3-2-1 Backup Strategy
3-2-1 Backup Strategy

3-2-1 Backup Strategy

Overview of backup strategy

You need a backup strategy to protect the data that’s most important to you. This could be financial data, your digital pictures, digitized home video of special moments, or maybe data related to games that took much time to get to some level. While software that runs the computer such as the Operating System, office products, Video editors, and the like can be reinstalled; data is lost forever if not recoverable from a backup.

The 3-2-1 backup strategy provides for:

  • Three copies of your data (one primary, two backups)
  • Data is stored on two different types of storage media
  • Store one copy on an offsite location (this can include cloud storage)

To keep three copies of the data, you might:

  • Keep the working copy of data on your desktop, laptop, or smartphone
  • Use an External USB Drive or home NAS (Network Attached Storage) device
  • Use a cloud service or Disk drive you store offsite

To maintain two different media types, you might:

  • Use an SSD drive (on your computer or smartphone)
  • Use an HHD drive for your onsite backup. It is best to use RAID configured drive so if one HHD drive fails, no data is lost. Or use a Cloud service as your 2nd Media type (as Cloud providers use both RAID and eventually backup your data to tape and/or replicate your data to a failover datacenter site)

Why two different types of media? Storage media’s eventually fail. Different media types stand up to hazards differently. SSD drives have shorter lives and are limited on read/write operations. HHD have much longer lives but eventually die from mechanical failures.

Maintain One copy of the data in a physically separate location from the primary data storage location. Ideally, this copy is not instantaneous (like OneDrive or iCloud) such that it is isolated from the other copies to eliminate corruption by ransomware. This protects your data from Fire and Natural Disasters.

There are a few ways to accomplish this strategy:

Methods to implement Backup Strategy:

Method 1 (USB Drive and Cloud)

Method 1 Backup Configuration

  • Connect a USB drive to either your computer (directly), or to your home network (e.g., via the Router).
  • Configure your desktop or laptop to backup your data to the USB connected Drive. Both iOS and Windows come with built in software to do backups. IOS uses Time Machine which works well. Windows has File History that is a bit problematic. Windows also has Backup and Image copy features that are more reliable. Alternatively, 3rd party software like Acronis do Backups extremely well.
  • Disconnect the USB Drive when not actually backing up. This prevents it from ransomware as hackers cannot connect to an unconnected device.
  • Use a cloud account for real-time backups. The cloud account can be configured to only backup the DATA, and not the software running the data. This will allow for the cloud to be much quicker in processing first time backup and updates.

Method 1 Pros:

  • This is an economical way to do backups
  • This is an easy method to setup your 3-2-1 backup strategy
  • Cloud is often free for small amounts of data

Method 1 Cons:

  • This method requires extra steps for smartphones for the USB drive copy
  • This method requires a USB drive be connected, which either requires hardware to connect (such as for a smartphone) or, it’s connected to the router.
  • A router connected USB drive is not safe. It has only the protection of your router. Most routers are not updated frequently to protect from attacks.
  • The method requires you to remember to disconnect the Hard Drive when backups have finished. If you do not disconnect, you are not protecting yourself from malware and ransomware.
  • This method requires you to remember to connect the Hard Drives when scheduled backups start (or you must manually remember to run your backups)

Method 2 (Rotating USB Drives)

Method 2 Backup Configuration

  • Connect a USB drive to either your computer (directly), or to your home network (e.g., via the Router).
  • Configure your desktop or laptop to backup your data to the USB connected Drive. Both iOS and Windows come with built in software to do backups. IOS uses Time Machine which works well. Windows has File History that is a bit problematic. Windows also has Backup and Image copy features that are more reliable. Alternatively, 3rd party software like Acronis do Backups extremely well.
  • Disconnect the USB Drive when not actually backing up. This prevents it from ransomware as hackers cannot connect to an unconnected device.
  • Having at least 2 external drives you’ve been using for the backups, transport one of the drives to an offsite location such as a Bank provided safe, or a trusted friend or extended family’s house.

Method 2 Pros:

  • You save money on Cloud service providers (especially if you have a lot of data)
  • This is still an economical way to do backups. You save money on the cloud, but you spend money on the extra drives.
  • If you decide not to disconnect your drive after the backup, your risk is still less than cloud because your other drive (or multiple drives) are not connected… you just have the one drive connected.

Method 2 Cons:

  • Same Con’s as method 1 plus additional pain as follows
  • You need to rotate drives in and out of your remote location
  • If the offsite location isn’t far away, then it’s not that much safer than at your home. You’ve provided safety in case of Fire. But you haven’t provided much safety over regional natural disasters.

Method 3 (NAS and cloud)

As you can see, both Method 1 and Method 2 are a bit painful to maintain. However, they are doable. Use a smartphone reminder to stay on schedule.

The last option is below and automates the process. If you have a LOT of data, this option is what you need.

Method 3 Backup Configuration

  • Connect a NAS to your home network. I’m going to recommend Synology due to the software it has available to do this task
  • Activate antivirus software on the Synology (this is to keep your network located data safe)
  • Install “Active Backup for Business”. This software will poll all desktop, laptop, and server devices you configure on a schedule or event.
  • Install the Agent software for the above software on each laptop or desktop device you have data of which you seek to protect.
  • Install “Synology Drive Server” on the NAS. This software will act as a cloud service for your smartphone
  • Install DS File on your smartphone
  • Install “Snapshot Replication”… these are write only snapshots of spaces on your NAS (as you define – so define to take snapshots of your backups). Since a snapshot is write only, any attempt at ransomware will fail to update the snapshot.
  • Backup the NAS snapshot folder(s) to a cloud service

Method 3 Pros

  • Schedule or event triggered of automated backups for all your devices (e.g. laptops, desktops, servers)
  • Can keep multiple backups based as you define (e.g. daily, weekly, monthly, yearly)
  • Automically backups your smartphone data (or maybe yoou configure it to just backup your pictures)
  • Smartphone backups will occur automatically as soon as you connect to your home network
  • No need to remember to backup any of your devices. It all happens automaticaly.
  • If you use a cloud service for each of your devices and you have enough data that you’rer getting charged, using a consolidated single cloud service for the NAS will likely be cheaper

Method 3 Cons

  • NAS systems are a fairly expensive initial investment. And Synology NAS systems are more expensive than other NAS devices. However, you can use a two disk device with a RAID 0 configuration (this is just a mirror of what is written on the first disk is written on the second disk) to keep costs relatively low).
  • A cloud service that will backup a NAS is not free. This, too, will be an extra charge.
  • It takes a higher degree of skills (e.g. YouTube videos, articles) to learn to configure the NAS properly. It’s rewarding, but not a skill everyone desires to learn.
Viedo from ExplainingComputers.com

What’s wrong with just backing up to iCloud or OneDrive and being done with it?

If the data you need to protect is in Gigabytes rather than Terabytes, and you feel Ransomware isn’t likely (or if it happens, you’re okay with losing the data), then having the data in just 2 places with real time backups works very well. The methods I described here are overkill for your situation. However, if your data represents much hard work, where you would incur a loss as a result of its destruction, then the methods I outlined here will save you from that devastation.

If you invest in 3 or more external drives with 6 Terabytes each, that may run just shy of $400. This would work well for rotation. An entry level 2 bay Synology NAS (DS220+) runs $300; though you’ll also need to buy the disks… which the equivalency would be another $160 each. Thus, you’re at about $620 minimum to get into the NAS solution.

Note: If you buy a second NAS and put it at a family or friends house (hopefully in another State), then you can setup a VPN to tie the NAS devices together and backup the NAS without incurring any cloud charges. If you’re protecting 10 TB, then you know cloud storage is costing upwards of $700 a year so adding a second offsite NAS has a quick return on investment.

Leave a Reply