Why businesses lose data — and how
There are several scenarios that lead to data loss, and all of them are common:
- Hardware failure — a hard drive has an average lifespan of 3–5 years. No warning, it fails without notice.
- Ransomware — malware that encrypts all data and demands a ransom. Attackers are sophisticated and also target backup files if they're accessible from the infected computer.
- Human error — an employee accidentally deletes a file or folder. This is the most common cause of data loss.
- Fire, flood, theft — physical destruction or disappearance of equipment holding the data.
Each of these scenarios has one solution: a good backup that has been tested and works.
The 3-2-1 rule — the gold standard of backup
IT security professionals use the 3-2-1 rule as the minimum standard:
- 3 copies of data — original data plus two backups.
- 2 different media — e.g. NAS drive and cloud, or local drive and tape.
- 1 copy at another location — off-site, ideally cloud or physically at a different address.
Why is this the minimum? Because a local backup doesn't protect against fire or theft. Cloud backup doesn't help if you have no internet connection. The combination provides security in all scenarios.
Common mistake: A company has a backup on an external drive that's permanently connected to the same computer. When ransomware infects the computer, it encrypts the backup too. Backup must be separate from the primary machine — physically or logically.
Cloud vs. local backup — what fits your needs?
| Feature | Local backup (NAS, drive) | Cloud backup |
|---|---|---|
| Recovery speed | Fast (local network) | Slow (depends on internet) |
| Protection from physical disaster | No (same location) | Yes |
| Ransomware protection | Partial | Yes (versioning) |
| Cost | One-time (hardware) | Monthly subscription |
| Capacity | Limited by hardware | Practically unlimited |
Our recommendation: a combination of local NAS (for fast recovery) and cloud backup (for disaster protection). This is the most reliable solution for companies with 5–50 employees.
How often to backup and how to test it?
Backup frequency depends on how much data you can lose without serious consequences — this is called RPO (Recovery Point Objective):
- Critical data (finances, client databases) — backup every 1–4 hours, or continuously.
- Working documents — daily backup, ideally overnight.
- Archive data — weekly or monthly backup.
Testing is just as important as making the backup. A backup you've never tested isn't a backup — it's hope. Once a month, pick a random file and try to restore it from backup. Once a year, test a full system recovery.
Conclusion
Backup isn't optional — it's a business fundamental. A company without a good backup is one failure away from a serious problem that can threaten the entire business.
If you're not sure your backup actually works, or you don't have one at all, contact us. We set up backup systems, test them, and monitor that they work correctly.