All businesses began as small businesses and are the lifeblood of our economy. With more than half of all jobs in the US provided by small companies, it is incredible that almost one-third never back up their data. 

Scary? No, it’s worse; those who did a backup have only one copy. We are in disaster-waiting-to-happen territory here.

You should NEVER EVER only have a single copy of your Backup! Say you are responsible for data backup at a small business. It is paramount that you back up your essential data regularly.

The Mnemonic

Do you remember being taught that using a mnemonic is the best way to recognize or help your brain safely store critical information? That is what you need to remember as the best practice for backups.

3-2-1-1-0

Secure Backups are as simple as 3-2-1-1-0, which I use and recommend to my clients (Actually, at our company, it is more like 6-2-2-1-0, but that is because we have to be sure we have an excellent copy of our customer’s data). This mnemonic will help you remember how to have a secure and recoverable data backup.

3 is the minimum number of data backups you must keep in addition to your local backup copy on your computer/server.

One is a local backup that immediately ensures instant access to whatever data you need back, regardless of whether it’s been deleted, overwritten, or lost. It is updated as a regular part of your backup regimen.

One is a copy stored securely off-site – one you will depend on if anything happens to your office or the equipment at your location.

  • Off-site data is safe and sound. 
  • It is updated regularly as part of your backup regimen.
  • Options include:
    • Tape-based Backup with off-site rotation
    • Cloud-based off-site Backup.

One is a “cold” or utterly offline copy of your Backup stored off-site. Ideally replaced weekly (safe deposit box, C-level home, other off-site secure location.)

  • 2 is the number of storage mediums you must keep those backups on.
  • 1 is the number of copies that are stored off-site
  • 1 is the number of copies that must be “cold” or completely offline
  • 0 is to remind you only to keep error-free verified backup copies  

By consistently adhering to the 3-2-1-1-0 rule, your organization will better navigate any extensive risks of ransomware, prevent data loss, and maintain a high level of business operation.

What to Backup

All data is considered business essential — if you can’t run your business without it – back it up. 

  • Company personnel records
    • Insurance and medical data 
    • Taxes to payroll records
    • Pension plans data
    • Training and Continuing Education data
    • Employment applications
    • Any data relates to past and current employees, etc.
  • Administration documents 
    • Sales and marketing information
    • Business plans
    • Insurance policies
    • Leases
    • Patents, etc.
  • Financial data 
    • Accounting records and financial information. 
    • Revenue records
    • Inventory records
    • Bank statements
    • Tax forms
    • Expense receipts. 
    • Any data required to meet compliance regulations 
  • Customer records
  • Intellectual Property
  • Other business-critical information 

Types of Backups

The exact type of Backup needed will depend on how much and what kind of data needs to be backed up. Several factors will all come into play, including how long since the last Backup and precisely what was backed up last time.

Backup types Include:

  • A full backup (all files, data, configs, etc.)
  • A differential backup (all additions or changes since the last full Backup)
  • An incremental backup (all additions or changes since the last full, differential, or incremental Backup)

Usually, a weekly routine will require a full backup; however, check the arrangements with your company if you are unsure. Use encryption to ensure that your business data stays safe.

Encryption

Organizations must encrypt their backups to ensure that their business data stays safe.

Encryption is an extra security measure for businesses’ backups to protect their data if it’s stolen, misplaced, or compromised.

It begins by determining which method is best for your organization by considering factors such as: 

  • Types of data stored 
  • Environment types 
    • Cloud
    • Hybrid
    • Physical 
  • Personnel and technical experience, 
  • Industry 
  • Applicable framework requirements and more

The two most common encryption types are symmetric and asymmetric.

Symmetric and asymmetric encryption are the two most common encryption types used to protect digital data.

Symmetric encryption, also known as shared secret encryption, uses the same key for both encryption and decryption. This means that the sender and receiver must have the same key to communicate securely. Symmetric encryption is faster and more efficient than asymmetric encryption, making it the preferred encryption method for large amounts of data or real-time communication.

Asymmetric encryption, also known as public-key encryption, uses two different keys for encryption and decryption: a public key and a private key. The public key is used to encrypt the data, while the private key is used to decrypt it. This means that anyone can use the public key to encrypt the data, but only the owner of the private key can decrypt it. Asymmetric encryption is slower than symmetric encryption but is more secure as it does not require the sharing of a secret key.

Overall, both symmetric and asymmetric encryption are important tools for protecting digital data. Symmetric encryption is fast and efficient, while asymmetric encryption is more secure but slower. The choice of encryption method depends on the specific needs of the user and the nature of the data being protected.

  • Symmetric Encryption: Use duplicate cryptographic keys to encrypt the plaintext and decrypt the ciphertext.
  • Asymmetric Encryption: An encryption type that utilizes public/private key pairs. The keys may be interchangeable, but they don’t have to be. It requires both keys to encrypt and decrypt the data. 

Encrypted backups have many benefits:

  • They protect your organization’s assets
  • They position your company as a trustworthy and reliable organization
  • Provide your customers with the peace of mind they deserve

When should you Backup

It is the absolute best time to back up whenever your data changes. 

Ideally, it would be best if you were using a continuous backup system.

Most backup systems back up all your data once and incrementally update any new or changed data. 

It is vital to consider if it is necessary to have a backup of your Backup. 

Many businesses create a rotation system for rotating their backups periodically, ensuring that another can take its place even if one Backup fails. 

The amount of redundancy you want or need is dictated by how much time, money, and equipment you’re willing to invest.

How to Backup

An external USB-based hard disk drive is suitable for storing backups for your small business. 

  • Understand that hard drives wear down and stop working, so don’t rely exclusively on this option. 
  • Computers with faster connections cut down backup time. (like Macs with Thunderbolt and PCs equipped with eSATA) 
  • Built-in software on Macs and Windows PCs backs up your computer’s essential data.
    • Allows for easier recovery when problems happen. 
  • There are third-party backup software options available depending on your budget and goals. 
  • Most backup software completely backs up your computer’s essential files, then periodically updates with incremental changes. 
    • Preventing your external storage from filling up right away – it only fills up as files change.
  • USB-based drives 
    • Keeping track of these can be annoying, and probably, more importantly, you need to remember to use them. 
  • Consider a Network Attached Storage (NAS) system. 
    • NAS systems live on your network, providing pooled storage everyone on the network can use. 
    • It uses the software on the computer or the NAS itself to back up the computer to the NAS. 
    • That way, everyone’s data stays backed up and in sync when connected to the network.
  • NAS devices and some large desktop drives incorporate a Redundant Array of Inexpensive Disk (RAID) storage to distribute data across multiple hard drives. 
    • RAID systems are more tolerant of failure because replacement happens without taking the entire system offline if a drive stops working. 

Are you using “the Cloud?”

For most companies today, cloud-based storage is essential. However, “the cloud” stores a vast amount of data. 

Do you use Gmail and other services to handle your email? That data is already on Google’s servers. However, that business data is only in the cloud and is considered a single point of failure. 

Microsoft manages companies’ MS 365 infrastructure. It maintains uptime for its users and provides an efficient cloud-based email platform called Exchange Online and SharePoint/OneDrive. ​​BUT BE AWARE: Retention policies aren’t backups. They only ensure that the data remains on the service. Microsoft clarifies that its primary responsibility is to develop and maintain an accessible and secure environment. So in layperson’s terms, this translates to Microsoft being only responsible for its physical and cloud infrastructure so that applications run smoothly, and it is up to the users to protect their data. 

Let’s repeat that: Microsoft 365 does not Backup your data. 

Unfortunately, it is up to you to maintain backups of all data in your MS 365, Exchange Server, OneDrive, and Sharepoint.

Verifying your Data Backups

When thinking about a data backup program, don’t forget to verify that everything works correctly.

Each Backup can only be as good as the data quality that makes up the Backup. Remember that both software and storage mediums have the potential to fail.  

So, that means testing every Backup regularly. The shorter the recovery time objective (RTO), the more critical the testing and the more often it is performed.

When trying to restore a whole server, practicing problems, you may have to overcome when you have time to document them is essential. Not when the disaster has already happened, and the boss is breathing down your neck. 

You must coordinate with the teams whose data you’re checking so you know that the files work as expected. Because the Backup software only reports bytes restores equals bytes backed up.  

That’s peace of mind for you and the people whose work you’re protecting.

Data backup verification

Different data Backup utilities perform Backup verification in different ways. 

  • Some check if all contents of the destination storage media are readable physically. It is only a procedural check to ensure you have a complete copy and that it is error-free.
  • The better way is to conduct a bit-by-bit comparison of original data and data backed up or calculate CRC checksums and compare them. 
  • The best way is to conduct a bit-by-bit comparison of original data and data backed up or calculate CRC checksums and compare them, followed by a complete restoration using the data from the Backup.

Notifications about data backups

After verification, your Backup should be able to be restored smoothly without any issues. 

Most data backup software includes this feature. It lets you ensure you have a verified backup without accessing the PC.

Manual backup verification

If notifications about task results appear questionable to you

  • Try to verify your backups manually. 
  • Pick a random file, restore it, and check if it matches the original file.
  • Or use a third-party utility to check if the medium is readable or contains read/write errors. 

Remember, a never-used backup is the best Backup. 

Getting a Routine going is as easy as remembering 3-2-1-1-0.