Most backups aren't backups — they're hopes with a filename. The 3-2-1-1-0 rule is the professional standard for making sure your data actually survives a disaster. Here's what each number means and how to apply it without spending a fortune.
3 — Three copies
Keep three total copies of anything critical: the original plus two backups. One copy is a single point of failure; three gives you room for things to go wrong.
2 — Two different media types
Store those copies on at least two kinds of media — for example an SSD and a microSD card. Different media fail in different ways, so one bad batch or one technology's weakness won't wipe you out.
1 — One copy offsite
Keep one copy in a separate physical location. A fire, flood, or theft that takes your home shouldn't take your data with it. Offsite can mean a relative's house, a workplace drawer, or a deposit box.
1 — One copy offline (air-gapped)
Keep one copy completely disconnected from any network. Ransomware and account compromises can't reach a drive that isn't plugged in. This air-gapped copy is your last line of defence.
0 — Zero unverified backups
The number everyone skips. Every backup must be verified, not assumed. Files rot silently. Generate a checksum (a SHA-256 hash) when you create a backup, and re-check it periodically. If the hash matches, the data is intact; if it doesn't, you caught the problem before it cost you.
What to back up first
- Identity documents (passport, ID, birth certificate)
- Financial records and crypto recovery keys
- Insurance, medical, and property documents
- Irreplaceable photos and files
FAQ
Is cloud storage a backup? It can be one of your copies, but on its own it isn't enough — it's convenience, not resilience. If your data only exists on infrastructure you don't control, you don't fully own it.
What hardware do I need? An external SSD or USB drive, a microSD card, and ideally a Faraday bag for the air-gapped copy.
Build your Data layer: browse Data Storage & Faraday gear →