Data loss is one of the most painful IT experiences — whether it’s from ransomware, hardware failure, accidental deletion, or natural disaster. The solution is simple: a good backup strategy. The industry standard is called the 3-2-1 rule, and implementing it requires less effort than you might think.
The 3-2-1 Backup Rule Explained
The rule is:
- 3 copies of your data
- 2 different storage media types
- 1 copy stored offsite
Example setup:
Copy 1: Original data on your laptop's SSD
Copy 2: External hard drive in your home office (different media)
Copy 3: Cloud backup (Backblaze, iCloud, Google Drive) (offsite)
This survives:
✓ Hard drive failure (copies 2 and 3 remain)
✓ Ransomware (copy 3 offsite remains, copy 2 if offline)
✓ House fire or flood (copy 3 in the cloud survives)
✓ Accidental deletion (all copies allow recovery)The Extended 3-2-1-1-0 Rule
Modern best practices extend the original rule for even better protection:
- 3-2-1 as above, plus
- 1 immutable or air-gapped copy (cannot be modified or deleted by ransomware)
- 0 errors after testing restores (regularly verify backups work!)
Cloud Backup Options
For Personal Files
# Backblaze Personal Backup — $9/month, unlimited storage
# Best for: Complete computer backup
# Setup:
# 1. Sign up at backblaze.com
# 2. Download and install the agent
# 3. Initial backup runs automatically (may take days for first backup)
# 4. Continuous backup thereafter
# iCloud Drive (macOS/iOS)
# System Settings > Apple ID > iCloud > iCloud Drive
# Enable Desktop and Documents folders
# Google One (2TB for $10/month)
# Best for: Android users and Google ecosystemFor Businesses
# Veeam Backup & Replication (industry standard)
# - Backs up VMs, servers, cloud workloads
# - Community Edition is free for small environments
# Acronis Cyber Backup
# - Includes ransomware protection
# - Cloud, local, or bothLocal Backup Setup (Windows)
# Windows built-in backup using robocopy:
# Create a backup script: backup.bat
@echo off
set SOURCE=C:UsersYourNameset DEST=E:Backup
robocopy "%SOURCE%" "%DEST%" /E /COPYALL /R:3 /W:10 /LOG:backup.log /NP
echo Backup completed: %date% %time%
# Schedule it with Task Scheduler:
# taskschd.msc > Create Basic Task
# Trigger: Daily at 2:00 AM
# Action: Start a program > backup.bat
# For better Windows backup, use File History:
# Settings > System > Storage > Advanced storage settings
# > Backup options > Add a drive (select external HDD)Local Backup Setup (macOS)
# Time Machine — built-in, excellent
# 1. Connect external drive
# 2. System Settings > General > Time Machine
# 3. Add Backup Disk > Select your drive
# 4. Time Machine backs up hourly automatically
# Verify a backup restore:
# Boot from macOS Recovery (hold Command+R at startup)
# Restore from Time Machine BackupLinux Backup with rsync
# rsync is the go-to Linux backup tool
# Basic syntax:
rsync -avz --progress /home/user/ /mnt/backup/
# With SSH to remote server (secure, offsite):
rsync -avz -e ssh /home/user/ user@backup-server:/backups/
# Automated backup script:
#!/bin/bash
DATE=$(date +%Y%m%d)
SOURCE="/home/user/"
DEST="/mnt/backup/$DATE/"
LOG="/var/log/backup.log"
rsync -avz --delete "$SOURCE" "$DEST" >> "$LOG" 2>&1
echo "Backup completed: $(date)" >> "$LOG"
# Add to crontab (runs daily at 3 AM):
crontab -e
# Add: 0 3 * * * /home/user/backup.shProtecting Backups from Ransomware
Ransomware specifically targets backup files. Your backups need to be protected too:
- Disconnect external drives after backup runs (offline = immutable)
- Use versioned backups — keep multiple historical versions, not just the latest
- Cloud immutable storage — AWS S3 Object Lock, Backblaze B2 Object Lock prevent deletion for a set period
- Separate credentials — your backup system should use different credentials than your main accounts
# Backblaze B2 Object Lock (prevents deletion for 30 days):
# During bucket creation: Enable Object Lock
# Set Retention Mode: Compliance
# Set Retention Period: 30 days
# Files cannot be deleted even if account is compromisedTesting Your Backups
A backup you’ve never tested is not a backup — it’s hope. Schedule regular restore tests:
# Monthly test: Restore a single file
# Quarterly test: Restore a folder or database
# Annually: Full system restore test (use a VM or spare machine)
# Document your restore process:
# - Where are backups stored?
# - What credentials are needed?
# - Step-by-step restore procedure
# - Who to call if you need help?
# This documentation should itself be stored offsite!Wrap Up
The 3-2-1 rule is a simple framework that protects against virtually every data loss scenario. Set it up once, automate it, and test it regularly. The 30 minutes you spend today could save days of recovery work — or irreplaceable data — in the future.