A resilient backup plan is cheap, simple and built on one durable rule. Here's how to keep your data safe from failure, ransomware and disaster — and actually be able to restore it.
A backup is only real when you can restore from it. Everything else — the drives you bought, the schedule you set, the cloud sync glowing green — is just hope. The good news is that a genuinely resilient backup plan is simple, cheap, and built on one rule that has survived every shift in technology: 3-2-1.
The 3-2-1 rule says: keep 3 copies of your data, on 2 different types of media, with 1 copy kept off-site. Three copies means a single failure never leaves you with nothing. Two media types means a flaw that wipes one technology — a controller bug, a bad firmware batch, a power surge through a USB hub — cannot take both. One off-site copy means fire, flood, theft or ransomware that reaches everything in your home or office still leaves a copy beyond its blast radius.
Your working data on your computer is copy one. A local backup on an external hard drive or a NAS is copy two, on different media. An off-site copy — cloud, a rotated drive at a relative's house, or LTO tape in a deposit box — is copy three. That is the whole rule, and it has saved more data than any single product ever will.
Ransomware changed the threat model, so the rule grew. 3-2-1-1-0 adds one copy that is offline or immutable (air-gapped, so malware cannot reach and encrypt it), and zero errors on verification — meaning you have actually tested a restore and confirmed the backup is good. The air-gapped copy is where write-once optical media, tape, or a drive that is normally unplugged earns its place: an attacker who owns your network still cannot touch storage that isn't connected to it.
The most common and most painful mistake is treating one of these as if it were another. Each solves a different problem, and none of them on its own is a backup strategy.
| Tool | What it protects against | What it does NOT do |
|---|---|---|
| Backup (versioned) | Deletion, corruption, ransomware, hardware loss | Nothing — if versioned & tested it is the real safety net |
| Sync (Dropbox, etc.) | Losing a single device; sharing across machines | A deletion or encryption propagates instantly to every copy |
| RAID | A single drive dying without downtime | Accidental deletion, ransomware, fire, controller failure |
| Snapshots | Quick rollback of recent changes | Loss of the underlying array or building |
Sync mirrors mistakes. Delete a file or let ransomware encrypt it, and the sync service faithfully pushes that change to every device and the cloud. RAID is uptime, not backup. It keeps a server running when a disk fails, which is valuable, but it does nothing about the file you deleted by accident or the malware that just encrypted the whole volume. If you run an array, read our RAID explained guide — and then back the array up anyway.
Different copies want different media. Match the tier to the job and your cost per terabyte falls without sacrificing safety.
A single mirrored copy is not enough, because corruption and encryption copy themselves into the mirror. Versioning — keeping multiple historical states of each file — is what lets you roll back to the day before the problem. Set a retention policy that keeps daily versions for a few weeks, weekly for a few months, and monthly for a year or more. The classic grandfather-father-son scheme exists precisely so that slow-burning corruption discovered weeks later is still recoverable.
Ransomware survives only what it cannot reach
Modern ransomware deliberately hunts for and encrypts connected backups and mapped network drives first. The only copy you can count on is one that is offline, immutable, or held in storage with locked versioning the malware cannot overwrite. Build at least one such copy into every plan.
An untested backup is a guess. The ‘0’ in 3-2-1-1-0 is a discipline: on a schedule, actually restore something and confirm it opens. Restore a single file monthly; restore a full folder quarterly; once a year, simulate losing your main machine and rebuild from backups alone. You will discover the broken job, the expired credential, or the silently-corrupted archive while it is still an inconvenience rather than a disaster.
Automate the testing where you can — many backup tools can verify checksums after each run — but a periodic manual restore is still the gold standard, because it exercises the whole chain: the media, the software, your credentials and your own memory of how the process works. The day you need it is the worst possible time to learn that the encryption key was on the laptop that just died.
The off-site copy can be cloud or physical, and each has a clear character. Cloud backup is effortless and automatic, geographically distant by default, and ideal for the working data set you'd be devastated to lose — documents, photos, irreplaceable originals. Its weakness is cost and time at very large scale: restoring many terabytes over a home connection is slow, and ongoing fees add up. Physical off-site — a drive rotated to a relative's house, a safe-deposit box, or tape in another building — is far cheaper per terabyte for big archives and gives you a fast local restore, but depends on your discipline to rotate it. Many people use both: cloud for the precious few hundred gigabytes, physical rotation for the bulk media library.
Whichever you choose, encrypt anything sensitive before it leaves your control, and remember that a backup you can't decrypt is no backup at all — store recovery keys somewhere independent of the data they protect.
If this feels like a lot, collapse it into a routine. Pick a backup tool that does versioned, incremental backups. Point it at a local external drive or NAS for the fast copy that runs nightly. Add a second target — cloud for a smaller set, or a rotated drive for the full library — as your off-site leg. Keep one copy offline or immutable for ransomware. Then set a calendar reminder to test a restore each month. That single hour a month is the difference between “I have backups” and “I had backups.”
Pair the right drives with the right plan: bulk internal HDDs for the cheapest local copy, and tape for deep cold archive. Sort any of them by real cost per terabyte in our $/TB rankings, or compare two candidates side by side in our comparison tool.
Plug-and-play HDDs for the local and rotated-off-site copies in a 3-2-1 plan.
Compare external HDDs, internal drives and tape by real cost per terabyte — no account, no email.
Open the $/TB rankings →