hamburger icon close icon
Backup Strategy

3-2-1 Backup Rule: Is it Still Relevant in the DevOps Era?

What Is the 3-2-1 Backup Rule?

The 3-2-1 backup rule is a recovery methodology that helps ensure you have available backup copies for recovery. It involves creating three copies of each data piece you want to protect. Typically, you store two copies on different storage media types and send one copy offsite. The offsite copy media is usually a tape cartridge, which is portable media you can send offsite.

3-2-1 backup is a veteran data protection concept still promoted by many backup hardware and software providers for efficient use of their products. Even though modern architectures and massive amounts of data can complicate the 3-2-1 backup strategy, it still provides merits.

In this article:

3-2-1 Backup Rule Explained

Here are the requirements that your backup data solutions should meet, according to the 3-2-1 backup rule:

Three Data Copies

When using the 3-2-1 backup approach, you must always make at least three separate copies of the data.

The original copy is the data used in production; the remaining two copies serve as backups. You should store and configure each copy of your data so that they will be usable if the other two (or more) copies disappear or fail.

Each data copy should have the same version of your data from a specific time. For example, you don’t meet this requirement if you have one copy from a backup conducted two days ago and two more copies from backups that you made last month.

Two Data Storage Devices

You should store at least two of your data copies on separate storage devices, ensuring they are physically independent of one another. For example, you could use a network-attached storage device or file server to store one copy, and you could use a flash drive—which remains unconnected to the server—to store the second copy.

It is not secure to store different copies of data on the same server, even if you use different internal hard drives. This approach is not good enough because all your copies would be inaccessible if the server fails. The same principle applies to storing multiple copies of a backup in the cloud and on a RAID array. Each chosen storage media must be independent of the other.

One Offsite Data Copy

You must keep at least one copy of the backup data in an offsite storage location. This copy must be physically separate from the physical location of your other copies.

For instance, if you have two copies of the same data stored in your office, you must store the third copy in a different location—for example, a cloud-based data store or in another office.

Pros and Cons of the 3-2-1 Backup Strategy

The main advantage of the 3-2-1 backup model is that it offers two copies for relatively quick recovery, which you can easily access from your main production system. It also helps create a logical or physical gap between copies to prevent data corruption or any damage in one copy from affecting the other copies.

The downside is lack of flexibility. Today’s organizations implement agile development pipelines in which speed is a high priority. They often require quick access to backup and recovery copies, and a 3-2-1 strategy cannot keep up with this pace. Additionally, using different file systems and protocols introduce layers of complexity in terms of compliance.

Is the 3-2-1 Backup Rule Still Relevant for Modern Organizations?

New uses for backup data
Today, backups are used for more than just data corruption or disaster recovery. Businesses use backup data to develop and test new applications, deriving more value from dormant data stores. Modern programming practices like DevOps rely on easy access to data located as close to production data as possible, and backups are a perfect fit.

Analytics applications often need to access large amounts of data, which can be derived from backups. New backup data is useful for ensuring the results of the analysis process are more accurate and reliable.

While these new uses can make backups more valuable for organizations, they make it more difficult to maintain the 3-2-1 backup rule.

Importance of data integrity
Data integrity has long been an important issue in data protection. Backing up your data is not enough - you must ensure that each backup is recoverable, complete, and uncorrupted.

Recovery testing is critical, because it ensures that you are really protected against disasters and ransomware attacks. However, ensuring data integrity and regularly testing recovery can be more difficult when applying the 3-2-1 backup method.

Compliance requirements
To make matters more complex, regulations like the General Data Protection Regulation (GDPR) are affecting how organizations store and manage data for data compliance. GDPR is an EU legislation that defines the steps organizations must take to protect personally identifiable information (PII).

Backups are an important way to ensure the organization protects PII in line with GDPR requirements. But at the same time, backups could contain personal data that the organization is not allowed to store. It is critical to identify which data is being backed up and avoid backing up data that could expose the organization to fines and penalties.

Another GDPR directive that is relevant for data is that a company's customers or users should be able to delete a name and any data related to it from the company's storage systems. In the 3-2-1 backup context, this means removing information from all three (or more) copies of your data. Because one copy is kept offline, this can be complex to manage.

In summary, modern backup requirements are making it more difficult to practice the 3-2-1 backup rule. However, this doesn’t make the rule any less important or effective at preventing data loss. Organizations should weigh the benefit of 3-2-1 backups with the added cost and complexity of managing them in the modern business environment.

Related content: Read our guide to backup modernization

3-2-1 Backup with NetApp Cloud Backup

NetApp understands ONTAP better than anyone else, which is why the best backup solution for ONTAP systems is NetApp Cloud Backup. Designed by NetApp specifically for ONTAP, Cloud Backup automatically creates block-level incremental forever backups. These copies are stored in object format and preserve all ONTAP’s storage efficiencies. Your backups are 100X faster to create, easy to restore, and much more reliable than with any other solution.

Cloud Backup simplifies the entire backup process. It’s intuitive, quick to deploy, and managed from the same console as the rest of the NetApp cloud ecosystem.  Whether you’re looking for a less expensive way to store your backups, a faster, more capable technology than NDMP, or an easy way to enable a 3-2-1 strategy, Cloud Backup offers the best backup solution for ONTAP.

Learn more about How to Align with the 3-2-1 Backup Strategy with NetApp Cloud Backup and about other Cloud Backup capabilities here, and find out more in our Cloud Backup Service Customers’ Case Studies.

New call-to-action

Semion Mazor, Product Marketing Manager

Product Marketing Manager