Backup Strategies: To 3-2-1 and Beyond

by | Mar 29, 2024 | Cyber Risk

Today, backup strategies are more important than ever. With ransomware and other cyberattacks increasing it is imperative to have a robust strategy in place. One of the most foundational ones has been the 3-2-1 backup rule. It has provided a great starting place for an organization to implement a backup strategy of its own. 

So what is the 3-2-1 backup rule then? It recommends having three copies of your data (the original and at least two copies), stored on two different types of media (eg. disk, tape, etc), with one copy kept off-site. This rule provides a good guideline for data protection, ensuring redundancy, resilience, and the ability to recover data. Diversified storage and off-site backups, help mitigate various risks and contribute to the overall security and reliability of the company’s data. 

However, as threats have diversified, and bad actors have begun targeting backups as part of their cyberattack and ransomware playbook, additional backup configurations have emerged to help keep up with the ever-changing landscape of cyberattacks. A few strategies that have gained traction in recent years include the 3-2-1-1-0 rule popularized by Veeam, or the 3-2-2 or even 3-2-3 configurations. The 3-2-1-1-0 rule is the same as the 3-2-1 rule but includes another offline, air-gapped, or immutable backup besides the offsite backup. The 0 stands for zero errors by using backup recovery verification to ensure that the data is error-free and proactively addresses potential issues with the backups. 3-2-2 includes a local second media type and a second cloud backup that is geographically separate from the first. All of these strategies have different redundancies and can help protect against ransomware beyond what the 3-2-1 rule provides.

Whichever approach an organization takes, it is important to have a good backup strategy and find the approach that works best for the security and business needs of the organization. If you are a Cowbell policyholder and in need of support identifying or implementing the most suitable strategy for your business, don’t hesitate to reach out – we are here for you. 

Related Posts

Cowbell Blog

Grow your cyber IQ with our insights into cyber insurance, cyber risk, and cyber security.

See How Cowbell Can Protect Your Business