Skip to content

Did you know that as many as 39% of UK businesses experienced a cyber-attack in 2022 yet just over half acted to identify their security risks? 

With the average cost of a data breach estimated to be over £1200 (rising substantially dependent on business size), and costs to rectify a ransomware attack in the region of $1.96million, can your business ignore the risks to its data and workloads? 

Whether human error, hardware failures, natural disaster, or cybercrime, the true costs of such incidents are not only financial impacting day-to-day operations and productivity, but reputational often with legal repercussions. 

With our ever-increasing reliance on digital from customer transactions through to payroll, protecting your data and workloads needn’t be overwhelming.  

Here are three tips you can implement from today to build an effective data backup strategy, give you peace of mind and keep your business running. 

1. Identify the data you need to backup 

With 57% of SMEs in a recent EU study stating they would go out of business or bankrupt if they experienced a cyber-attack, do you know what critical data and workloads you have and what you should be protecting?  

A risk assessment and a business impact analysis will help you identify your data and those issues which could disrupt your operations. By asking the right questions, you will be far more informed to make the most appropriate decisions. 

Risk assessment example questions: 

  • What are the specific threats to your data and how would this impact your operations?  
  • How likely is it that these scenarios could occur? 
  • Potentially how severe could the damage be? 

During the risk assessment assign each answer with a score to represent the probability and the impact. 

You can carry out the business impact analysis in tandem by speaking with your staff through surveys or interviews and recording those critical business processes and resources.  

BIA questions to look at: 

  • How staff would rank the importance of certain processes 
  • Which staff do you need to aid with recovery? 
  • How long would it take the organisation to recover? 

From here you can build a comprehensive data backup plan for your backup and recovery activities for all key stakeholders. This will provide knowledge, raise awareness, and assign responsibilities. 

 2. Consider backups to the cloud 

After carrying out your risk assessment and a business impact analysis, it is time to decide how to backup your data and workloads.  

Rather than traditional expensive and often unreliable solutions such as tapes and backup software, why not consider backup to the cloud? This service offers an array of benefits: 

  • Cost-effective and flexible – no need to purchase any hardware or software upfront, or worry about maintenance costs, as you just pay a monthly fee. You can also increase or decrease the storage capacity you require dependent on your business needs. 
  • Secure – cloud backup often includes a range of multi-layered security features such as end-to-end encryption and immutable/air-gapped backups to protect your data. Brightsolid’s Backup as a Service (BaaS) solution for example offers immutable air-gapped backups that are 256-bit AES encrypted, in flight and at rest. 
  • Easy to manage –most providers will offer an easy-to-use self-service management portal that allows you and other key stakeholders to manage and monitor your backup frequency and data recovery from any location. 

3. Test your backup data frequently 

You will never know if something works if you don’t test it. This is especially true of your backup and disaster recovery capabilities with recent statistics showing that 58% of backups fail 

Your data is constantly changing and without regular testing you leave yourself in the dark, with no idea of how robust your plans are. Waiting for a real-life incident or breach to happen is certainly not the answer, it is far better to test and identify failings and gaps than assume all is okay. 

Start by building a regular testing schedule prioritising which data, workloads, systems, and applications are business critical (bearing in mind which are interdependent). Then assign clearly defined roles and responsibilities so staff understand their tasks and in parallel establish actions should backups fail during your testing process. 

Run frequent tests both on and off-site if applicable, across the identified data, workloads, systems, and applications for the duration of a full-back up as well as partial. This will show you how fast you can recover in the event of an incident and how much downtime if any you can afford. 

Take the next steps to protect your business 

Now you have seen how to protect your data and workloads why not speak to one of the Brightsolid BaaS experts to talk you through the next steps and provide you and your business with valuable support and assistance.