Backups – the first pillar

There are 3 pillars in Infosec which support the security of any system.

They are Prevention, Detection and Recovery. These relate directly to the well established Infosec triad of CIA or Confidentiality, Integrity and Availability. (I will go into more detail later).

Backups are the first pillar – Recovery. Recovery is key to ensuring Availability. It is also the easiest and cheapest to implement, so there is no excuse.

There are 3 simple properties to good, effective backups. It’s called the 3–2–1 rule.

• 3 copies of everything.
• 2 different types of storage media.
• 1 copy offsite.

This might sound like a lot but it’s not really as the three properties can overlap.

For example, here is a cheap and simple way to do home backups that ticks all those boxes.

1. Make a local backup of your data. To an external HDD or USB, or NAS, or home server. (That’s two copies, your original and a local backup.)
2. Use a cloud backup service like BackBlaze or Crashplan or Carbonite or even Amazon Glacier. (That’s your third copy, and second media type, and your offsite copy.)
3. That’s it!

Of course, there is more than one way to roll your own backups. Maybe optical discs are your thing. Maybe running a HDD over to your Mum’s is a good way of making your visit worthwhile. Whatever floats your boat. Just get it done.