In the event of a disaster leading to database unavailability, restoring backups is the first step to ensure business continuity. However, situations may arise when attempts to restore the database fails. For instance, the tape drive used for storing backups may get damaged rendering the backup data corrupt and unusable. In fact, tape drive media failure is the most common cause why restore fails. To prevent this and ensure database can be restored with uncorrupted data, SQL users implement the 3-2-1 backup rule for data protection. This article discusses this data protection rule and if it is still relevant.
The
3-2-1 Backup Rule for Data Protection – What It Is?
The 3-2-1 rule
of data protection ensures that database can be restored with uncorrupted data.
The idea behind the rule is to have:
3 copies of backup: You must have at
least three copies of your data. One is your production data plus two backup
copies. The more copies you have, the less risk you have of losing data.
2 copies on different media: Ensure to
store two copies of database backup on different media types. This is important
because a backup media can fail. When you split your backup into different
media and a device fails, you’ll have another to fall back on.
1 copy on offsite: Store one of the two
backups offsite. Doing so ensures that if anything happens to one backup copy,
it won’t (hopefully) affect the other copy.
Is the
3-2-1 Backup Rule of Data Protection Relevant for SQL Users?
The 3-2-1 backup
is a good starting point for devising any disaster recovery plan, particularly
for SQL users who aren’t backing up at all. But, the backup rule has certain shortcomings.
Data Can Be Compromised
Maintaining
three copies of data is fine, as more copies ensure recovery is possible in case
of any disaster. But keeping two copies on different media types has limitations.
Having two copies stored in two storage media or devices means quicker access
to the backup (if the primary fails), however, this might not always be the
case.
What happens if
a ransomware infects your secondary storage while the primary is already down?
You may lose all the data unless you pay a ransom. And, with several
organizations replacing tape backup with cloud storage, an ever-increasing
number of databases becoming vulnerable to ransomware attacks.
According a report
by Imperva, “46% of all on-premises databases are
vulnerable to attack.” Imperva predicted that data breaches will
continue to grow as nearly one out of two on-premises databases is vulnerable
to attacks. And so, you need more comprehensive and stronger data protection
strategies than ever before.
Faulty Interpretation of the 3-2-1 Backup
Rule
Backing up on
tape drives is more expensive than backing up data on the cloud. And, as the
demand for storage space grows so does the need for storage cost. Though, tape
is still used – but due to slow recovery time and high cost involved – users
are moving data to offsite locations, such as the cloud. That’s where the
problem starts.
As cloud-based
services not necessarily store backups at the same storage facility, point “2”
and “1” in the backup rule are ignored. In other words, moving offsite data to
cloud can fulfil the purpose of point “2” – it can be used to store a backup
copy that is incorruptible and used for recovery if the first copy is affected.
But this way, you’ll have only a single copy which doesn’t offer the protection
you need from ransomware or other cyber threats.
Air Gap Protection is Lost
Though tape-based
storage can slow down your recovery due to bandwidth constraints, it provides
air gap to prevent ransomware from affecting your backup copies. However, air
gap protection is missing in the 3-2-1 rule.
Air gap is
basically a way of protecting a backup copy by storing it on a network that is physically
separate from the primary data.
It was easy to
provide an air gap when using tape backups. You can place tape backups in a box
and transport them to off-site locations, creating an air gap between your
backup and primary data copy. This makes it harder for hackers to attack a
database, as they cannot attack both primary and backup storage devices.
How to
Overcome 3-2-1 Backup Rule Shortcomings?
Backup
strategies like 3-2-1-1-0 or 4-3-2 offers additional protection against ransomware
attacks. Let’s discuss in brief about these two strategies:
3-2-1-1-0 Backup Rule
Like the ‘3-2-1’ backup rule, the 3-2-1-1-0 data protection strategy also requires maintaining at least three copies of data, storing data on at least two different storage media, and storing one backup copy offsite. Plus, it requires two additional steps:
- Keeping one tape backup copy offline or air gapped, as it requires storing tape backups off-site. Or you may store cloud backups with immutability, thereby preventing data from getting modified or changed.
- Monitors data to help identify and correct any errors in the backups.
Essentially, the 3-2-1-1-0 backup rule ensures that you've an error-free offline backup copy you can use to recover data in case of system failure or cloud failure.
4-3-2 Backup Rule
Developed by IT
security partners, Continuity Centers, the 4-3-2 rule states that four copies
of data are stored in three different locations. Out of the three locations, two
are offsite and the third copy is stored in the cloud. And, the fourth backup goes
to another cloud storage.
The 4-3-2 backup
strategy ensures that duplicate copies of backups are created and stored at
geographically distant locations to avoid data loss in the events of natural
disasters.
Concluding Thoughts
Preventing data
loss, in the event of a disaster, is crucial for business continuity. And so,
you must be regularly taking backups and reviewing them to ensure their
effectiveness in restoring the SQL databases. The 3-2-1 backup rule is a good
starting point for data security, but you need more extensive backup strategy
to protect your data against the growing number of digital threats. Upgrading
the 3-2-1 rule to a 3-2-1-1-0 or 4-3-2 backup strategy provides an additional
layer of security to help you recover
ransomware affected databases.
