Backing up data is an essential component of a proactive security strategy for any business. Without several backup copies, companies are leaving themselves open to the ever-increasing threat of ransomware. Even though properly backing up data can’t prevent ransomware attacks, it can protect businesses from losing data when victimized by malicious software.

While there are plenty of reasons why businesses should back up their data regularly, ransomware comes first to mind, especially in today’s ever-evolving threat landscape.

The malicious threat hit entities hard last year. Ransomware attacks impacted at least 966 government agencies, educational institutions and healthcare providers at a potential cost above $7.5 billion in 2019, according to a blog post published by security solutions provider Emisoft.

You don’t have to look far to know ransomware continues to be a credible threat to businesses of all sizes. Scroll through the headlines for stories about Fortune 500 companies, defense contractors, and U.S. cities that are victimized by ransomware. When data isn’t adequately protected, businesses lose money.

The role of backup in combatting ransomware
While backing up data is an essential component of an effective strategic plan for combatting ransomware, there’s often a common misconception among business leaders about the role backup plays in protecting their businesses from malicious threats.

Backup and disaster recovery (BDR) solutions can’t prevent malware from infiltrating systems and networks. While they can’t prevent attacks from occurring, they can assist businesses with restoring and safeguarding data — as long as they’re adhering to proper backup storage practices.

Ransomware can still encrypt your backups if they’re not adequately protected. That’s why at least one copy of your backups should be stored offline — in other words, not connected to your network at all — to ensure ransomware can’t encrypt it.

What the “3-2-1 backup rule” means for businesses
Many IT professionals today follow a multilayered approach called the “3-2-1 backup rule” to safeguard better client data from the variety of cybersecurity threats circulating in today’s ever-evolving threat landscape.

This popular methodology for backing up and recovering data is endorsed by not only cybersecurity experts across the country but also the United States Computer Emergency Readiness Team (US-CERT), an organization within the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency (CISA).

The 3-2-1 backup rule is relatively simple for any business owner to understand. It means every business — no matter its size — should keep at least three independent copies of its data (one primary and two backups); store its copies on at least two different types of storage media (to protect against various types of hazards), and keep at least one of its copies off-site (on a server at another location).

Following the 3-2-1 rule increases a company’s chances of recovering lost or corrupted data.

Properly backing up your data is the one of the first steps to protecting your business from ransomware attacks. Even though having several backups can’t prevent malicious software from infiltrating your systems and networks, it can help you with safeguarding your data from harm.