Ransomware, a corrupted database, malicious internal activity or a simple water damage can threaten your data and cripple your business. However, a simple and effective strategy helps minimize risks and guarantee the continuity of your business: 3-2-1-1-0 backup. This strategy relies on cloud backup, fast recovery and a good dose of common sense. Here's how to implement it...
Data loss can have a devastating impact on a business. The figures are alarming: 93 % of ransomware victims say they are unable to restore all their data and operational processes within 3 daysaccording to a 2024 study by security specialist Cohesity!
Whether due to hardware failure, cyberattack or human error, rapid data restoration is essential to minimize disruption and financial loss.
In this matter, prevention is better than cure. Strategies limit risks while guaranteeing the continuity of your activity:
- Define a backup policy by identifying the data that is critical to your business and defining the frequency of backup.
- Define a Disaster Recovery Plan (DRP) tailored to your needs
- Business continuity planning in a business continuity plan (BCP)
Safeguarding is therefore the basis of all resilience.
But what is a good backup?
Understanding the 3-2-1-1-0 rule
A good backup is a complete and reliable copy of your data, accessible whenever you need it. It should be regular and can be restored easily and quickly depending on the nature of the problem. Recovery Time Objective (RTO) of your organisation. In addition, the restored data must be of an acceptable age in accordance with the Recovery Point Objective (RPO) of your organisation.
Finally, a good backup protects you from different types of threat: hardware failure, human error, cyber attacks, malicious acts, natural disasters, etc.
Rule 3-2-1
The 3-2-1 rule is a backup strategy established by American photographer Peter Krogh in 2003. It has proven itself and has been adopted by many organizations.
Its principle is simple:
3 copies of your data
It is crucial to keep at least three copies of your data, a production backup (your original data), a local backup and a remote backup. This ensures that at least one copy remains accessible if the others are lost or corrupted.
2 different media
Store your copies on two distinct types of support (hard disk, storage server, tape, NAS, cloud) to improve redundancy. If a failure occurs on one medium, all the backups on that medium can be considered to have failed.
1 offsite backup copy
Keep a copy of your data in a physical location other than your main site. This protects your data from natural disasters, fires and other incidents that could affect your site. When the OVH data centre in Strasbourg caught fire in March 2021, the backup servers were in the same building as the production servers. The fire therefore destroyed the original data and their copies.
Remote backup, Backup as a Service (BaaS) or Storage as a Service (SaaS) can be done on a public cloud (Amazon S3, Azure, Google Cloud Storage, OVHcloud, etc.), a private or hybrid cloud.
The choice of storage type and frequency depends on the type of data, the use you want to make of it and the frequency of access.
For example, Azure files provides file sharing in the cloud that integrates perfectly with on-premises file servers. For data analysis, you will need to turn to a data lake such as Azure Data Lake Storage.
The 3-2-1- rule1-0
Cyberattacks have changed backup strategies. The 3-2-1 strategy has therefore been extended by two other rules.
1 offline copy
Store a copy of your data on a medium not connected to the Internet. This offline backup, also known as a cold or static backup, will be protected against cyber-attacks and ransomware.
Backing up on magnetic tape is still the safest way of doing this. for offline backups according to the ANSSI in its guide Backup of information systems from 10/18/2023.
The cartridge must be physically inserted into the drive to be read, which in principle protects it from network attacks.
Many publishers (Veeam, Hornetsecurity, Rubrik, Nakivo, etc.) offer solutions for making immutable, therefore unalterable (impossible to modify, overwrite or delete), read-only backups. This WORM (Write Once Read Many) storage, write once, read several times, has proven itself.
An offline backup solution remains considered more robust than an online WORM solution as offered by these publishers. However, an acceptable compromise may be to perform regular backups with a WORM solution and perform offline backups to magnetic tape, for example, at a lower frequency.
0 error
An effective backup is one that is tested regularly. Make sure your backups are error-free and can be restored quickly and easily by running regular restore tests. An automated monitoring system can relieve you of this work.
Anticipation is key
Finally, remember to include installation media and business application configurations in backups. And, in the event of a suspected compromise or attack in progress, it is important to have an emergency physical isolation procedure for the backup system (servers, media, etc.).
To find out more, see our practical information sheet
Backup: 10 practices that will save your life
