What is the 3-2-1 backup rule?

The 3-2-1 rule has been the gold standard of backup planning for years. The idea: any single backup can fail or be compromised, so redundancy at multiple levels is what actually protects you.

The original 3-2-1 rule

• 3 copies of important data — the production data plus 2 backups
• 2 different storage types — e.g., disk plus tape, or disk plus cloud
• 1 offsite copy — physically separated from production, immune to local disasters

Why each part matters

Multiple copies: A single backup can corrupt, get deleted, or be encrypted by ransomware. Multiple copies give you fallback options.

Different storage types: If your backup is on the same NAS as your production data, a hardware failure or ransomware event takes them both out. Different media types fail differently.

Offsite copy: Fire, flood, theft, or facility-wide ransomware can destroy everything in one building. The offsite copy is what survives a true disaster.

The modern 3-2-1-1-0 evolution

Veeam and others extended the rule for the ransomware era:

• 3 copies, 2 media types, 1 offsite (original)
• 1 immutable or air-gapped — a copy that cannot be modified or deleted even by an attacker with admin credentials
• 0 verified errors — backups must be regularly tested with restores to confirm they actually work

What this looks like in practice for an SMB

Common modern configuration:

• Production data on file servers / endpoints / cloud
• Local backup appliance (Datto, Synology, on-prem Veeam) for fast recovery
• Cloud backup copy (Datto Cloud, Wasabi, Backblaze, Azure Backup) — the offsite
• Immutable storage tier on the cloud copy (S3 Object Lock or equivalent)
• Monthly restore test to confirm backups actually work

The most common backup failure

Not the storage. Not the network. The failure is nobody tested the restore. We've seen organizations with 5 years of dutiful backup runs discover they couldn't actually recover when it mattered. Test restores quarterly minimum.