Your data is one of your organization’s most valuable assets—perhaps even the most valuable. The problem is that there are many threats that can cause catastrophic data loss, including social engineering attacks, ransomware (and other types of malware), as well as hardware failures and natural disasters.
Keeping your data protected must be your top priority. But why is choosing the right backup strategy not enough to prevent data loss. Because even the most well-thought-out strategy is useless if no one is able to follow it properly. This is why a comprehensive data loss protection plan must
always include employee training. Read on to see how to tackle both aspects.
3-2-1: It’s Time to Back Up!
When choosing your data backup strategy, there’s no reason to reinvent the wheel. IT professionals have been losing sleep over the topic for years, and their shared experience distilled down into what is now known as the “3-2-1 Rule.” Here’s what the rule states:
- Create 3 copies of your data.
- Store your copies in at least 2 separate storage types.
- Keep 1 of these copies at an offsite location.
Even though the 3-2-1 Rule is relatively easy to implement, it’s so effective that the United States government recommends it in a 2012 US-CERT paper titled
Data Backup Options.
Implementing the 3-2-1 Rule in Practice
It’s easy to read a bullet point list, so let’s dig deeper into each one and see what the real-life implications are.
Create Three Copies of Your Data
You may be wondering who three copies, not four or two? Well, data loss can happen for a wide variety of reasons, and you need to have enough copies available to recover even from the worst-case scenario.
With just one copy of your data stored in the same location as the original data, you wouldn’t be able to recover events affecting both copies at the same time, such as your sprinkle system kindly deciding to give you a refreshing shower or a rioting mob going on a shopping spree inside your office.
Of course, you could keep the copy offsite, but that would increase your recovery time. Instead, it’s much better to have two copies + the original data so that you can store each of the two copies in a different location.
Store the Copies in Two Separate Storage Types
Buddha said that all life is temporary—IT professionals go a step further and remind the same for the life of modern storage devices. Regardless of if you keep data on the latest enterprise-grade SSDs (solid state drives) or traditional spinning drives, the possibility of a sudden failure is always looming around the corner.
Because storage devices of the same type can have nearly the same predicted amount of time between failures (also known as the formula Mean Time Between Failures or MTBF), it’s recommended you store backup copies in at least two separate storage types. For example, you could keep your original data and your main copy on hard drives (both internal and external) and use the cloud for your second backup copy.
Keep One Copy at an Offsite Location
Not to get all doom and gloom on you, but we need to mention natural disasters one more time because they’re the biggest reason why you absolutely must keep one copy of your data at an offsite location, ideally one that’s located in a different state or country.
While that may sound like a logistically difficult task, the opposite is actually the case. Thanks to modern cloud backup services, keeping a copy of your data on the other side of the world couldn’t be easier since all you need is a reasonably fast internet connection. What’s more, virtually all providers of cloud backup services create their own backups, so you’ll benefit from additional layers of data protection.
Backup and Disaster Recovery Awareness Training
Implementing a tried-and-tested data backup strategy like 3-2-1 is the first step toward effective data loss prevention, but it’s not enough to reach the end goal.
For that, you also need to address the people part of the data backup equation by providing all employees with backup and disaster recovery awareness training. The training should teach them how to take advantage of implemented backup systems, familiarize them with your policies, and explain what to do in the event of a data loss emergency.
It may seem like the downtime of putting your workforce through training of this kind isn’t worth the potential benefits. After all, you’re just guarding against risk, right? But that downtime is nothing compared to what they’ll experience if they have no idea how to access backup systems. As the pandemic taught us, everything that we don’t expect is entirely possible. Companies and staff that heed the warnings will be in excellent shape to handle the next wave of whatever we don’t see coming.
Next Steps for 3-2-1
If you already have the building blocks set up, that’s great! Making sure your systems stay updated, your hardware is healthy, and that your staff stay trained should be your main focus now. If you’re interested if offloading those duties to a company that does this every day for hundreds of small businesses,
contact us today.
If you haven’t, now is absolutely the time. MSPs are inherently experts at the architecture, implementation, management, and maintenance of all elements of the 3-2-1 Rule. If you don’t have a capable and experience IT professional (or two), it’s worth it to
contact us to find out what it takes to get the whole system set up.
For some companies, creating and managing a training plan for employees is too much work (particularly for smaller organizations who need everyone to focus on their own customers). If you’re one of these,
contact us about getting a plan in place that’s right for your company’s data and personnel.
At Help Desk Cavalry, we offer a proven, comprehensive set of backup solutions that keep your business running in the event of most disasters—human, natural, and technological alike.
Contact Help Desk Cavalry today to discuss how we can protect your data.