Utilizing the 3-2-1 Backup Method to Protect Your Small Business

How to Create a Data Backup Strategy

Let’s face it, any company that does not have a solid data backup strategy in place is asking for big trouble. This is certainly true for global enterprises. But even the smallest businesses need to have plans in place to back up their data in case of some unforeseen event that impacts the availability of critical information.

Any number of factors can lead to data loss, including security breaches, natural disasters, accidental deletion of files, and others. Small and mid-sized businesses (SMBs) need to be able to rapidly recover this data, or they might risk financial losses and other negative consequences.

One of the most important components of a backup strategy is to implement a layered backup architecture. Just as defense in depth can be an effective way to approach cybersecurity, having a layered backup structure in place provides a good way for organizations to mitigate the risk of lost or unavailable data.

Any strong data backup strategy should be based on the so-called 3-2-1 rule of data backup. This is a well-known recovery methodology for ensuring data is protected sufficiently and backup copies of the data are available to users when needed.

So what is 3-2-1 data backup?

The basic idea of the strategy is that organizations make three copies of all the data that they need to protect (the 3 part of the model); store these copies on two different types of storage media (the 2 part); and send one copy of the data to an offsite location in a different geographical region (the 1 part).

In a typical scenario, backup software makes a copy of a company’s data and saves it to another on-premises storage device. Either during that process or immediately following, two additional copies of the data are saved to two other devices, one of which is located in the cloud.

Having multiple storage types, such as internal hard drives, external hard drives, removable storage drives, or cloud backup services, minimizes the likelihood of failure. By having at least one copy of the data stored in an offsite or remote location ensures that events such as natural disasters or equipment theft do not affect all copies of the data.

The cloud is such a pivotal component of data backup because it provides the flexibility for companies to cost-effectively store their data offsite.


The key point with the 3-2-1 backup method is organizations are not vulnerable to a single point of failure for data.

Isometric cloud computing concept represented by a server, with a cloud representation hologram concept. Data center cloud, computer connection, hosting server, database synchronize technology.


While the 3-2-1 methodology does not guarantee that all data will be immune to loss or compromise, it eliminates a lot of the risk. The key point is that with this strategy organizations are not vulnerable to a single point of failure for data. They are protected even if a copy of the data becomes corrupted, if a storage system fails, or if a natural disaster or security attack occurs.

Once the backup strategy is implemented, companies need to have an ongoing process for maintaining it, because nothing is static in terms of business needs or technology developments. Given the importance of data to businesses today, creating an automatic, cloud-inclusive backup strategy that mitigates risk should be one of the highest IT priorities.

Sign up for our newsletter to receive more guides, tips and best practices

By completing and submitting this form, you confirm that you agree to the storing and processing of your personal data by Code42 as described in our Privacy Statement.