Concerned about ransomware? concerned that you don’t have sufficient backups? You need a backup solution for your small business!
Did you know that 25 per cent of companies are unable to reopen after a major disaster? And in a modern hyper-connected world, a data loss qualifies as a major disaster.
The basic rule for business data protection is that if losing the data will interfere with doing business, back it up. Desktop software programs can be reinstalled if required, but recovering the details of transactions or business correspondence is impossible if those files are lost or damaged beyond repair.
What is a Backup?
In information technology, a backup, or data backup is a copy of computer data taken and stored elsewhere so that it may be used to restore the original after a data loss event.
What is the Small Business Backup Strategy?
A small business backup strategy, along with a disaster recovery plan, constitutes the all-encompassing business continuity plan which is the blueprint for an organization to withstand a cyberattack and recover with zero-to-minimal damage to the business, reputation, and data.
What is the purpose of a Backup?
The purpose of the backup is to create a copy of data that can be recovered in the event of a primary data failure. Primary data failures can be the result of hardware or software failure, data corruption, or a human-caused event, such as a malicious attack (virus or malware), or accidental deletion of data.
What are the 3 types of Backup?
As the name suggests, this refers to the process of copying everything that is considered important and that must not be lost. This type of backup is the first copy and generally the most reliable copy, as it can normally be made without any need for additional tools.
This process requires much more care to be taken over the different phases of the backup, as it involves making copies of the files by taking into account the changes made in them since the previous backup. For example, imagine you have done a full backup. Once you’ve finished, you decide that going forward you will do incremental backups, and you then create two new files. The incremental backup will detect that all the files in the full backup remain the same, and will only make backup copies of the two newly created files. As such, the incremental backup saves time and space, as there will always be fewer files to be backed up than if you were to do a full backup. We recommend that you do not try to employ this type of small business backup strategy using manual means.
A differential backup has the same basic structure as an incremental backup—in other words, it involves making copies only of new files or of files that underwent some kind of change. However, with this backup model, all the files created since the original full backup will always be copied again. For the same reasons as with incremental backups, we recommend that differential backups are also not carried out manually.
Six ways to Backup your Data
- USB stick. Small, cheap and convenient, USB sticks are everywhere, and their portability means that they’re easy to store safely, but also pretty easy to lose
- External hard drive
- Time Machine
- Network Attached Storage
- Cloud Storage
Which Backup is Best?
If you’re performing cloud backup, incremental backups are generally a better fit because they consume fewer resources. You might start out with a full backup in the cloud and then shift to incremental backups. Mirror backup, though, is typically more of an on-premises approach and often involves disks.
How may backups should you have?
The backup rule of three is a useful concept that helps with business data backup. It came to prominence as a result of photographer Peter Krogh, who used the rule to keep his photography safe. Many people consider the backup rule of three to be best practice despite its roots in photography. The concept reminds businesses how many backup files to keep and where to store them.
The backup rule of three dictates that you should;
- Have at least three copies of your data
- Store the copies on at least two different media types
- Keep at least one of those copies offsite
Three copies of data.
Including your live environment, you should have at least three copies of your data in total. This means that in the event of a disaster you will always have additional versions. We’d recommend creating backup copies at least once every day. However, the more copies you can practically make, the better.
Two media types.
To protect against hardware failure, you should use at least two different media types. A few means of doing this include tape drives, hard drives or the cloud. It is best to ensure that you use both internal storage and a removable (or offsite) alternative. There shouldn’t be an association between the two. Therefore, should one fail, the other will be usable.
One offsite copy.
Keep one copy of your data offsite. Keep that copy separate from the rest of your data. This is to protect against the worst of disasters. For example, flooding may damage your entire business premises, rendering your onsite data storage inaccessible and irreparable.
The backup rule of three and the cloud.
The backup rule of three can be difficult to adhere to, whilst ensuring best practice. For example, removable hard drives offer an alternative media type that you can take offsite. However, it is easy to damage or lose removable hard drives.
Cloud-based backup solutions can assist in these instances. These services provide a reliable, alternative media type to local storage. The cloud utilises offsite data centres, which won’t fail because of an issue within your business. This makes data centres more reliable than other methods of keeping data secure.
If you want to adhere to the backup rule of three, the cloud is an effective means of doing so.
How do I backup my small business data?
Backup Critical Business Data
There are two steps to successful data backup;
- Identifying the critical data that needs to be backed up
- Implementing backups of the data on a regular schedule
What needs to be in a data backup? All of the files that you’ve created and/or modified should be regularly backed up. For many businesses, this includes everything from accounting files to email.
More and more business applications are available through the cloud. However, if you are using desktop (non-browser) applications, these can be reinstalled from media or downloaded, so don’t need to be backed up.
Using online backup services makes backing up your data easy – which is just one of the reasons cloud computing is ideal for small businesses. But cloud services can still be vulnerable to data loss via hacking or employee sabotage. It is not a bad idea to take occasional local backups of cloud data.
Local Data Backups
If you save your data locally (e.g. you are not using cloud storage) you can simplify your backups by keeping all the files that will need to be archived on a single drive on your computer. For instance, suppose you need to back up accounting files, word-processing documents, spreadsheets, photos, and email.
Putting Simply Accounting, Microsoft Office (including Outlook) and Paintshop Pro all on a separate drive or under a separate folder makes it easier to archive all the files you’ve created or modified using those programs. All you have to do is back up the drive or folder. Once you’ve selected the critical data to be archived, it’s a simple matter to install and use a backup software program to archive your business data on a regular schedule.
Backing up your data nightly is recommended. There are many backup software programs available that allow you to set a schedule that will automatically backup your data. Backup software that also zips and encrypts files saves disk space and increases data security.
Only keep your data backups on-site if they are stored in a fire-proof, indestructible safe. Investing in a tape drive or external hard drive and meticulously adhering to a regular data backup schedule won’t help if all your data backup copies are in one place and that place is struck by disaster. To be truly secure your backups should be stored off-site. (Cloud backup does not totally eliminate this concern but is certainly better than many physical locations.)
What should be included in a backup policy?
A backup policy sets forth the importance of data and system backups, defines the ground rules for planning, executing and validating backups and includes specific activities to ensure that critical data is backed up to secure storage media located in a secure location. This ensures that information from business applications such as Oracle, Microsoft SQL, email server databases and user files is copied to disk and/or tape to ensure data recoverability in the event of accidental data deletion, corrupted information or system disruption. The policy’s default protection scheme ensures the recoverability of servers, network components and other infrastructure devices, as well as critical applications, databases and important files.
For example, a default backup policy for all application data might be a nightly backup to tape from Monday through Friday. In this case, one set of tapes is kept on-site to facilitate local recovery and a second, duplicated set is sent off-site for storage in a secure location. Critical business data might be further protected by policies that specify more dynamic backup activities. These might specify that, in addition to nightly tape backups, point-in-time snapshots of data should be taken and replicated at frequent intervals during the business day to provide rapid, granular data and application recoverability. This is essential for disaster recovery, business continuity and information security.
Backup policies should also include the recovery point objective (RPO) metric that defines how long data should be stored — e.g., aged — before it must be backed up again. RPO values — usually a time frame such as seconds or minutes — are defined by the business systems and data owners and might be reviewed and approved by senior management. The shorter the time backed-up data is stored before it’s needed for a recovery situation, the greater the cost of backup and storage. For example, a very short RPO, such as 10 to 30 seconds, means that mission-critical data — and computer systems, VMs and other resources — must be frequently backed up, most often in real-time. This means technologies such as data mirroring and/or replication, suitable storage resources and high-speed low-latency network resources must be used to achieve RPO goals.
In general, a backup policy baseline process specifies capturing an initial full backup of data onto a disk and/or tape, followed by a series of intervening incremental or differential daily backups.
Regardless of which method is used, at a minimum, two backup copies should be maintained: one to enable on-site recovery and a second copy for vaulting to a secure off-site facility. That way, if the data centre were destroyed by a flood, fire or some other disaster, the off-site copies become the recovery resources for returning to business as usual.
Back It Up or Risk Losing It
Don’t run the risk of losing your business data. The best defence against such a disaster is proper data protection. By creating a backup system that includes archiving and backing up your business data regularly and properly, you’ll ensure that your business will be able to weather whatever storm it faces and carry on. Remember – you can never have too many data backups!
If you have some concerns or need some assistance with your backup solution for small businesses, please give us a call today and we can help you from suffering a disaster at your small business.