Posey's Tips & Tricks
Modernizing the 3-2-1 Backup Rule
Does the advice of keeping redundant data backups still hold true today?
Ask a room full of IT pros to name long standing backup best practices and the 3-2-1 rule is sure to be on the list. It’s one of those things that has been around seemingly forever and doesn’t seem to be going away any time soon.
For those who are unfamiliar with the 3-2-1 rule, it simply states that in order for your data to truly be protected you need three copies of the data (the original and two backups), stored on two different types of media, with one backup copy being stored offsite.
The problem with the 3-2-1 rule is that it really hasn’t aged very well, and yet many backup vendors continue to cling to the rule as a matter of dogma. The 3-2-1 rule was created at a time when tape was the most widely used backup media. Today, disk and cloud backups have largely replaced tape (although tape still has its place).
Backup vendors often try to bend the 3-2-1 rule to fit a cloud-first world by saying that cloud backups count as one of the two media types and also fulfil the requirement to store a backup copy offsite. While this philosophy isn’t wrong, the 3-2-1 rule predates the cloud and was not created with cloud backup in mind.
Rather than stretching the 3-2-1 rule to fit today’s world, we need to create a new rule that conforms to the spirit of the 3-2-1 rule, but that more accurately represents modern backup requirements and capabilities.
At its core, the 3-2-1 rule does two things. First, it requires backup redundancy. I think that we can all probably agree that it’s important to have redundant backups because you never want to be in a situation in which you cannot restore data because your one and only backup is corrupt, damaged or missing.
The other thing that the 3-2-1 rule does is to discourage organizations from putting all of their eggs in one basket. It stresses the importance of keeping a backup copy offsite, and out of harm’s way. It also requires two different media types, which helps to guard against a situation in which a media level failure stands in the way of backup restoration. In the days of tape, there were stories of organizations creating multiple tape backups, but not being able to restore any of them because the tape drive’s write head was out of alignment.
All of this is to say that although the 3-2-1 rule itself is badly outdated, the basic reasoning behind the rule is solid. So with that in mind, what might a modern replacement to the 3-2-1 rule look like?
My initial thought is that the 3-2-1 rule’s name doesn’t even need to be changed. 3-2-1 can still apply, but with some of the values taking on new meanings.
In the original 3-2-1 rule, 3 indicates that there should be three copies of the data. I would change this part of the rule to say that there should be three backup copies in addition to the original data copy. When the original 3-2-1 rule was created the technology of the time made triple backups completely impractical. Even having two backup copies was ambitious. Today however, there are any number of ways to create multiple backups of a data set.
The 2 in the modern 3-2-1 rule should be that backups need to exist in at least two regions. Using multiple regions within the public cloud helps to insulate data against a regional disaster.
The 1 part of the modern 3-2-1 rule reflects that one backup copy needs to be in close proximity to the original data set. The thinking behind this one is that you really don’t want to have to restore data across clouds if you can keep from it. Doing so can be slow and expensive. Having a backup copy that is located in the same location as the original data helps to simplify and expedite data restorations.
About the Author
Brien Posey is a 22-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.