We notice you are currently visiting the UK site. Would you like to visit our main site instead?

The 3-2-1 data backup method: your best defence against ransomware attacks

A professional selecting documents on a laptop.

Ransomware attacks have surged in recent years, targeting businesses and government agencies worldwide. Organisations caught in the crosshairs of ransomware face an impossible choice: forfeit their data entirely or pay an exorbitant ransom to regain access. Yet even when they pay, there is no guarantee that hackers will deliver on their end of the bargain.

For organisations that have already suffered a ransomware breach, it’s often too late to recover critical files. However, for those who haven’t yet been targeted, a tried-and-true backup strategy can provide a crucial layer of protection: the 3-2-1 backup method. This approach can mean the difference between a total data loss and a quick return to normal operations. Here’s how the 3-2-1 backup method works and why implementing it could be one of the best decisions your organisation can make:

What is the 3-2-1 data backup method?

The 3-2-1 backup strategy is a simple framework that provides a highly effective data protection method:

  • 3 copies of your data – your original data plus two backups.
  • 2 different types of storage media – such as internal hard drives and external SSDs.
  • 1 copy stored off-site – ideally air-gapped from the internet and physically separate from on-site backups.

By following this blueprint, organisations can protect against a tremendous range of failure scenarios, from natural disasters to cyber-attacks, ensuring their data remains accessible and secure. Additionally, regular testing of backups ensures that they are intact and can be quickly restored when needed, providing reassurance that the strategy is ready to handle disruptions.

Identifying the data to protect

Not all data requires this level of backup. Start by identifying the most critical files that, if compromised, could impact your operations or security. Separate these files and prioritise their protection so that you are investing in the 3-2-1 strategy for the data that needs it most, including:

  • Sensitive data that cannot be easily recreated or recovered.
  • Operationally essential data that supports daily operations.
  • Legally required data that must be protected for compliance or legal purposes.

How the 3-2-1 method protects against ransomware

Ransomware attacks often encrypt data, including any onsite backups connected to the network. If your only backup is vulnerable to remote access, you risk losing it. Here’s how each layer of the 3-2-1 method creates barriers that prevent total data loss:

  • Three copies of data
    • By maintaining three copies of your data–the original plus two backups–you add redundancy. If one copy is compromised, you have two others to fall back on, allowing time to address the issue without disrupting operations.
  • Two different types of media
    • Using different media, such as a local server and an external encrypted SSD, provides an extra safeguard. Device failures, though rare, do happen, and spreading your backups across two media types dramatically reduces the odds of simultaneous loss.
  • One off-site, air-gapped backup
    • Storing a backup off-site provides a final layer of security. This copy should ideally be air-gapped, meaning it’s not connected to the internet or your network, preventing it from being compromised remotely. For instance, an air-gapped backup could be kept on an encrypted SSD like the Kingston IronKey VP80ES, which resists brute-force attacks. Remember, “air-gapped” means the data is physically isolated and cannot be accessed remotely, enhancing its protection against cyber threats.
Kingston IronKey VP80ES connected to laptop on work desk.

Investing in proper backups can prevent costly losses

Beyond improving overall data security hygiene, the 3-2-1 method can save organisations significant costs in the event of a ransomware attack. Regular scheduled backups, such as daily or weekly, further minimise data loss, ensuring that restored data is as current as possible. The ROI for this strategy is clear: investing in secure backup solutions now can prevent the need to pay costly ransoms later. Additionally, a proactive backup approach can avoid the financial impact of downtime, legal fees and emergency IT support to restore business continuity.

Small and medium businesses (SMB) often lack the IT security staffing and data protection portfolio of larger companies and are even more vulnerable to costly disruptions due to malware. For these companies, the lack of a comprehensive and secure data backup strategy could be critical for ongoing operations.

Incorporating the 3-2-1 method isn’t just about protecting data: it’s about safeguarding your business's continuity and reputation. With a reliable, multilayered data backup strategy like the 3-2-1 method, organisations can rest assured that they’re prepared to face today’s most pressing cyber threats.

Was this helpful?

Kingston’s ask an expert icon on a circuit board chipset

Ask an Expert

Planning the right solution requires an understanding of your project’s security goals. Let Kingston’s experts guide you.

Ask an Expert

Related Videos

Related Articles