The 3-2-1 Rule is a rule to live by. Here at Veeam, we have been advocating this rule for many years to help organizations ensure recoverability when it is needed most. In this blog post I’m going to explain the 3-2-1 Rule and show you the way to upgrade it to a more modern and resilient way of thinking!
The 3-2-1 Rule, as I like to explain it, states the following:
The 3-2-1 Rule was first concepted by U.S. photographer Peter Krogh. This was a rather important innovation for the photography world and has deep implications into other technology disciplines and stays timeless to this day. Even though this rule is flexible and timeless, I reached out to Peter for a quote on the 3-2-1 Rule nowadays and he offered this:
“While my focus has been primarily on digital media, the 3-2-1 principles are pretty universal. In fact, the “rule” itself was simply a synopsis of the practices that I found among IT professionals, as I was writing my first book. I just gave it a catchy name.
Over nearly 20 years, 3-2-1 has been a great tool to evaluate data risk exposure. It started in an era of 30GB hard drives and CD backups and has scaled nicely to a world of 18TB drives and ubiquitous cloud storage. With so much of our life and livelihood stored in digital form, and with the threats of malware increasing, it’s important for everyone to have a framework for assessing vulnerabilities.“
With this base rule outline, now we can upgrade it to work with modern critical data. However, let’s not forget the base rule’s best attributes:
In the scope of Veeam and backup data, this is a great starting point. I’d argue this starting point is a requirement to have the resiliency you need nowadays. And in today’s world, there may be more than 3 copies in the mix. For some data, I’ve personally managed 5 copies!
Some of the most primitive implementations would have the 3-2-1 Rule as follows:
This has 3 different media, so it actually exceeds the criteria. Some people don’t like to include the production data as a copy in the 3-2-1 Rule, and it’s worth bringing that up. This means of the 2 other copies, the different media is a must-have and the versatility to restore needs to be considered.
For the organizations I talk to nowadays, I see the most critical data sets having 4 copies when the production data is also included.
In the scope of Veeam, one of the things I love about being a software provider with a strong lineup of partnerships is that Veeam can dial up so many combinations of the 3-2-1 Rule. This is very versatile nowadays and each of the following implementations would count towards a 3-2-1 Rule configuration:
I have even had some organizations over the years do some interesting things in having systems backed up multiple times with Veeam. A VM backup, an agent-based backup, a file-based backup and even an application plug-in backup can be used in conjunction with each other. This isn’t a common practice, but for absolutely critical datasets, it is an attractive option.
I have spoken to a number of organizations who have had more than 3 copies in flight for some of their critical collections of backup data or disaster recovery (DR) infrastructure. One of the surprise use cases is the ability to have additional analytics on the data. This can be testing with SureBackup or more specific line of business analytics with the data in the backup or DR infrastructure. Additional use cases like this bolster the value of a backup solution in organizations like this.
I have two distinct goals in this blog:
The 3-2-1-1-0 Rule is the way forward today. It helps ensure recovery with the many types of incidents that can occur. The figure below is our 3-2-1-1-0 Rule visualized:
The differences are the 1 and 0 at the end, the Veeam difference. This upgraded rule gives incredible versatility by going the extra mile:
These two additions are critically important today. Having a copy of backup data that is either offline, air-gapped or immutable is an incredibly resilient specimen to help ensure data recovery in a ransomware event. There are some scenarios where a copy can have multiple characteristics, such as WORM tape media removed from the tape library device. This would be offline, immutable and air-gapped all at once. I collectively refer to the phrase “ultra-resilient” for a copy of data that is either offline, air-gapped or immutable.
Having 0 surprises upon restore is a big benefit today, but not for the reasons you may think. SureBackup recovery verification by Veeam is a great way to confidently know that you can restore data. This isn’t because a Veeam backup isn’t “good” it is just that certain behaviors are only manifested on restores or reboots that may inhibit a restore going as planned.
The 3-2-1-1-0 Rule according to Veeam is the way to proceed today. I have nothing but evidence in the form of customer stories at the Veeam website that bad things happen to good servers, storage and data. Now, more than ever, we need to be able to have the control over our data to ensure recoverability. The 3-2-1 Rule is a great start, and with Veeam, you can take it to the next level! How do you use the 3-2-1 Rule? Are you using the 3-2-1-1-0 Rule? Share your configuration below.
For more tips on data protection best practices, read our Windows and Physical Servers Backup Best Practices Whitepaper.