Why Backup Data and What is the 3-2-1 Rule for Backup?

First of all, what is a backup? A backup is a copy of your important data, usually stored in another location, so you can recover it in case of deletion or data corruption due to software or hardware problems.

The simple act of justifying the need for data backup should not be required in the modern world. Having a backup should be mandatory for businesses and even your average Joe. Nowadays, everyone has something digitally stored that they would get upset about if it were to disappear.

Why should you backup data?

The most obvious answer would be: you should have a backup of your data so you don’t lose it.

But actually, many people give way too much credit to their hard disk, their SSD, or their operating system and virus/ransomware protections. Things break. S**t happens. You will want at least part of your data to be backed up somewhere when that happens.

How often should you back up data?

You have to consider three things:

  1. How often does the data change?
  2. How valuable is this data?
  3. How long does it take to perform a backup?

Based on the above, you can formulate a backup strategy.

Here’s an example of a backup strategy: my family pictures are very valuable, as they are memories. They change sporadically: some days there are no pictures taken, some days there are 30 or more pictures taken. And it takes about 1 hour to back up everything, as there are a lot of them. Based on this, the entire folder that holds family photos and movies is backed up to another drive in another system (the NAS is the main storage, and the system backup is another computer) once a week, Sunday, at around 2 in the morning. This way, nobody is awake at that time, and the intensive task of backing up bothers no one. I decided on once a week since the hard drives in the NAS are fairly new. I do plan to make this twice a week in the future.

What is the 3-2-1 rule for backup?

The 3-2-1 rule for backups was introduced in 2005 through his book by Peter Krogh, a photographer, writer, and consultant. Even CISA (Cybersecurity and Infrastructure Security Agency) recommends this method as a way to deal with backups.

This is what the 3-2-1 backup rule means:

3. Create one primary backup and two copies of your data

2. Save your backups to two different types of media

1. Keep at least one backup file offsite.

The 3-2-1 rule advantages

The main advantage of this way of backing up data is that it reduces the impact of a single point of failure. One copy of your data getting corrupted or something similar would not cause you to lose everything.

Example: Say your laptop has some family photos and movies and some documents. You may have a backup on your local NAS, on an external SSD, and in the cloud. And if you maintain these backups up to date frequently, in case something goes horribly wrong, you might not lose anything. Or at least minimize the loss.

Are cloud backups secure?

Basically, yes. I know, I know everyone loves a good conspiracy, and the man is watching me bla blah…. but listen: nobody will bother to break encryption to a photo of your dog. And if it’s that sensitive, it does not belong on a drive that has access to the internet. No, your system is not safer just because it’s in your house. House burns down -> no data. Ransomware -> fun times. Etc.

Follow these rules to make sure you own your backups:

  1. Be organized.
  2. Encrypt everything that is important.
  3. 2-Factor authentication access to your cloud storage. Keys, etc. Secure. And don’t share this stuff with half of your friends.
  4. Choose a cloud storage provider that you trust.

Speaking of point nr. 2, I usually just compress & encrypt the big folder that is actually backed up. For example, sensitive data, photos, and media are stored encrypted in the cloud. Yes, it is an additional step, but those are my photos. I’d rather do this than worry.

In regards to the 4th point, I use Hetzner. The GDPR compliancy and my experience with them over the last couple of years gave me the trust I need to store data there. Oh, and the prices are good too! They have the Storage Box and Storage Share services. Both are awesome, and Nextcloud is some amazing piece of software. Apart from this, you can have backups and snapshots for the machines you run. This is not an advert or some sponsorship, I just use their products, and I can recommend what I use. If you’d like to give them a try, you can click my affiliate link. You get 20 euros in cloud credits.

Other services you can use: obviously, Amazon Web Services and Google Cloud, but also Azur, Backblaze, Sync.com, Proton Drive, Tresorit, and I am sure there are many others.

Choosing a cloud provider for your data storage needs is quite easy nowadays. There are a lot of options, from providers that give you the freedom to geek out to simple but efficient solutions.

Remember! No matter who or what service you choose, remember to encrypt your data, just in case.

Some viable option for encryption: Cryptomator, Rclone, VeraCrypt, Syncthing and I bet there are way more. Even the basic WinRar archive with password is better than nothing.

Can stuff like this be automated?


Some providers actually have stuff like this out of the box. Apps that allow you to automate backing up data.

But anyway, I can recommend Veeam for Windows (it has a free version too!) and BorgBackup for Linux – be sure to check out Vorta also if you use Borg Backup. I’ve heard good things about Duplicati also.

Ending note

I see no point in going deeper into the subject as if this short writing has a purpose… that is to convince you to back up the data you care about. And to employ the 3-2-1 rule if you can and really care about that data.

We’ll take a deep dive into these things in the future in the form of tutorials & guides.