A guide to Backup & Disaster Recovery
When it comes to backup and disaster recovery in small businesses, it’s an absolute must-have. At Riverbank IT, we sometimes meet companies that are reluctant to invest in this safeguard for their business continuity and ultimately, their reputation.
The formula for backup and recovery is simple; balance the risk of data loss against the impact of downtime in your business while you get back on track. The questions are therefore how much downtime can you afford and how much data can you afford to lose? Riverbank IT founder and director, Malcolm Newdick, shares his top tips on effective back-up and recovery management.
Why ‘disaster recovery’?
Everyone ‘gets’ backup. We all believe that backups of important data are worth doing and worth paying for. Above we all believe that backups are worth automating because it’s a process that isn’t very interesting to do.
So why disaster recovery? If you’ve got a backup, surely you are covered. It’s when you do need your backup that you discover why a disaster recovery plan would have been a good idea. In the event of a failure, the one question you are guaranteed to ask is “When will it be up and running again?”. That is the question you need to answer before failure, not after. If you plan in advance how quickly you need your systems back, you will have a planned recovery, not a panic-struck recovery.
Understand your risks
A disaster, by definition, is a low-risk but high impact event. For your business it is something that will bring you to a shuddering halt, leaving you wondering what to do next, what have you lost and how can you put it back together again.
The big problem is that human beings aren’t that great at preparing for disasters. Climate change is a reasonable example, in which the threat of a global catastrophe is met with global indifference. We tend not to react to a problem until we are face-to-face with it.
While you are thinking about the loss of your planet, think about the loss of your business IT systems:
- How would that affect your business?
- How long could you be without your IT before it affected your ability to stay in business?
- Which elements of your IT are crucial? Your website and ordering system perhaps or your workshop computers?
- Do you know how long would it take you to get these systems running again?
- Are there even parts of your IT infrastructure that aren’t protected at all?
That final question brings us on to the Cloud and the assumption of many businesses that “if it’s in the cloud, it can’t go wrong”. Whilst it is true that Cloud services tend to be very reliable, that doesn’t mean it is protected.
Here are some reasons why you should consider backups of Cloud services:
- You have no protection against accidental deletion.
- You could still suffer a ransomware attack that turns your data into encrypted gibberish.
- Companies providing Cloud services could have vulnerabilities.
- Companies providing Cloud services could go bust.
Decide what you need
What you want is perfect business continuity with zero downtime. Trouble is, that would come at an enormous cost. You have to balance the scale of the risk against the scale of the cost and find a backup and disaster recovery plan that delivers what you need at a reasonable cost.
Once you have a good understanding of the risks and the threats, you need to know what options are open to you and the cost of each. In our experience, Riverbank clients often don’t know the right questions to ask. We take our clients through a ‘client conversation’ about backup and disaster recovery that leads them through the labyrinth of choices and options.
Here are some examples of the options to consider:
- Can you change your IT structure to make it simpler and cheaper to backup and to recover?
- Can you improve the resilience of your IT to make it less likely that you will suffer a disaster?
- What systems and data are critical to your organisation?
- At the other end of the scale, what old or obsolete data is your company holding?
- How much downtime can you tolerate?
- What are your budget constraints?
At the end of that process, you will have an affordable solution that will protect the essential components of your business. Most importantly, you will know in advance the answer to the question, “When will it be up and running again?”.
Test, test, test
This may sound like a no-brainer, but we often ask our SME clients when they last tested their backup systems. They, in turn, draw a blank. Your backup is only as secure as your last test, so build in a routine of regular testing.
We recommend to all our clients that we conduct an annual test recovery. This doesn’t need to be expensive or disruptive to your work, but it will deliver the peace of mind that you would be able to get back to ‘business as usual’ in the timescale that you expect.
Evolve with your business
As your business evolves, so will your IT requirements. It is easy to adopt new IT systems and forget about backup and recovery. We recommend that you review your business continuity provision annually to make sure your protection is still fit for purpose.
In the fast-changing world of technology, new options keep appearing. Right now, we’re transitioning a number of clients’ recovery processes to the cloud to make their recovery faster and more effective. For some, that could become their first step to the new world of working entirely in the cloud.