Cyber Risk & Liabilities: The 3-2-1-1-0 Data Backup Rule
August 9, 2023

It is essential to effectively back up data since its loss can have significant financial and reputational consequences. Yet, as technology advances, backup strategies also evolve. For example, the 3-2-1 rule, a long-held data backup standard, has developed into the 3-2-1-1-0 rule that provides businesses with more robust guidance on mitigating the risks associated with data loss.

This article provides information on the 3-2-1-1-0 rule and its advantages.

The 3-2-1 Rule: A Brief Overview

The 3-2-1 rule was originally created for backing up photography files but grew to encompass safeguarding various types of information. The technique directs data users to do the following:

• Make three copies of data on a regular basis
• Store the data on two different types of media
• Maintain one copy offsite

There are attractive features of the 3-2-1 rule. It provides an easy-to-remember strategy that reduces the risk of catastrophic data loss by diversifying data storage locations and eliminating a single point of failure.
However, the rule also has its limitations. It may not provide effective protection against cyber criminals’ increased use of ransomware and backup file targeting. Additionally, it lacks a step to ensure the backup data does not contain errors. These shortcomings create gaps that could leave systems vulnerable, reduce efficiency in data restoration, and lead to increased costs and reputational damage.

The 3-2-1-1-0 Rule: Summary and Advantages

The 3-2-1-1-0 modernizes the 3-2-1 rule and addresses its weaknesses. It aims to provide more robust data protection along with more efficient recovery after a data loss event. Here’s how the updated 3-2-1-1-0 rule compares to the 3-2-1 rule:

• The original “3” referred to having three copies of data available, meaning the original and two backups. With the updated rule, the “3” now refers to three backup copies of the data in addition to the original copy.
• The “2” still directs businesses to store data on two different types of media, but as technology has improved, ways to accomplish this have expanded (e.g., cloud storage, solid state drives).
• The first “1” still refers to maintaining a backup copy of the data offsite. This reduces the risk of data loss if the primary physical location is compromised or destroyed (e.g., in a fire or flood).

The updated 3-2-1-1-0 rule also adds two steps to the original rule:

• Store one (“1”) copy of the data offline
• Ensure there are zero (“0”) errors in the backup copies

These revisions provide several advantages when compared to the 3-2-1 rule. For example, storing a copy offline mitigates risks associated with ransomware, malware designed to deny access to data unless a ransom payment is made.
Ransomware attacks have been increasing in number and sophistication, and cybercriminals have begun targeting backup data. Ensuring a copy of data is stored offline creates an “air gap,” meaning the data is not accessible through the internet and the information is not available for hackers to access remotely.
Users can also utilize cloud storage that operates on a separate system to accomplish this goal. When this method is utilized, it is advisable to make the data immutable, or unable to be changed, and to encrypt it.
Additionally, following the 3-2-1-1-0 rule and verifying there are zero errors in backup copies helps ensure that restoration occurs properly and efficiently. With the amount of data needed in operations, restoration processes can be hampered by corrupted data. Businesses should regularly perform restore tests to promptly find and correct errors. They also should ensure backup systems are updated and patched to help streamline the restoration process.


While the 3-2-1 rule offers some protection for a business’s data, the 3-2-1-1-0 rule provides guidance on how to implement more robust safeguards. These prescriptions can help protect against data loss due to hackers, viruses, physical damage, stolen devices and human error. The 3-2-1-1-0 rule can also help businesses restore data efficiently and more cost-effectively while addressing modern needs.
By following the protocols in the 3-2-1-1-0 rule, businesses are better prepared to mitigate evolving cybersecurity risks that can lead to financial or reputational harm.
For more risk management guidance, contact us today.

How May We Help You?