Everyone know backups are important, but the question is, just how important? And what exactly are you protecting your data against? The easy answer is accidental deletion or some sort of disaster at your data site, but Dimitris Krekoukias argues that certain insidious scenarios are just as important to look out for. What about a vengeful admin with complete access deleting all your primary data and backups from under your nose? Or a hacker gaining admin credentials and having complete control over all your data?
The 3-2-1 rule of 3 copies of the data on 2 different media with 1 offsite copy has been considered the standard of backup advice for a while, but maybe it’s time to rethink that. For instance, with the admin situation above, there is nothing to stop someone with that level of access from deleting everything, even if the 3-2-1 rule is followed. Because of this, flaws in the technology are not the greatest threat to your data, but rather the ever unpredictable human element.
So at the risk of being too careful, it’s time to adjust the 3-2-1 rule. Maybe you should add a fourth copy of your data at a third, more remote location? Maybe there should be a copy of the data that only the CEO can access to prevent the admin from being all-powerful? At the end of the day, it’s all up to how much time and money you want to expend for peace of mind. Start by making a list of what can realistically, and maybe even slightly beyond realistically, go wrong, and look to design your solution with that in mind.