Over three-quarters of organisations which experience a cyberattack end up failing within three years. This highlights the need to protect their number one asset, which is the data they are built on. The 3-2-1 rule recommends having three copies of data, two different media and one off-site copy. However, Chad Chiang, Managing Director at Synology UK, believes organisations need to extend this to add a further one copy of data which is offline or immutable and ensure zero errors, giving the assurance to security teams that they can recover with confidence.
Data is the foundation upon which virtually all modern day organisations are built. And yet, against a backdrop of AI-powered cyberthreats that are rising in sophistication, scale and speed, traditional backup strategies are no longer sufficient.
The long-standing 3-2-1 backup rule has served as a gold standard for data protection. However, organisations must go further to ensure they can recover from attacks and system failures with absolute confidence. Businesses should instead consider an evolved strategy – the 3-2-1-1-0 backup rule.
This enhanced approach provides an extra layer of assurance, adding an immutable or offline backup copy and ensuring zero errors in the backup process. This additional safeguard is crucial in an era where more destructive cyberthreats are emerging, making conventional backup methods insufficient.
Why businesses need a 3-2-1-1-0 strategy
The modern era of AI-powered cyberthreats, particularly around ransomware and data corruption, requires a more robust approach to data protection.
The 3-2-1 backup rule – three copies of data, two different media types and one off-site copy – has long been widely recommended by cybersecurity professionals as a reliable approach to safeguarding critical data.
While this strategy has been effective in mitigating common risks, the evolving cyberthreat landscape demands an additional layer of security. So this is why, in addition to the above, organisations need to add one additional immutable or offline copy, which shields against ransomware and unauthorised modifications, as well as zero errors in backups, ensuring data integrity for seamless restoration.
Each component plays a crucial role in strengthening an organisation’s ability to recover from disasters, including cyberattacks, hardware failures and accidental deletions.
The importance of an immutable or offline copy
Cybercriminals have grown more sophisticated, targeting backups as part of their attacks. Modern ransomware doesn’t just encrypt primary data but also attempts to corrupt backup files, leaving businesses with no means of recovery. By incorporating an additional immutable or offline backup, organisations ensure that at least one copy of their data remains untouchable.
Immutable backups prevent any modifications once data has been written, rendering them immune to ransomware attacks. Offline backups, such as air-gapped storage solutions, physically disconnect from the network, eliminating exposure to cyberthreats.
When looking at data storage, it’s important organisations look for providers that offer robust solutions that facilitate immutable snapshots, air-gapped backups and off-site replication, ensuring that they can always retrieve clean, unaltered data.
Guaranteeing backup integrity with zero errors
A backup is only valuable if it is recoverable. Too often, organisations discover that their backup files are corrupted, outdated or incomplete at the moment they need them most. That’s why the zero errors principle is an integral part of the 3-2-1-1-0 strategy.
This principle requires comprehensive verification processes, as well as automated integrity checks and AI-driven anomaly detection, so organisations can be confident that their backups remain uncorrupted and fully recoverable when needed.
Implementing these measures ensures that when a backup is taken, it will be accessible and usable years later, without risk of file degradation or loss.
This is highly important, as it enables IT teams to conduct activities such as practice data restorations, a key exercise which allows IT teams to fully understand how to recover their data, should they ever need to, in the event of experiencing a cyberattack.
Poor data protection and ransomware
The consequences of poor data protection are severe. According to industry research, 78% of organisations that suffer a cyberattack fail within three years. The primary reason? A lack of reliable data recovery options.
Data is an organisation’s most valuable asset. Losing access to it, whether due to a cyberattack, accidental deletion or system failure, can cripple business operations. A comprehensive backup strategy isn’t just an IT concern, it’s a fundamental business requirement.
This comes at a time when ransomware attacks have become more aggressive and sophisticated. Threat actors now deploy double and triple extortion tactics, where they not only encrypt data but also threaten to leak sensitive information. Paying the ransom is never a guarantee of data restoration, as criminals can delete or corrupt files even after payment.
This reality underscores why organisations can no longer rely solely on conventional backup methods. Having an immutable or offline backup, along with zero error verification, ensures businesses can restore operations swiftly without negotiating with cybercriminals.
How organisations can implement 3-2-1-1-0
For organisations looking to implement a 3-2-1-1-0 strategy, it’s important to look for enterprise-grade solutions designed to support this principle, including a centralised solution to back up endpoints, servers and virtual machines with built-in deduplication and integrity checks.
Enabling immutable backups that cannot be altered or deleted by ransomware, having off-site and offline backup options with encryption and automated verification and cloud-based solutions ensuring remote data protection with multi-version backups and zero-error guarantees are also critical.
However, according to Gartner, cost remains a primary concern for CIOs. As such when looking for storage solutions, organisations should look for devices which allow the partitioning of storage into a performance tier and a capacity tier, eliminating operational costs and reducing storage costs, while still delivering enhanced data security.
At Synology, these are all learnings we’ve taken from our existing customer base, which is why we know the 3-2-1-1-0 backup rule is not just an enhancement to traditional methods, it is a necessity for any organisation serious about securing its future. These learnings have been key to the development of our unified ActiveProtect solution.
By incorporating an immutable or offline backup and ensuring zero errors, IT teams can rest assured that their data remains accessible, intact and resilient against cyberthreats. As cybercriminals continue to evolve their tactics, organisations must evolve their defences accordingly. Because when disaster strikes, being prepared is the only option.
