Protecting the data we work with should be a priority for companies of any size. By doing regular backups, creating backup strategies, and methods for recovery in case of data loss, you ensure that your business keeps running even in the toughest of conditions.
There are many methodologies out there for data backup and recovery, but the one that persists for decades is the 3-2-1 Backup plan.
Before we dive straight into that plan (or rule, as many call it), we’ll go through the importance of regular data backup, the hidden costs of not having data backups, and the most common backup methods.
At the end of this article, you’ll understand why and how to protect your data, following the 3-2-1 plan.
Why is Data Back up Necessary
This may be the most important question to consider. Although experts advise making backups all the time, the numbers aren’t too great. Around 30% fewer people back up data, compared to the surveys from the last year.
The simple answer to why backup is important is because business is unpredictable, as well as life. Companies lose data due to:
- Natural catastrophes
- Drive failures (Google study on hard drives shows that one of every 2 drives will fail in a period of 5 years)
- Data or computer theft (a laptop has a 1-in-10 chance to be stolen. 98% never get recovered.)
- Human error
- Ransomware attacks (they increased 41% in 2019)
- Cyberattacks
With so many dangers lurking in the world, it would be irresponsible to leave data unprotected, regardless of the size of your business
Aside from that, losing data incurs huge financial and personal costs.
The Costs of Data Loss and not having Backups
Although data aren’t “material stuff” and their loss doesn’t seem so dangerous at the first sight (we can always gather/make that data again, right?), the real consequences derived from available data and studies prove that data loss indeed poses huge problems for the company.
Let’s see how much does it cost not to have a data backup.
Financial costs
Nearly 46% of people lose data, according to the research conducted by BackBlaze. Another research by the British Chamber of Commerce showed that 93% of businesses that lose data and fail to recover them, file for bankruptcy after a year.
According to the IBM Security report on the cost of a data breach:
“While the average cost per lost or stolen record was $146 across all data breaches, those containing customer PII cost businesses $150 per compromised record.”
Non-financial, brand costs
A British company TalkTalk lost more than 100.000 customers after a data breach. People lost trust, were scared for their data and decided to change the provider.
If you lose data, you’ll lose credibility in the eyes of your customers.
What are the Common Data Backup Methods
We hope that the data got you thinking about making regular backups. So you might be wondering what types of backups there are.
There are 3 types of data backup:
- Full backup
A full backup involves copying the entire data into a backup unit (hard disk, server, cloud…). It takes a lot of time and a lot of space.
Full backups provide the most protection and full recovery in case of a loss.
- Incremental backup
Incremental backups are not so resource-consuming processes as full backups, since they involve copying only modified data sets.
The downside to incremental backups is that they depend on previous backups. Any damage to the previous database will prevent full data recovery.
- Differential backup
A differential backup is similar to the incremental backup type. It involves saving modified data.
The main difference is that, while the incremental backup method saves only the data modified since the last backup, the differential method relies on the last full backup and saves the data modified since the last full backup.
Deciding on a type of backup isn’t a matter of method, but rather of your needs:
- How often do you read/write data?
- What’s your recovery time tolerance?
- How much data do you have?
- How much storage space and resources do you have?
Instead of thinking in terms of the right type, think of it as the right combination of methods.
The 3-2-1 Backup Rule: How it Works
Now that you know the existing types of backups, and why you should have them, here’s the most popular method that works in companies of every size, for any type of data, in every environment – The 3-2-1 Backup Rule.
The method looks like this:
- Make 3 copies of data – the original data + 2 copies.
- Use 2 different storage types – to minimize the chance of failure (more on storage types later)
- 1 copy should be stored offsite – to prevent natural catastrophes from destroying all data copies
This approach is so popular that even the United States government recommends it. In a 2012 paper for US-CERT (United States Computer Emergency Readiness Team), Carnegie Mellon recommended the 3-2-1 method in their publication titled: Data Backup Options.
Of course, there are alternatives to it, but the 3-2-1 remains the standard.
What Storage Types Should You Use for 3-2-1 Backups?
Essentially – everything goes!
There are 6 common types of modern data storage units. This decision depends on the size of your data sets.
- USB sticks and CDs, DVDs
- External hard drives
- Time machines (Mac users)
- Network-attached storage
- Cloud storage and SaaS solutions
- Backup server
Example of a 3-2-1 rule: Original data on the hard drive + copy on a USB + copy on an offsite server.
RTO and RPO in the 3-2-1 Strategy
Before reading the explanation, we recommend watching this short video from Amazon Web Services. It’s only a minute long.
Done?
When you start thinking about data backup, these are the two parameters you’ll most certainly encounter. Let’s dive straight into their meanings.
- RTO stands for Recovery Time Objective. This is the time it takes for you to recover from disaster and return your business to normal operation. When your systems are down, clients get frustrated and you lose money.
So RTO has to be quick. But that requires strong technology, which means that it’s also expensive.
- RPO stands for Recovery Point Objective. When you decide on the scope of backups, it’s time to decide on the frequency. In case of a failure between two backups, all data from the last backup will be lost. That period, that tolerance in between is RPO.
RPO is your measure of just how much data you can afford to lose.
The longer RPO, the more data you lose, but the more money you save on technology. The shorter RPO means that you need to invest a lot into resources to keep the backups ready.
When you’re following the 3-2-1 strategy, try to strike a balance between the RPO, RTO, and the tech stack that fits into your budget. It’s not like the disaster waits around the corner, but better safe than sorry.
If you handle high quantities of extremely sensitive data, the backup technology stack is an investment, not an expense.
What Data Should you Back up
Although we’d say “everything”, there’s a limit to financial and storage resources available.
The rule of thumb is to back up:
- The data created by you/your employees/your company
- Not easily replaceable data
- Confidential data
- Customer data
This includes spreadsheets, financial reports, invoices, customer databases… While operating system data isn’t so relevant because it can be restored at any point.
Just ask yourself – If I lose this data, will it incur serious damage? If the answer is yes, put it on a storage unit.
How Often Should you Back up Data?
As often as possible is the ideal scenario.
But it actually depends on two things:
- The size of your business and data
- The investment you make into backup technology
Think about RPO, RTO, and the financial costs of backups.
And it’s more about the combination of backup methods. Consider making a backup plan.
- In mid-sized companies, full backups, based on a 3-2-1 rule, are usually done weekly or every two weeks, with incremental backups in between.
- In enterprise companies, full backups are done daily, also with incremental/differential backups in between.
- Small businesses should do a full backup on two weeks or monthly basis.
Follow the 3-2-1 Backup Rule and Protect your Business
Now that we’ve covered the importance of data backup and the 3-2-1 backup strategy, we hope that you’ll start backing up your data from today on. Data losses affect not only your finances but also your brand and your image.
Make sure to protect your valuable digital assets at all times by following simple and best practices, like the 3-2-1 rule.
If you liked this article, share it with your network of business partners and show them how important it is to protect their data.
