Click here to learn more about Sean Derrington.
Move Past Traditional 3-2-1 Data Backups
Strangely enough, we have a professional photographer to thank for the 3-2-1 backup strategy that many organizations employ today. Peter Krogh originally shared the concept in his 2009 book The DAM Book: Digital Asset Management for Photography. This backup strategy has helped prevent data losses for an untold number of organizations. However, in the digital world, 11 years is a very long time, so, arguably, it’s ripe for an update, particularly in the face of the ongoing and growing scourge of ransomware.
If you get hit by a “successful” attack, every second that your system is down is painful. Costly, too, to the tune of $5,600 a minute, according to Gartner. And a glaring problem with the traditional 3-2-1 backup rule is that it may be impossible for you to meet your recovery time objective (RTO) and recovery point objective (RPO). Even worse, if backups are compromised, you could lose all of your data unless (and maybe even if) you pay a ransom.
Let’s take a look at the traditional 3-2-1 rule and how we can move forward with an updated approach.
Traditional 3-2-1: Recovery Can Be Slow
In essence, traditional 3-2-1 recommends that you keep at least three copies of your data. Store two of those copies onsite on separate media (or on two hard drives in different locations) and keep another copy offsite. While it sounds like having two copies on different media in two locations or on two devices means you automatically have quick access to your backup if your primary storage fails, that may not always be the case. What happens when a sitewide disaster strikes and takes both of your storage devices down? And if ransomware gets into an admin’s system, it can spread like wildfire and even infect your secondary storage.
Say it happens to you. Your primary share and onsite backups are compromised, so you shut your systems down and put your backup and disaster recovery plan into motion. That’s when you turn to your offsite backups. And that’s where the problems start. With secondary storage primarily built for backup security and scale at a relatively low cost, tape-based storage is often involved. But tape is slow. Painfully slow. Even traditional disk drives will bog down your recovery due to bandwidth constraints alone. So, it will take a ton of time for your applications and data to come back online after a disaster — very costly time — which is why a 3-2-1 approach that includes fast recovery is vital.
3-2-1: 100 Percent Data Protection and Fast Recovery
In the traditional 3-2-1 rule, the “2” refers to the number of media types (and/or separately located devices) you should use. We say the “2” should refer to locations.
You want the first copy as close to your endpoints as possible so your data can be recovered quickly if disaster strikes. The last thing you want to worry about is latency or access. The second backup copy should be kept off of your virtual local area network (VLAN) or offsite. Keeping the copy off your VLAN protects the data from most viruses or ransomware while keeping it offsite defends against a sitewide disaster like a fire or hurricane.
Foolproof Backups: 3-2-1 Is as Easy as 1-2-3
Organizations need a highly effective backup strategy — ideally with centralized, easy management, and an SLA-driven workflow for data protection to meet your RTO and RPO. If your primary storage goes down for any reason, you want to be able to restore failed servers and recover your files and folders from your backup in seconds.
Easy Scalability, Continuous Data Protection
Immutable Snapshots are a critical feature to protect against ransomware. This can be set up to create a snapshot copy of all data — for example, every 90 seconds — and creates a hidden share that is read-only. If the data in the primary share is compromised, all of your data can be restored within 15 seconds from one of the hidden copies. That’s serious protection and incredibly fast recovery.
“1” Stands for 100 Percent Business Continuity
What if your local copy and your offsite storage go down in a disaster? This is where the “1” in 3-2-1 comes into play. It refers to storing your third backup copy in a secure, offsite location. Often that means cloud storage, and that’s usually based on cost and scalability. But moving huge amounts of data between systems and the cloud is bandwidth-intensive and can slow down your network, too. Once again, not having the speed you need to recover quickly and meet your RTO and RPO may become a big problem.
It’s time for a new take on 3-2-1 backups and time to leave some of the traditions of the past in the past.