StarWind is a hyperconverged (HCI) vendor with focus on Enterprise ROBO, SMB & Edge

What is the 3-2-1 Backup Rule? Why is it Important?

  • January 11, 2024
  • 11 min read
StarWind Solutions Engineer. Diana possesses comprehensive technical knowledge of various storage types and expertise in building and optimizing virtualized environments.
StarWind Solutions Engineer. Diana possesses comprehensive technical knowledge of various storage types and expertise in building and optimizing virtualized environments.

Any company or institution deals with some amount of data, which requires management and organization. At the end of the day, however, once you’ve made sense of the files, inventories, registries, directories, you must face the question of redundancy. How will it all hold up if I lose a piece? What are the costs of missing or inconsistent data?

To avoid unpleasant situations, backup practices have been followed according to the 3-2-1 Backup Rule, which is generally thought of as the industry-standard best practice backup strategy.

What is the 3-2-1 Backup Rule

What is the 3-2-1 Rule?

To comply with the 3-2-1 Rule, you should have:

3 copies of data

Since the 3-2-1 rule is all about redundancy, you need to have at least three copies of your data or 2 backup copies, excluding the original set. Create a secondary copy first, and then a duplicate. For instance, this can be drives of separate NAS boxes. Following such a simple step will greatly increase information resilience but beware of storing all the backups in one NAS box. If any physical harm should befall this storage box, all your data is lost at once, which brings us to the next point.

2 different media

Copies are to be stored on 2 different media. If you have an issue with one hardware component, you will have another separate medium with the same data to rely on. For instance, you can keep a copy on a server and use some DAS storage such as a USB drive, SD-card, etc., or even a NAS. The latter can be considered independent and off-site too, since it is connected over the network and can survive if something were to happen to your primary infrastructure.

1 copy off-site

1 copy must exist as far as possible from your office, such as a server in a remote location, as mentioned above, or public cloud storage. You may also use tapes in an archive chamber. Whichever the choice, it is vital to keep data at a distance from each other to prepare for events such as outages, robberies, or natural disasters. Public cloud seems to be the most popular choice in this regard and can be considered as different media if more than one cloud bucket (with a different location) is used. There are plenty of options to choose from: Telstra Cloud Gateway (AWS, Azure, IBM SoftLayer, and vCloud Air), StoneFly Smart Cloud Gateway (AWS and any other S3-compatible cloud), StarWind VTL (AWS, Azure, Wasabi, Backblaze B2), etc. If you’re interested in keeping your data on multiple clouds, here is an article discussing how it can be done with Veeam Backup & Replication and some third-party software.

3-2-1 Rule benefits for businesses

The foremost benefit of implementing the 3-2-1 backup is the peace of mind that comes with knowing you have the right mechanisms in place for recovery should disaster strike, as per the recommendations of the United States Computer Emergency Readiness Team. Along with this comes accountability before company staff, which demonstrates commitment to data safety measures and business continuity.

The 3-2-1-1 Backup Rule and immutability

You may have also heard of a variation to the golden backup rule: the 3-2-1-1 version, which calls for having three copies of data on two different media with one offsite and at least one of the backups immutable or air-gapped. Immutable backups, as the name suggests, are backups that cannot be altered. Although unlikely, if you were to proceed with the 3-2-1 backup rule, there is still the risk of these backups ending up being tampered with or deleted, purposely or by accident. In order to prevent cyber-attacks, air-gapping your system or cutting it off from the network can isolate it from external threats but having at least one immutable backup adds an additional preventative layer from internal threats as well. You may check out our other article on the benefits and disadvantages of immutable backups here (insert link).

3-2-1 Rule vs. 3-2-1-1 Rule

If you are deliberating which of these to implement, you should know that the 3-2-1 rule is considered the minimum. It simply ensures that backups exist in a redundant configuration. It does not, however, ensure the consistency and quality of those backups. This is where the 3-2-1-1 rule can really boost your chances of successful backup recovery by ensuring that at least one of the redundant data sets is also off-limits to being edited or deleted. If you have the means for immutable repositories, you are much better off with an upgraded backup infrastructure.

Implementing the 3-2-1 rule

Skipping this since it will repeat the 3-2-1 rule.

How to avoid failure when implementing the 3-2-1 rule

Try to avoid liberal interpretations of what counts as different media types and/or locations. For example, do not use things such as different partitions of the same disk, or a hard drive and an SSD on the same server. If you aim to have several cloud buckets, have them under different accounts to protect your data in the event of a cyber attack. For immutable repositories, be mindful of over-ambitious lock periods and the high storage requirements that come with those.


Backups are a critical component of business operations and must be approached with the same level of dedication as the primary work environment. The 3-2-1 backup rule is a healthy guideline to provide your data with the necessary basic protection by storing data on different mediums and locations. It is the foundation on which you can further expand data protection measures such as air-gapping and immutability, as well as simple data consistency checks. Without good backup infrastructure in place, businesses are much more vulnerable to acts of sabotage, physical damage, and cyber-attacks.

This material has been prepared in collaboration with Asah Syxtus Mbuo, Technical Writer at StarWind.

Found Diana's insights on the '3-2-1' backup rule interesting? Want to implement the bulletproof backup strategy that includes an off-site backup copy?
Orest Lesyuk
Orest Lesyuk Product Manager at StarWind

We can assist you with that! StarWind VTL is an easy-to-use solution that emulates tape libraries, providing Write-Once-Read-Many (WORM) storage for your backups. Moreover, the Cloud Replication feature in StarWind VTL enables the scheduled offloading of your backups to the cloud, including Amazon S3, Azure Blob Storage, Cloudian, Backblaze B2, Wasabi, and other S3-compatible cloud storage options. As a result, you can effortlessly implement the ‘3-2-1’ backup rule for your backup infrastructure, safeguarding your data against ransomware and similar threats. Interested in learning more? Book a short StarWind VTL demo now and see it in action!