Have you ever lost an important file? We have, and we know the cost. A client — a clothing store we managed — lost their customer database due to human error. Without backups, they would have lost years of relationships. With the 3-2-1 strategy, data was safe on three separate media. Recovery in hours. That's why the 3-2-1 backup rule is not just good practice: it's the insurance policy for your digital business.
What is the 3-2-1 backup rule and why does it work?
The rule is simple: three copies of your data, on two different media, one copy off-site. It seems basic, but in our experience — over eight years managing servers and websites — this strategy is the difference between an incident and a disaster.
Three copies: the original plus two backups. A ransomware attack, hardware failure, or accidental deletion can hit even the primary copy. With two separate backups you have margin.
Two different media: don't put all eggs in one basket. If you only use an external hard drive, a lightning strike can fry everything. Combine local disk, NAS, cloud, tape.
Sponsored Protocol
One copy off-site: fire, flood, theft. If the physical location is compromised, the remote copy (cloud or datacenter) lets you restart. We explain this to our clients in Sicily: in Sciacca we know what a blackout or flash flood means.
Why does it work? It minimizes single points of failure. Not theory — resilience engineering. We, at Meteora Web, apply it on every project from WordPress sites to Laravel platforms.
How to implement the 3-2-1 backup for your business?
Let's start with a concrete case: a small business with 5 PCs, a NAS server, and cloud data (Google Workspace). Here are the operational steps.
1. Inventory of critical data
Not everything needs three copies. Identify: customer database, invoices, ongoing projects, website, emails. Every day we see companies backing up temporary files and having no copy of their management system. Rank by economic impact: if you lose that data, how much revenue do you lose?
2. Choose media
- Local copies: network NAS (e.g. Synology) or external hard drives. We recommend NAS with RAID 1 (mirroring) for tolerance to single disk failure.
- Cloud copies: services like Backblaze B2, AWS S3, or Google Cloud Storage. Cost-effective (~$0.005/GB/month). Attention: not all clouds are equal. Verify client-side encryption.
- Physical off-site copies: a disk stored in another location (owner's home, safe deposit). An economical alternative to cloud.
3. Automation and verification
Manual backup doesn't exist: it gets forgotten. Use tools that schedule automatic copies. Simple example for MySQL database of your e-commerce (cron + mysqldump):
Sponsored Protocol
#!/bin/bash
# Automatic MySQL backup with rotation
DB_NAME="my_shop"
DB_USER="backup_user"
DB_PASS="secure!"
BACKUP_DIR="/mnt/nas/backup/db"
mysqldump -u $DB_USER -p$DB_PASS $DB_NAME | gzip > $BACKUP_DIR/db_$(date +%Y%m%d).sql.gz
# Delete backups older than 30 days
find $BACKUP_DIR -name "*.sql.gz" -mtime +30 -deleteThen schedule cron: every night at 3AM. But the real secret is periodic verification. A backup not tested is a backup that doesn't exist. At least once a month we restore to a staging environment to check readability.
Sponsored Protocol
4. Encryption and security
Your backups contain sensitive data. Encrypt them before sending off-site. Tools like gpg or openssl work well. For cloud, use client-side encryption: you keep the key, not the provider. Without encryption, unauthorized cloud access exposes everything.
Which tools to use for 3-2-1 backup?
No silver bullet, but proven combinations. We, at Meteora Web, use these for our clients and ourselves.
- For servers and websites: BorgBackup (deduplication, compression, encryption) + custom scripts for cloud upload. Alternative: Restic, simpler but less efficient on large volumes.
- For PCs and Macs: Veeam Agent (free for Windows) or Time Machine (Mac) + copy to NAS and cloud via Hyper Backup (Synology).
- For databases: automation with cron + mysqldump/pg_dump + upload to S3. For WordPress, plugins like UpdraftPlus with remote destination.
- For entire servers: VPS snapshots at provider (e.g. DigitalOcean, Hetzner) — fast but not a substitute for independent off-site backups. A provider can fail.
Example script with Restic for backing up a directory to Backblaze B2:
Sponsored Protocol
#!/bin/bash
export RESTIC_REPOSITORY="b2:bucket-name:/backup"
export B2_ACCOUNT_ID="..."
export B2_ACCOUNT_KEY="..."
export RESTIC_PASSWORD="encryption-password"
restic backup /srv/www --tag website --tag weekly
restic forget --keep-daily 7 --keep-weekly 4 --keep-monthly 3 --pruneThis script performs a deduplicated backup and then prunes old copies (automatic rotation). Schedule with cron.
How much does a 3-2-1 backup strategy cost compared to an incident?
We come from accounting — balance sheets, double-entry bookkeeping, VAT — so we think in numbers. A full backup for a small business (50 GB) costs around $10-20/month (amortized NAS + cloud). A ransomware attack can cost tens of thousands in ransom, downtime, and recovery specialists. Backup is the most profitable investment you can make.
Sponsored Protocol
Common mistakes: backup on the same disk as the system (if the disk fails, you lose everything), backup without encryption, monthly backups when data changes daily. We saw a client with weekly backup: server went down on Sunday, lost 6 days of orders. With daily 3-2-1 backup, they would have lost at most a few hours.
What to do now
Don't wait for data loss to act. Here are immediate steps:
- Estimate what your data is worth in terms of revenue and recovery costs. If you've never quantified it, do it now.
- Choose two different media (e.g. NAS + cloud) and set up automatic backups weekly or daily.
- Test restoration on a separate environment before it's too late.
- Encrypt every off-site copy with a personal key.
- Document the procedure: in an emergency, anyone must know how to restore. Don't rely on memory.
To dive deeper into data security, read our pillar guide on cybersecurity for users and businesses.
External resource: CISA — Backup Basics.
