top of page

The 3-2-1-1-0 Data Backup Rule: Fortifying Business Data in a Changing Landscape


In the digital age, businesses are reliant on data to drive operations, innovation, and decision-making. However, this reliance comes with the responsibility of ensuring the security and availability of data. Enter the 3-2-1-1-0 data backup rule, an evolved standard that provides comprehensive protection against a host of modern threats. In this article, we delve into the essence of the 3-2-1-1-0 rule and explain why it is emerging as the ultimate best practice for safeguarding business data.

The 3-2-1 backup rule

For years, the 3-2-1 backup rule has been the cornerstone of data protection strategy:

  • Three Different Copies of Your Data: Ensuring redundancy by having three copies of data is key. However, this concept has been pushed even further by considering different underlying storages. If you have two copies of the data on the same storage device, and the hardware fails, then neither backup is going to work. Always be mindful of the storage that your backups are sent to, so you don’t have a single point of failure. Ask yourself, “If this hardware dies, are there still two copies of my data somewhere else?”

  • Two Different Media Types: Two backups on distinct media types (e.g., tapes, hard drives, or the cloud) reduces the risk of simultaneous failure of the backups. Two devices of the same type have a much greater risk of failing around the same time than two devices of different types or two different storage media. Spreading the data across different mediums also makes it much harder for ransomware to infect every backup. Different mediums also provide different forms of credentials that may not all be tied into the domain.

  • One Copy Off Site: Keeping at least one copy of data off site shields against local disasters that could compromise all data copies. You could do this by storing a backup in another office, shipping tapes off to a storage facility, or by having a copy in the cloud.

While the 3-2-1 backup rule remains a solid foundation, it's no longer enough. The proliferation of ransomware attacks demands a new level of protection, leading to the emergence of the 3-2-1-1-0 data backup rule.

The enhanced resilience of the 3-2-1-1-0 backup rule

In recent years the 3-2-1-1-0 data backup rule has emerged as the ultimate best practice for businesses striving to protect their valuable digital assets. This strategy evolved to address contemporary threats such as ransomware attacks and embracing the 3-2-1-1-0 rule not only safeguards a business's continuity but also instils confidence in the ability to recover from data loss events.

As technology continues to advance, the 3-2-1-1-0 data backup rule remains a dynamic framework that adapts to changing threats and technologies, making it an indispensable ally for businesses navigating the digital frontier.

  • One Copy Offline, Air-Gapped, or Immutable: In a world where ransomware attacks have become a prominent threat, this addition is a game-changer. An offline, air-gapped, or immutable copy of data ensures its protection against tampering and alteration. Even if a ransomware attack compromises online data, the offline copy remains intact and can be used for recovery.

  • Zero Errors After Automated Backup Testing and Recoverability Verification: Ensuring the efficacy of backups is paramount. Regularly testing and verifying backups for errors and recoverability guarantees their reliability when the time comes to restore data.

How Veeam supports the 3-2-1-1-0 backup rule

Veeam Cloud Connect: simplifying implementation

Veeam Cloud Connect makes it super easy to get backups and replicas off site to a Backup as a Service (BaaS) or Disaster Recovery as a Service (DRaaS) provider such as HybrIT Services, without the cost and complexity of managing a second infrastructure.

It’s as easy as selecting a service provider and pointing backup or replica jobs to the cloud with a few simple clicks. There’s no separate console, and data is fully encrypted at every step. Backups are as safe and confidential as they would be in a dedicated off-site repository, so that data of all types is completely protected and easy to recover.

Just make sure that you do some research into the service provider to make sure they meet your compliance requirements before signing a contract.

Further to the benefits provided by offloading backups to a Veeam Service provider through Cloud Connect. Your Veeam cloud service provider can offer insider protection. This provides an additional level of protection for your backups as it keeps deleted backups (within Cloud Connect) for a set period of time.

Backup as a Service from HybrIT

HybrIT’s Backup as a Service (powered by Veeam and stored in our Private Data Protection Cloud) allows a copy of the backups to be sent to another location that is managed and operated by us in our resilient Datacentres. Having a service like this can be a great solution for customers who do not have a secondary business location to offload their backups to or want a managed service for their backup and/or disaster recovery plans.

Service benefits

  • Protects public and private cloud infrastructures and SaaS including Office 365, SharePoint, and OneDrive.

  • Fully managed and monitored.

  • Designed and implemented by our specialist backup team.

  • Avoid large CAPEX costs and move to a stable OPEX model.

Extend your protection

If you want to take your protection against business disruption even further, we provide Disaster Recovery as a Service (DRaaS). Your primary workloads are replicated into our Private Cloud with a run-book ready to bring them back into service in as little as 1-2 hours.


bottom of page