One of the best ways to protect yourself and your business against many cybersecurity incidents is backing up.
If you read the previous article, you would have learned some of the most common things people do wrong when it comes to backups.
This week, I wanted to help you further improve your backups by sharing the strategy I think is the best way to backup data.
What is this strategy?
The strategy I use is what I call the 3 2 1 backup plan. If you’ve read on how to backup data before, you may have heard of it. However, I’ve updated it in several places due to the cyber risks we face today, specifically the emergence of ransomware.
The 3 2 1 backup plan goes like this:
Have at least three copies of your data
Initially, this can seem like a lot of work. Why wouldn’t one be perfectly fine? Well, yes, sort of, but.
One copy will achieve the goal of backing up your data. This is true. However, it won’t make for a quality and resilient backup.
That’s because it still leaves you vulnerable to data loss. If anything happened to that one copy, such the hardware died, someone breaks or misplaces it, or it’s lost in a flood, you stand to lose it all.
Store at least two of these copies on different storage media
Not all types of storage media are created equal, and they don’t last forever. They all have different failure rates and expected lifetimes. (For expected lifetimes of various media, check out this neat infographic).
To make things even more complicated, how often you use them, how you handle them, and how you store them can also affect how long they’ll last. Then, of course, there is the issue of getting a bad batch of media that fails out-of-the-blue, leaving you without access to your data.
The idea is that you don’t want to put all your eggs in one basket. Just like how you wouldn’t invest all your money in a single stock, by diversifying your backups across different types of storage media, we are hedging against losing everything in the event a kind of storage media fails or becomes unrecoverable.
One new type of storage media (which can be referred to as a storage solution as well), is cloud storage. Cloud storage is becoming increasingly popular and can be a cost-effective and easy solution to backup your data.
The primary con to point out here is that the cloud is just someone else’s computer. You don’t control that backup or your access to it. There is always the chance it’s unavailable, or completely gone, in the event you need it.
Two other cons to point out: depending on the provider, your backup could still be vulnerable to ransomware (more on this below), and if you lose your Internet connection, there isn’t a way to retrieve your backup.
Keep one copy off-site and offline
Having your backups close at hand is great if you need to restore something quickly. However, they don’t do you any good if you suffer a flood, fire, or theft.
An off-site copy will ensure that no matter what happens to your primary work environment, you still have a copy you can use to recover.
This is even more important for those who don’t have a permanent office or are continually traveling (such as consultants) — moving about increases the risk of accidents, forgetfulness, and theft, resulting in the loss of not only your laptop or devices but their backups as well.
Why off-site and offline?
If you’ve heard of the 3 2 1 backup plan before, you might recognize that there is usually one backup off-site, and that’s it.
The reason this needs to be updated is the risk of ransomware. It’s common to use cloud storage or another office’s computer systems to store a copy to achieve the off-site requirement.
However, using cloud storage or copying a backup to another computer system located in a different physical location still leaves your copy vulnerable ransomware, due to the fact it’s still online.
I’m also not saying here that you shouldn’t use cloud storage or backup solutions. The cloud can be a cost-effective and easy solution to backup your data. However, many cloud storage services work by syncing a folder on your computer.
This behavior makes it possible for ransomware to encrypt that folder, and for your cloud storage software to then sync the encrypted files to the cloud, overwriting the originals and rendering the backup useless.
Implementing the 3 2 1 backup plan
The 3 2 1 backup plan is a great way to ensure your valuable business data is available. However, like everything else in life, it’s not perfect.
The best way to implement it is first to take the 3 2 1 backup plan and combine it with the recommendations from this article. Then, tailor to what will work best in your business, create your processes, and start backing up.
You invest a lot in your business. Investing the time, energy, and capital into implementing a robust backup method is like investing in an insurance policy for your files. Ensuring that when a disaster or accident does strike, you can restore and resume operations as quickly as possible without losing your critical data.
Are you using the 3 2 1 backup plan to backup your files? If so, leave a comment below and let me know how it’s working for your business!