Backup Horror Stories
Regardless of who provides your IT solutions, as a business owner, you are ultimately responsible for your data.
When we've been asked to look at the existing backup arrangements for businesses we've found a set of shocking but common situations, such as
✘ Backups that have failed for long periods of time without anyone noticing, leaving clients with no backup at all
✘ Backups that are sent over insecure networks, making the data easy to intercept and read
✘ Backups where 'off-site' is the home of an employee, with no physical access controls or protection
✘ Backups where there is no 'off-site' copy of data, so a physical issue such as flood or fire would wipe out the lot
✘ Incorrect retention policies resulting in missing compliance copies of data
✘ Backups, of backups, of backups .... which is adding no value but costing a fortune
✘ Backups with inconsistencies that would prevent data restore
In fact, in recent audits, we haven't looked at any backup arrangements that we've been totally satisfied with 😢
The disconnect is large so to help set you on the right path take a look at our bare essentials checklist to assess your current backup regime against good backup practices.
The Essential System Backup Checklist
✔ Your backup is monitored, and both success and failure is reported
✔ Your system is recovered from backup, and proof of recovery is provided
✔ Your backup data is encrypted where it is stored (at rest) and when being transferred (in transport)
✔ You have an inventory of annual, monthly, weekly, daily and (if applicable) hourly and half-hourly backups
✔ You have secure offsite storage for your backups
✔ You have virtual or physical equipment reserved that you can recover to in the event of physical disaster
✔ Data within your cloud services (Office365, SalesForce, Zendesk etc) is backed up in way that you control
✔ Desktops and local devices are backed up if work is saved on them
✔ Your recovery point objective (RPO) is adequate to prevent unacceptable loss of work
✔ Your recovery time objective (RTO) is adequate to prevent unacceptable loss of productivity
RPO is the last point of work that was saved to a backup - often this is a whole day of work that could be lost.
If that would be a huge issue, you need a shorter RPO say an hour, half-hour or even a few minutes.
RTO is the period of time it takes to recover from a backup - during which your workforce is unproductive.
RTO's can vary from a few minutes to a few days, so it is important to know the RTO your backup provides.
94% of companies that experience severe data loss do not recover
51% of these companies close within two years of the data loss
43% of these companies do not reopen again
70% of small firms go out of business within a year of a large data loss incident
The consequences of data loss due to inadequate backup can be severe. If you're not sure that what you have is what you need contact Cloud Fixers for a review.