Bret Staton

Cybersecurity Expert

Incident Responcer

Penitration Tester

Linux & Windows Systems Engineer

Freelance Writer

Bret Staton

Cybersecurity Expert

Incident Responcer

Penitration Tester

Linux & Windows Systems Engineer

Freelance Writer

Blog Post

How To Build A 3-2-1 Backup Strategy

3-2-1 Backup Strategy Image

I’ve been building 3-2-1 backup strategies for years. It’s a straightforward yet powerful system that can help protect your data. Yet, I still find that not all companies are using it. In this article, I’ll show you how to set up your three-step backup plan and why it’s so important to have one in place!


What is the 3-2-1 Backup Strategy?

The 3-2-1 Backup Strategy keeps your most important data safe from all types of disasters. It’s simple, but it has some great benefits:

  • Three copies of your data (your original live files and two backups).
  • Two different types of media (hard drive or cloud).
  • One copy of your data is kept offsite and geographically diverse.

Why do you need a 3-2-1 Backup Strategy?

As a business owner, you want to protect your data from cybersecurity incidents like ransomware, hardware failures, or natural disasters. If something goes wrong and you lose all of your files, or if one of your systems fails, it’s essential to have a backup strategy in place.

If you have doubts about why a well-planned backup strategy is essential to your business, consider what would happen if all your company’s data were gone tomorrow. How would you bill for services or pay your employees? How would you rebuild years or even decades of customer data? What if you lose your customer’s data? Could you be held legally and financially liable for the loss? These are many questions I hope you will never have to answer.


3-2-1 Backup Strategy with Veeam

Veeam Logo

Veeam is a backup and recovery solution that protects your data and systems. It has three key components:

  • The Veeam Cloud backup service keeps your backups up-to-date across all your cloud-based services and locations.
  • Replication protects live workloads allowing for seamless fail-over.
  • Immutability backups are a solution that prevents data deletion or modification of data. This is what you need to defend against ransomware.

Veeam is the backup software of choice for most enterprise businesses. Using Veeam streamlines the entire backup process saving you time and money.


Data Backup Best Practices

Test Backup Recovery Regularly

If you cannot restore it, then it’s not a backup. Misconfigurations and errors happen, so ensure you are testing your backups regularly. Veeam has built-in tools to automate this process and emails you a report. Ensure you have zero errors in your backups at all times!

Keep Backups Encrypted and Protected

Backups are an excellent target for attackers. Protect the backup data at rest by encrypting the backup archives. This is also a requirement for nearly all compliance frameworks. The good news is that Veeam backup makes encrypting data as easy as checking a box.

Always Use Remote Storage

Don’t put the backups of the server on that same server! Seems obvious, but I still find companies doing this. Always keep backup data on a different, remote system. Veeam allows you to quickly and simply connect remote storage options from a centralized interface.

One Copy of Data Offline, Air-Gapped, or Immutable.

These new additions are now quite significant. To help secure data recovery in a ransomware scenario, having a duplicate of backup data that is either offline, air-gapped, or immutable is an incredibly resilient approach. The goal is to create a backup that cannot in any way be deleted by an attacker. Veeam’s immutability backup features work flawlessly and can be enacted on your offsite backup.

Use a cloud storage provider that offers backup-as-a-service (BaaS).

Using a BaaS provider simplifies your backup overhead and operational needs. Your data also gains another layer of security through segmentation from your primary onsite backups network. A BaaS is an excellent option for your offsite backup solution.

Find a BaaS provider that meets your needs, whether for file or data protection, and can provide you with the flexibility to choose from multiple options in terms of file types, storage capacity, and pricing model (e.g., pay per gigabyte or pay per month).

Looking for more?

If you want more, review NIST Cybersecurity Framework NIST-800 on protecting against data loss.


When Was The Last Time You Updated Your Backup Strategy?

If you have not reviewed your process in over a year, it’s time to do so.

Review your backup strategy annually to ensure it’s still effective and meets all your needs. Audit the existing backup strategy, identify gaps or problems with the process, and develop a plan to address them. Don’t forget the training! Your backup Administrator should be conducting disaster recovery exercises regularly. Administrators should not learn how to restore backups for the first time during a disaster.


Conclusion

Hopefully, this post has given you a better understanding of the 3-2-1 Backup Strategy. The next time you need to talk about backups, it will be easier to explain your strategy and make sure that everyone is on the same page.

If you need a BaaS solution or a Backup Consultant, feel free to contact us!


P.S.

Most of this blog was written by AI, even AI-generated images. I had to do a lot of tweaking, but this is a decent POC. I am posting it for fun and to hack SEO for the site. Not bad, right? Real-talk, though, Veeam is excellent, and I have been using and building environments with it for years.

Here are some more images of what an AI thinks “Enterprise Backups” should look like.


Taggs: