A Comprehensive Data Backup Strategy Based on the 3-2-1-1 Rule

Why Do Businesses Lose Data?

According to the Veeam Data Protection Report 2024, 85% of businesses have lost critical data at least once. The causes are broken down as follows:

• Hardware failure (hard drives, RAID failure): 32%
• Human error (accidental deletion, overwriting): 29%
• Ransomware and cyberattacks: 24%
• Natural disasters, fires, power outages: 9%
• Other causes: 6%

A cause for concern: only 41% of Vietnamese businesses regularly test their backup recovery capabilities — meaning many businesses think they are backing up, but in reality, they cannot restore their data.

The 3-2-1-1 Rule: An Upgrade from the Classic Rule

The traditional 3-2-1 rule (3 copies, 2 types of media, 1 offsite) is still valid but insufficient in the age of ransomware. The 3-2-1-1 rule adds the following requirements:

• 3 copies of data
• 2 different types of storage media (e.g., NAS + tape or NAS + cloud)
• 1 offsite copy (at a different physical location)
• 1 immutable copy (cannot be deleted or encrypted by ransomware)

The immutable copy is the most critical difference—ensuring that even if ransomware infects the entire system, there is still a clean copy available for recovery.

Backup Architecture Design for SMEs

Layer 1: Local Backup

Recommended devices: Synology RS1221+ or QNAP TS-873A

• Daily scheduled backups (incremental), weekly full backups
• Retain a minimum of 30 days of recovery points
• Configure WORM (Write Once Read Many) on Synology Snapshot Replication

Layer 2: Offsite Replication

Option A — Replication to a second site (suitable for businesses with two offices):

• NAS-to-NAS replication over WAN, scheduled nightly
• Required bandwidth: approximately 10–50 Mbps depending on data changes

Option B — Cloud Backup (more suitable for SMEs):

• AWS S3 Glacier or Azure Blob Storage (cold tier) — very low cost (~$0.004/GB/month)
• Use Veeam Backup & Replication or Acronis Cyber Backup to orchestrate

Tier 3: Immutable Backup

• Enable Object Lock on AWS S3 with Compliance mode
• Or use Synology C2 Object Storage with the immutable backup feature
• Recommended retention period: 90 days

Recommended Backup Software

Software	Compatible with	Advantages
Veeam Backup & Replication	VMware/Hyper-V environments	Rich features, reliable
Acronis Cyber Backup	Mixed environments	Anti-malware integration
Windows Server Backup	Simple Windows Server	Free, easy to use
Synology Active Backup	Synology NAS environments	Free, built-in

Disaster Recovery Test Process

Backups are worthless without a restore test. Recommended testing schedule:

1. Weekly: Verify backup job status, check for errors
2. Monthly: Randomly test restoring 1–2 files from the backup
3. Quarterly: Full DR test — restore an entire server to an isolated environment and verify functionality
4. Annually: Tabletop exercise — simulate a full-system ransomware scenario

RTO and RPO: Defining Acceptance Levels

Before designing a backup plan, you must determine:

• RPO (Recovery Point Objective): How much data loss is acceptable? (e.g., 4 hours)
• RTO (Recovery Time Objective): How long must it take for the system to be back online? (e.g., 8 hours)

The lower the RPO/RTO requirements → the higher the solution cost. Most SMEs consider an RPO of 24 hours and an RTO of 4–8 hours to be cost-effective.

Conclusion

A good backup strategy doesn’t have to be complex, but it must be consistent and tested regularly. Don’t wait until a disaster strikes to discover that your backup isn’t working as expected.

FATech offers comprehensive backup solution design and implementation services, along with regular DR testing support as part of our Managed IT contract.