3-2-1 Cloud Backup& Offsite Redundancy
Implement the 3-2-1 backup rule without building custom replication scripts. Upload once and Rilavek fans the stream to AWS S3 and Backblaze B2 simultaneously — creating an offsite copy as part of the upload itself.
The 3-2-1 rule, automated in three steps
Configure Two Destinations
Point a Pipe at two buckets — one hot (AWS S3) and one cold or offsite (Backblaze B2, GCS, or another AWS account).
Upload Once
Your application or partner uploads to Rilavek via SFTP, FTP, or HTTP — same as before. Nothing changes on the sender side.
Automatic Fan-out
Rilavek streams the file concurrently to both destinations. If one provider is slow or errors, the other transfer continues unaffected.
Inline redundancy vs nightly sync scripts
The critical difference is when the secondary copy comes into existence. If it only appears later, there is always a gap.
| Question | Rilavek Fan-out | Nightly Sync / Copy Jobs |
|---|---|---|
| When is the offsite copy created? | During ingestion | After a later scheduled job |
| Gap between primary and backup | No separate sync window | Always present |
| Cross-account / cross-provider isolation | Built into destination design | Possible, often more manual |
| What happens if the script breaks? | No extra replication script to maintain | Copies can silently stop |
| Auditability | Per-transfer destination visibility | Often stitched together from logs |
The 3-2-1 Rule, Automated
Security agencies recommend keeping 3 copies of data, on 2 different media, with 1 offsite. Most teams implement this as a nightly sync script that copies objects between buckets. It runs after a delay, misses files uploaded after the sync window, and breaks silently when IAM credentials rotate.
Rilavek does this at the ingestion layer. The moment a file arrives, it is simultaneously written to both destinations. There is no sync window. There is no delay. If an attacker encrypts your primary bucket at 2 AM, your offsite copy in a separate cloud account is already current.
Ransomware Defense
Ransomware encrypts everything in your primary storage account. If your secondary copy is in the same account — or accessed via the same credentials — it gets encrypted too. Rilavek writes to a separately credentialed destination, creating a true air-gapped copy at the moment of upload.
One Missing File Can Break Compliance
Many teams need demonstrable data redundancy for internal controls or external audits. A nightly sync that missed a 3 AM upload can leave an avoidable gap. With inline fan-out, redundancy is created as part of the ingestion path.
Air-gapped copy in a separate cloud account. Attackers who compromise one provider cannot reach the other.
Keep a usable copy in S3 and an archival copy in Glacier or B2 cold storage.
Do not rely on a single cloud provider. Provider outages no longer mean data unavailability.
Per-transfer logs and destination status make it easier to document how redundancy is being handled.
Common backup patterns
Most teams combine providers by recovery goal, retention need, and trust boundary.
Primary + Offsite
Keep a hot operational bucket and a second copy in a different provider or account for recovery.
Hot + Lower-Cost Cold
Preserve quick access in one destination while pushing a cheaper long-term backup to another.
Cross-Account Isolation
Separate credentials and blast radius so compromise of one cloud account does not reach the backup.
Compliance-Friendly Audit Trail
Keep transfer and destination status visible when auditors ask how redundancy is actually enforced.
What production-grade redundancy actually requires
These are the failure modes that nightly sync scripts cannot handle.
Air-Gapped Copies
Write to separate cloud accounts with separate credentials. Credential compromise in one account cannot affect the other.
Object Lock Support
Destinations supporting S3 Object Lock can be configured to make backups immutable. Ransomware cannot overwrite them.
Any S3-Compatible Storage
AWS S3, Cloudflare R2, Backblaze B2, Wasabi, or MinIO. Mix providers without writing a single replication script.
Point-in-time Audit Logs
Every file transfer is logged with sender, timestamp, size, and destination status. Demonstrate compliance on demand.
Concurrent Streaming
Fan-out happens in parallel at the byte level. Both destinations receive data at the same time, not sequentially.
Independent Failure Modes
A timeout or error on one destination does not cancel the other. Both transfers are independently managed.
What teams care about when recovery planning gets serious
Resilience is not just about having another copy. It is about independence, observability, and confidence that the copy is current when you need it.
Offsite timing
The second copy exists as part of the upload flow, not at the mercy of a later window.
Provider independence
A second ecosystem reduces shared failure and compromise paths.
Destination-level status
Know which copy succeeded and which one needs intervention.
Recovery confidence
Shorter lag windows mean less uncertainty about whether the backup is truly current.
Common questions
Does fan-out double my storage costs?
Yes. You pay for storage in each destination you write to. In many setups, teams use a primary bucket plus a lower-cost secondary destination, but the exact cost difference depends on your providers, retention policy, and transfer volume.
What happens if one destination is down during an upload?
Rilavek manages both transfers independently. If one destination returns an error, we retry that leg independently without affecting the other. You will see a per-destination status in the transfer log.
Can I use this with my existing SFTP workflow?
Yes. Existing SFTP senders do not need to change anything. You add the second destination in the Pipe configuration. The fan-out happens transparently on our side.
Does this work across different cloud providers?
Yes. You can fan-out from any source protocol to any combination of AWS S3, GCS, Azure Blob, Cloudflare R2, Backblaze B2, and any other S3-compatible storage.
Is there a file size limit for replicated files?
Large files are supported through multipart uploads. Practical limits still depend on the capabilities and object-size limits of the destinations you configure.
Stop relying on a single cloud provider.
Set up a multi-cloud backup pipeline in minutes. Configure your Pipe, add a second destination, and your files are immediately redundant.
Free plan includes 10GB of transfer. No credit card required.