TechNOW Blog | Matrix Integration

The Best Defense Against Data Breaches: The 3-2-1-1-0 Backup Rule | Matrix Integration

Written by Matrix Integration | Oct 5, 2023 6:22:18 PM

 

A single backup of your data isn’t good enough anymore. The 3-2-1-1-0 backup rule can help make your recovery worry-free.

 
By: Tim Pritchett

With the number of data breaches increasing, it’s not a question of if your business will experience a cyberattack, but when.

According to a recent cybersecurity report from Cisco,
  • 48 percent of organizations found information-stealing malware activity in their networks
  • 50 percent encountered ransomware-related activities
  • 69 percent experienced some level of unsolicited cryptomining
  • 89 percent had at least one employee connect – or almost connect – to a phishing site 

Even if your business isn’t attacked, there are lots of other ways to lose data, from user errors to unpatched end-of-life technology.

The trend that we’re seeing at Matrix Integration is that when a business’ data is compromised, pain and preparedness are directly correlated. Companies who not only have accessible backups but have also practiced restoring from those backups are immediately ahead of others who have no strategic plan around disaster recovery.

In designing a data recovery plan, we follow the 3-2-1-1-0 rule, which has been advocated and followed for years by our strategic partner Veeam.

What is the 3-2-1-1-0 Rule?
Originally the 3-2-1 rule (you can read about the history of the rule here), the 3-2-1-1-0 data backup rule boosts your data’s resiliency and reliability by requiring:
  • 3 Copies of Data: Every business should maintain three separate copies of its critical data. This includes the primary data used by employees and two backup copies.
  • 2 Different Media: Data should be stored on at least two different types of storage media. For example, two might be stored on premise while one is in the cloud.
  • 1 Copy Off-Site: One copy of your data should not be on-site at your business. As above, one of these locations can be the cloud, or the data can be stored at a different physical location.
  • 1 Copy Air-Gapped or Immutable: One backup copy should be completely isolated from your network. This may mean that the copy is offline, in an immutable cloud repository, or even reliant on a classic, but reliable tape drive.
  • 0 Errors: The backup data should be tested regularly to make sure that it is free from errors or corruption. If it’s error-free, there will be no surprises when you need to use it to recover from a breach or failure.
Implementing the 3-2-1-1-0 Rule

There’s a lot of flexibility in implementing the 3-2-1-1-0 rule in terms of where to store data and what formats it should be stored in, which is where Matrix works with you and your IT team to collaborate on solutions that meet your business’s needs.

Other considerations include:

  • How quickly can you restore from a backup? Are key stakeholders aware of that timeline?
  • Do you maintain updated documentation on how to restore from backups?
  • If your primary data center were lost to a disaster (natural or cyber), do you have a plan of where to host your backups once restored?
We’ve worked with many of our clients to create data recovery plans that are straightforward to implement and follow if and when a data breach occurs. Is your company following a version of the 3-2-1-1-0 rule? What is your configuration like?