Tuesday, February 25, 2020

For secure data backup, here’s how to do the 3-2-1 rule right

As the number of places where we store data increases, the basic concept of what is referred to as the 3-2-1 rule often gets forgotten. This is a problem, because the 3-2-1 rule is easily one of the most foundational concepts for designing data protection. It's important to understand why the rule was created, and how it's currently being interpreted in an increasingly tapeless world.

What is the 3-2-1 rule for backup?

The 3-2-1 rule says there should be at least three copies or versions of data stored on two different pieces of media, one of which is off-site. Let's take a look at each of the three elements and what it addresses.

  • 3 copies or versions: Having at least three different versions of your data over different periods of time ensures that you can recover from accidents that affect multiple versions. Any good backup system will have many more than three copies.
  • 2 different media: You should not have both copies of your data on the same media. Consider, for example, Apple's Time Machine. You can fool it using Disc Utility to split your hard drive into two virtual volumes, and then use Time Machine to backup the first volume to the “second” volume. If the primary drive fails, the backup will fail as well. This is why you always have the backup on different media than the original.
  • 1 backup off-site: A speaker at a conference once said he didn't like tapes because he put them in a box on top of a server, and they melted when the server caught fire. The problem wasn't tape; the problem was he put his backups on top of his server. Your backup copies, or at least one version of them, should be stored in a different physical location than the thing you are backing up.

Mind the air gap

An air gap is a way of securing a copy of data by placing it on a machine on a network that is physically separate from the data it is backing up. It literally means there is a gap of air between the primary and the backup. This air gap accomplishes more than simple disaster recovery; it is also very useful for protecting against hackers.

To read this article in full, please click here


Thanks to W. Curtis Preston (see source)

No comments:

Post a Comment