Data Protection Day 2022: the 3-2-1-1-0 rule for backups

The new year is only a few weeks old - and already numerous ransomware cases are known again. Strengthening the line of defense does not necessarily prevent attacks, but it does demolish the hackers' business model. Attacked systems are back online within minutes, with up-to-date data. That is why the extended 3-2-1-1-0 backup rule is to be favored. All companies should introduce and apply this in 2022. The 3-2-1-1-0 rule is considered an important best practice for companies that want to maintain very high service levels while protecting themselves from data loss.

3: Keep at least three copies of your data

In addition to the primary data, there should be at least two other backup files to be adequately protected. The likelihood of "something going wrong" on three devices at the same time is much lower than on two devices - especially if the primary backup is located near the primary data, as is so often the case. In the event of a disaster, the primary data and the primary backup could be lost. The secondary backup should therefore not be located in the immediate vicinity of the primary data.

2: Store backups on two different media

It is recommended to back up one of the backup copies to an internal hard disk drive and the other copy to a removable storage device (tape, external hard disk drive, cloud storage). Keeping both versions of the backup copy on the same type of storage medium increases the risk of losing all backup data once a failure or cyber-attack occurs. Alternatively, the primary backup can reside on the internal hard disk drives of a physical server and the secondary backup can reside on the internal hard disk drives of a NAS; the hard disk drives of the two systems should be of different brands, sizes, and types.

1: Keep at least one backup copy off-site

At least one backup copy should not be kept at the location where the primary data and the primary backup are located. This is because in the event of some (natural) disaster - such as a fire or flood - everything in that one location could be destroyed. Therefore, if the primary data, the primary backup and the secondary backup are all kept in the same facility, they will be lost forever. Organizations that don't have multiple locations can store a copy of their backup data in a private cloud through a service provider or in the public cloud.

1: Save at least one copy offline

It is recommended to keep at least one backup copy offline, thus separate from the network and any IT infrastructure. Examples of offline media are rotating external USB hard disks, analog tapes and object storage with immutability as functionality. This is because if a hacker successfully gains access to the IT environment, everything on the network is potentially vulnerable. To fully protect the data, the offline copy should be protected with an encoding key to prevent external or internal threats from accessing it over the network. This is commonly referred to as air-gapped backup.

0: Make sure your backups are error-free

Backups are only as good as the process used to check them. First, backups must be monitored daily to find errors and fix them as quickly as possible. Second, it should be ensured that the data is recoverable from the backup by performing recovery tests at regular intervals.

Take the 3-2-1-1-0 rule to heart

The 3-2-1-0 rule is a logical evolution of the better known 3-2-1 rule, which was conceived by world-renowned photographer Peter Krogh. This original rule stated that one should always keep three copies of data on two different media and one copy off-site. Given the magnitude and diversity of threats to business continuity in the digital economy, this guideline should be considered a starting point. To achieve the high level of resilience required by the increasingly volatile threat landscape, organizations need to add another 1 and a 0. Not only should a copy be kept offsite, but an offline copy should also be created that is immutable - always keeping in mind that there should be no surprises from errors when data is recovered. Therefore, a solution for testing the recovery must be used to be sure that all stored data can be completely restored in the shortest possible time. Source: Veeam The contribution Data Protection Day 2022: the 3-2-1-1-0 rule for backups first appeared on MQ Management and Quality.

This article originally appeared on m-q.ch - https://www.m-q.ch/de/datenschutztag-2022-die-3-2-1-1-0-regel-fuer-backups/