Organizations thinking about protecting business-critical systems with data protection plans want to consider many important aspects of their backup plans. One crucial rule of thumb for organizations to follow when thinking about their data protection plans is the “3-2-1 rule” in regards to backups. The 3-2-1 backup rule contains important principles related to how organizations should think about backup data and is a great place to start when ensuring a data protection plan meets the basic criteria for a stable and reliable data protection plan. What is the 3-2-1 rule for backups? What technologies can organizations utilize to meet the criteria stated in the 3-2-1 rule and what might this look like in a data protection plan?

The 3-2-1 Backup Rule

The 3-2-1 backup rule was born from a desire to formulate a best practice around having multiple copies of data in multiple locations on different types of media. This greatly helps to mitigate the risk of losing both production data as well as backup data. The “3-2-1 rule” means we have at least “3” copies of our production data on “2” different types of media with at least “1” copy stored offsite.

With three copies of production data, we have multiple copies that we can restore from – “3”. More than one type of medium, “2”, helps to ensure we will have a working copy of our backups by diversifying what types of media we are storing those backups to. Generally, this is satisfied by organizations who store a copy of backups to some sort of tape archive traditionally. The tapes would diversify the medium from the HDD spindles on which our other backups may be stored on. Tape backup however is declining with organizations making using of disk to disk technologies as well as leveraging the public cloud. With the public cloud being so readily accessible today, offsite storage, “1”, is more feasible than it has ever been before. Organizations can procure cheap offsite storage in the form of secure, readily accessible, less performant storage from the big public cloud vendors.

The beauty of public cloud storage is that organizations forgo the expense of building the infrastructure needed for offsite storage whether it be the compute/storage/network and other requirements as well as the physical infrastructure to house the equipment. These expenses are not trivial. With public cloud storage, the big cloud vendors provide all the technical and physical infrastructure. With a simple charge based on usage, organizations can store data offsite and even in different regions if they choose.

Download Banner

Practical Implementations of 3-2-1

We have looked at a high-level view of the 3-2-1 rule as it pertains to backups. How do we implement the 3-2-1 rule though in a practical way? What does it look like with a modern backup solution? Vembu BDR Suite is one such modern backup solution that provides powerful ways to diversify backup location, medium, as well as offsite storage. Let’s take a look at a few solutions that satisfy the requirements of the 3-2-1 backup strategy including:

  • Backups
  • Replication
  • Offsite copies


The most basic aspect of employing the 3-2-1 backup strategy is to actually backup our production environment. Creating at least one backup of production will satisfy one of the copies we need. Backups themselves can be stored locally or even at a different site from production. With solutions such as Vembu BDR Suite, backups themselves can be very streamlined, efficient mechanisms to get data stored safely on regular intervals. Using Changed Block Tracking, only the changed block information is copied after the first full backup is captured.



Replication is typically in place to help withstand the failure of an entire “site”. Generally, a site in this context is a physical location. Replication allows us to create replica virtual machines in another VMware or Hyper-V environment that are updated with each backup cycle with changed block information to keep the replica virtual machine as close to production as possible. If you have a situation where the entire production site goes down, the replica virtual machines can be powered on taking the place of the production virtual machines that are no longer accessible. This can be referred to as a “failover”. The additional “copy” of virtual machine files via the replica of production, satisfies the requirement for an additional copy.


Offsite Copy

Having an offsite copy of production data is a critical part of any data protection plan as we mitigate the risk of having all our “eggs in one basket” when it comes to our backup data. With an offsite copy, we are replicating a copy of our backup data to another backup server located in a different location, hence offsite. This allows us to be protected from a single site or even multi-site failure as long as our offsite copy has at least a reasonable degree of geographic separateness from the production datacenter and even our replicated virtual machines located in a standby datacenter. With the current roadmap of Vembu BDR Suite 4.0, Vembu will soon be adding support for tape drive integration to allow users to target tape media for an additional backup medium.



Protecting data using the 3-2-1 backup rule is a great strategy to include multiple copies of backup data as well as make sure we have data on different medium as well as one offsite location. By using features of today’s modern backup solutions such as Vembu BDR Suite, organizations can easily satisfy the principles in the 3-2-1 strategy. Starting with the traditional backup we have a copy of production. We can then extend this to creating a replica of virtual machines in a secondary location. Additionally, we can then use the offsite copy to make sure we have a copy of our backup data in offsite storage. Using the 3-2-1 rule for protecting production data is a great way to make sure we are diverse, protected, and resilient to multiple site failures in the event production data needs to be restored or failed over.

Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.

Like what you read? Rate us
Protect Data with the 3-2-1 Backup Rule
Rate this post