In 2003, photographer Peter Krogh coined the 3-2-1 backup rule. Twenty years later, it remains the single best framework for protecting your data. Not because it's complicated. Because it's simple, and simple works.
Three copies of your data. Two different storage media. One copy offsite.
That's it. That's the whole rule. And if you follow it, you're protected against almost every data loss scenario imaginable.
Why three copies?
One copy is not a backup. It's just your data. If your laptop dies, your data dies with it.
Two copies is better, but it's still risky. What if there's a bug in your backup software that corrupts both copies the same way? What if a power surge fries both your computer and your external drive? Two copies can fail in correlated ways.
Three copies is the sweet spot. The probability of three independent copies all failing simultaneously is vanishingly small. You'd need multiple disasters hitting at exactly the wrong time. It can happen, but you've reduced your risk by orders of magnitude.
Think of it this way: if each copy has a 1% chance of failure in any given year, one copy gives you 99% reliability. Two copies: 99.99%. Three copies: 99.9999%. That extra copy matters more than you'd think.
Why two different media types?
Hard drives fail. SSDs fail. Optical discs degrade. Tape deteriorates. Every storage medium has its own failure modes, its own vulnerabilities, its own lifespan.
If all your backups are on the same type of storage, they share those vulnerabilities. A batch of defective drives could take out multiple copies. A new form of malware targeting SSDs could corrupt everything. Environmental factors like humidity or magnetic fields affect some media more than others.
By using two different media types, you're hedging your bets. Your external hard drive might fail, but your cloud backup won't fail for the same reason. Your SSD might have firmware issues, but your NAS probably won't have identical issues.
In practice, this often means combining local storage (external drive, NAS) with cloud storage. Different technologies, different failure modes, different risks.
Why one copy offsite?
This is the one people skip. And it's the one that saves you when everything else fails.
Fire doesn't care that you had three backups. Flood doesn't care that you used different media types. Theft doesn't discriminate between original data and backup drives. If all your copies are in the same location, a single disaster can wipe out everything.
Offsite means physically distant. Not "in a different room." Not "in the garage." Somewhere far enough away that the same event can't affect both locations. Another building. Another city. Another continent.
Cloud storage is the obvious modern solution. Your data lives in data centers hundreds or thousands of miles away, protected by redundancy and security you couldn't afford to build yourself. But a drive at a family member's house works too. The key is geographic separation.
The scenarios 3-2-1 protects against
Hardware failure. Your drive dies? You have two other copies. Your backup drive dies too? You still have the offsite copy.
Software corruption. A bug or malware corrupts your data? Hopefully your different backup systems caught it at different times, so you can restore from before the corruption.
Human error. You accidentally delete something? You overwrote the wrong file? Your backups have older versions.
Theft. Someone steals your laptop and your backup drive? Your offsite copy is untouched.
Natural disaster. Fire, flood, earthquake destroys your home or office? Your offsite backup survives.
Ransomware. Attackers encrypt your data? If your offsite backup has proper access controls, they can't reach it.
The rule doesn't guarantee protection against every threat. But it dramatically reduces the number of ways you can lose everything.
Implementing 3-2-1 in practice
Here's a realistic setup for most people:
Copy 1: Your computer. This is your working copy, the data you use every day.
Copy 2: An external drive or NAS connected to your local network. This protects against your main drive failing and gives you quick access for restores.
Copy 3: Cloud backup. This is your offsite copy. It protects against local disasters and gives you access from anywhere.
For businesses, scale this up. Multiple local backup servers. Multiple cloud providers. Geographically distributed data centers. The principle remains the same; only the implementation grows.
The rule has evolved
Twenty years of ransomware attacks have taught us that 3-2-1 isn't quite enough anymore. The modern update is 3-2-1-1-0:
3 copies. 2 different media. 1 offsite. 1 offline or immutable. 0 errors (verified).
That "1 offline" addition is crucial. Ransomware specifically targets backups. If your backup drive is always connected, it can be encrypted. If your cloud backup has cached credentials, it can be compromised.
You need at least one copy that's completely unreachable by an attacker who has compromised your main systems. A disconnected drive. An immutable cloud backup. Something that can't be touched no matter how bad the breach.
And the "0 errors" part? Test your restores. A backup you've never tested isn't a backup. It's a gamble.
Common mistakes
Sync is not backup. Dropbox, OneDrive, Google Drive—these are sync services, not backup services. If you delete a file, the deletion syncs. If ransomware encrypts your files, the encrypted versions sync. Sync services are useful, but they're not the same as backup.
RAID is not backup. RAID protects against drive failure. It does nothing for accidental deletion, corruption, ransomware, or disasters. You still need actual backups.
One cloud provider is not two media types. If all your backups are in AWS, you have one media type: "AWS." Use multiple providers or combine cloud with local storage.
"I'll do it later" is not a backup strategy. The best backup system is the one you actually use. If your process is too complicated, you'll skip it. Automate everything.
The cost of ignoring this
I've seen people lose years of photos. Businesses lose critical financial records. Students lose thesis work. Every one of them knew they should have better backups. They just hadn't gotten around to it.
Data loss is a when, not an if. Every drive fails eventually. Every system has vulnerabilities. The only question is whether you'll be prepared when it happens.
The 3-2-1 rule has survived for twenty years because it works. It's not the most sophisticated backup strategy. It's not the most comprehensive. But it's simple enough to actually implement and robust enough to actually protect you.
Three copies. Two media types. One offsite.
If you do nothing else, do that.
—Simple rules, serious protection