How to Protect Against Ransomware With a 3-2-1-1 Strategy

 In 2024, roughly 65 percent of financial organizations worldwide reported experiencing a ransomware attack. Ransomware protection is vital for every organization today. That’s especially true considering that ransomware payments increased 500 percent in the last year, with the average cost of recovery now a staggering $2.73 million. 

Company size doesn't matter. Ransomware attack percentages were evenly spread, ranging from 58 percent for companies with under $10 million in revenues to 72 percent for companies with more than $5 billion in revenues.

With rampant ransomware resulting in potentially devastating financial impacts, you must do everything possible to prevent attacks. However, the 2024 Verizon Data Breach Investigations Report found that 68 percent of all breaches include a non-malicious human element—errors or falling victim to privilege misuse, stolen credentials, and social engineering, such as phishing and business email compromise. These types of vulnerabilities are challenging—if not impossible—to overcome.

Unfortunately, many organizations still adhere to the outdated 3-2-1 backup rule, initially coined by photographer Peter Krogh in his book about digital asset management. That rule was a great start, but it’s no longer enough because hackers now target your backups. After all, they recognize that doing so makes it challenging, if not impossible, for you to recover. Once hackers breach your primary data or backups, they could have free rein to spread their attack across your systems. 

Protect Against Ransomware With the 3-2-1-1 Backup Strategy

Today, ransomware and data loss prevention demand  an update to the 3-2-1 backup rule: the 3-2-1-1 backup strategy:

3: Keep three copies of your data

One original and at least two copies 

2: Store your backups on two different types of media

Network-attached storage, tape, or a local drive, for example

1: Keep one copy offsite 

In the cloud or secure storage

1: Ensure one copy of your data is immutable

Why Immutability Matters

While the meaning behind the three digits of the 3-2-1 backup rule hasn’t changed, the added one makes all the difference because it stands for immutability. Immutable backups are saved in a write-once-read-many-times format that can’t be altered or deleted—even by hackers and admins. 

Using a file system based on an immutable object store—with every object written only once—means any modifications you make to your file system create new immutable objects, and there isn’t any way to reverse this immutability.

Even if hackers get their hands on compromised admin credentials and gain full access to your network, immutability makes it harder for them to delete your copies or alter the data’s state. The bottom line is that you won’t have to pay a ransom to recover your data if attacked.

Immutability in the Cloud

Arcserve also ensures immutability for cloud backup storage solutions with Arcserve Unified Data Protection (UDP) software’s Amazon S3 Object Lock support. With Object Lock, S3 Versioning is automatically enabled, and these features work together to prevent locked object versions from being permanently deleted (accidentally or intentionally) or overwritten.

Data Recovery Equals Business Continuity

Implementing the 3-2-1-1 backup strategy ensures your data is safeguarded and can always be recovered. Arcserve offers the broadest set of best-in-class solutions to manage, protect, and recover all data workloads, regardless of location or complexity. 

Arcserve solutions are cost-effective and agile, delivering scalable data protection and certainty across all data environments. With Arcserve solutions, you can count on business continuity, avoiding the high cost of ransomware and downtime.

Talk to an Arcserve Partner

Arcserve technology partners are here to help you deploy the optimal data protection strategies and solutions for your requirements. 

Find an Arcserve technology partner.

If you want to learn more about Arcserve UDP, please request a demo.