Accounting weekly

Data Protection Day 2022: Remember the 3-2-1-1-0 backup rule

Data Protection Day is an annual opportunity to remind and educate businesses on the most-effective approaches to preparing for the multitude of threats to business continuity that exist in the global digital landscape. From strengthening defences against ransomware to training employees in regulatory compliance, a vital part of any Modern Data Protection strategy is the ability to backup and recover data at any time. Veeam advocates the expanded 3-2-1-1-0 backup rule as its best practice that all businesses should follow in 2022.

3: Maintain at least three copies of your data

In addition to your primary data, you should also have at least two more backup files for sufficient protection.

The chances of something going wrong on three devices at the same time is much smaller than two devices, especially when the primary backup is often situated close to the primary data. In the event of a disaster, the primary data and primary backup might be lost. The secondary backup should be situated away from the primary data as a contingency for when disaster strikes.

2: Store backups on two different forms of media

It is recommended that you store one of your backup copies on an internal hard disk drive and the other copy on removable storage media – for example, tape, external hard disk drives, cloud storage, etc.

Storing both copies of your backup on the same type of storage media increases the chance of losing all your backup data if an outage or cyber-attack affecting data stored on a specific media format occurs.

Alternatively, store your primary backup on internal hard disk drives of a physical server and the secondary backup on internal hard disk drives of a NAS where the hard disk drives on both systems are of a different brand, size and type.

1: Store at least one backup copy offsite

Keep at least one backup copy away from the physical location where the primary data and primary backup is located. It is recommended that you do not keep your second copy at the same physical location. This is because in the event of a disaster such as a fire or flooding, everything in that one location could be destroyed. If you stored your primary data, primary backup and secondary backup all in this same facility, it is lost forever.

For businesses without multiple sites, you can store a copy of your backup data in a private cloud via a service provider or in the public cloud. 

1: Store at least one copy offline

It is recommended to keep at least one backup copy offline – disconnected from the network and away from any IT infrastructure. Examples of offline media include rotating external USB-disks, tape, and object storage with immutability.

If a hacker successfully gains access to your IT environment, everything on the network is potentially vulnerable. To fully protect data, keep an offline copy, protected using an encryption key, to prevent external or insider threats from interfering with it via the network. This is commonly referred to as an air-gapped backup.

0: Make sure you have verified backups without errors 

Backups are only as good as the process being used to verify them. Firstly, backups must be monitored daily. Check whether there are errors and solve them as soon as possible. There should be zero. Secondly, make sure you can restore data from your backups by performing restoration tests at regular, recurring intervals.