, business size, geography, and industry.

The 3-2-1 paradigm asks a company to follow a few simple rules

  • First, keep at least three copies of your data.
  • Second, store two of those copies on a separate media.
  • Three, store one copy in an off-site location.

Let’s break that down. Of the three copies of data, two copies need to live on separate machines (but can be at the same location). If one of those copies fails, it is much easier to recover from a device nearby, rather than one miles away. The third and finally copy needs to be off-site, and in today’s world this means on the cloud. However, companies with multiple locations may elect to have this third copy at their secondary office or manufacturing plant. If the first two copies fail, as a result of a fire, flood, or some other unlucky event, the third copy should still be available.

While this approach has been used for over 15 years, it is not without limitation. Many companies have found that their recovery time is much greater than expected. Other companies, especially ones that fail to regularly test their recovery process may find that all or parts of their data are not recoverable. More recently than was the case 15 years ago, this data corruption may be caused by malware, especially ransomware. In the case of malware, it is very possible that no usable portion of their data is recoverable. Unfortunately, the 3-2-1 approach does not account for security concerns (you can read our What is Malware article for more information)

Why companies are moving towards a 3-2-1-1 approach

As security concerns have taken center stage for IT Directors, investors, and business owners alike, a new backup paradigm is gaining popularity to help resolve the gaps in the traditional 3-2-1 approach. Enter: 3-2-1-1, which takes modern security concerns into account. The final (and fourth) “1” asks IT professionals to secure their data in a format that cannot be altered. This does not mean that encryption, or anti-malware is sufficient. Your data needs to be in an immutable format to maximize your security, and ability to effectively recover. 

Your backups are the last step in a layered security approach (read our article on malware prevention for more information on the layered approach) – one we hope to never use.