Better backup with the 3-2-2 rule

A comprehensive backup and data protection strategy ensures that no matter what happens, all critical data will survive, and a business can continue to operate. In the past, most hazards that posed a risk to data were that of natural disasters and file corruption. The chance of these were relatively slim, but the potential consequences of losing critical data are severe, so a system should be in place to ensure business continuity, even when disaster strikes.

3-2-1 Rule

The 3-2-1 rule has been backup best practice for many years and for good reason. The 3-2-1 rule states that you should:


3 – Keep three copies of all data

This includes one primary copy and at least two backups.

2 – Store your copies of data on at least two types of storage (cloud, local hard drive, server, etc.)

It is unlikely to have two different types of storage device fail at the same time.

1 – Store one of these copies off-site (in the cloud)

With off-site storage it means that even if there is a fire or flood in an office all the data will be safely stored off-site.


This is an effective method of backup as there is no single point of failure, however there are more hazards to data now than there has ever been. There is still the risk of natural disasters and file corruption, however the most common risk is a ransomware attack. With the current rate of ransomware attacks it is not a case of if you will fall victim, it is a case of when. The combination of moving to the cloud and the cybersecurity threat landscape expanding rapidly, the 3-2-1 rule may be superseded by the 3-2-2 rule.

3-2-2 Rule

The 3-2-2 rule states that a business should keep:

3 – Keep three copies of all data

This includes one primary, a synced version through One Drive for Business, and a cloud copy through Acronis Cyber Protect.

2 – Store the data on two different clouds (One Drive for Business and Acronis)

This results in both ease of use and timely disaster recovery in the case of a ransomware attack.

2 – Store two copies of data off-site (in the cloud)

Having two copies of data off-site provides an extra level of redundancy, so no matter what happens your data is safe.


The key benefit to the move to the 3-2-2 rule is that it prevents ransomware attacks and in the case of a disaster, the recovery is timely and there is no risk of any loss of data.

With a single cloud data solution such as One Drive for Business it allows users to sync document libraries, which can be a problem as if a ransomware attack encrypts their files, the encrypted files will then be synced to the cloud. It will be likely possible to recover the files, however there is nothing to stop the attack in the first place and there will be downtime whilst the files are recovered. In comparison a solution such as Acronis Cyber Protect will provide protection from an attack through anti-malware and endpoint protection. If ransomware does manage to get through these layers of protection, Acronis Cyber Protect constantly backs data up and automatically reverts to an unencrypted version of data to significantly reduce downtime and ensure business continuity.

A comprehensive backup and disaster recovery strategy may be the difference between business continuity and long periods of downtime with lost business. In the past a comprehensive backup solution was costly and required on-premises servers and storage. In the age of cloud storage, implementing a comprehensive solution is quick, easy, and cost-effective. The 3-2-2 backup rule with Acronis Cyber Protect and One Drive for Business will ensure that no matter what incident occurs, natural disaster, hard-drive failure, or ransomware attack, your data will be safe, and your business can continue as normal.

If you want to find out more about how you can implement a comprehensive backup and disaster recover solution for your business get in touch today.

Leave a Reply

Your email address will not be published. Required fields are marked *