Is 321 rule useful?
Backups are one of the most important points to consider when creating a data center. Not only do they add a layer of redundancy, but they protect us from possible cyberattacks such as ransomware.
The 321 rule defines having a total of 3 copies on 2 different media and 1 off-site. That is, we keep a total of 3 copies of the data, 1 is the current one (version used by the servers directly), and the other two are backup copies, one is in the same Data Center and the other in a Data Center remote.
This rule is currently the one supported by the Government of America. The entity US-CERT (Unitet States Computer Emergency Readiness Team) recommends standard 321 also defining what pros and cons it has, recommending what possible means can be used.
Over the years, forks of the 321 rule have emerged, some of them being:
- 312 Rule:
Remarkably like 321, we still have a total of 3 copies, unlike that it will be in one medium and in two different remote Data Centers. This rule allows us to have more redundancy in the event of an incident, for example, a fire in the primary Data Center, being able to maintain 2 remote locations as a backup. This, if following this rule, can generate more traffic between Data Centers, which can limit the total bandwidth available or make the connection more expensive.
- 322 Rule:
As in the 312, we keep the 3 copies, 2 in a remote Data Center, but we add another medium. That is, if one backup is saved to HDD, the other can be saved to tape drives. A standard invented to try to minimize costs, usually having an incremental backup on HDD and keeping a total copy updated less frequently on tape drives.
- 323 Rule:
Finally, 323 rule, could be defined more as 423 rule, because we will have a total of 4 copies. Two copies will be found on the same medium in remote data centers. A copy (usually in tape drives or HDD) will be stored externally, that is, the copy is physically moved to the Data Center, the backup is made, and it is returned to its storage location.
This standard is highly laborious, because it requires physically moving the backup, that does allow us in case of possible failure to recover the data quickly without collapsing the WAN connection.
In summary, it is of high importance to always keep more than one copy of the data. It is not always mandatory to follow one of the rules described above, because there are storage techniques such as RAID 6 that allow us to add redundancy to one of the copies and depending on the importance of the data with a RAID 6 and a backup copy, can be enough.
However, it is always recommended to try to follow standard 321 or similar variants.
Authors: Ferran Montoliu and Joan Farràs