Why Reliable Data Backup is Vital for Every Business
What would happen if your business lost all its data? How much would it disrupt your operations? How long would it take to recover?
For many small to medium sized businesses (SMBs), recovery wouldn’t even be possible. Only 6% of companies without a disaster recovery plan will survive a disaster, according to research by Datto. Small businesses today must have a reliable data backup system in place, or they risk losing not just the data, but the entire business.
In this post, we address why backing up data is so important for SMBs, what files to back up and how.
A $300 million data disaster that could’ve been avoided with reliable data backup
Need proof that data loss can be devastating?
Just ask TNT Express, the European subsidiary of FedEx. The delivery company is still reeling after the global NotPetya ransomware attack locked up its data a year ago.
The company announced in June 2017 that its operations were “significantly affected” by the attack. Communications systems went down. Deliveries slowed. Online services were suspended. FedEx was even forced to halt trading of its shares on the New York Stock Exchange for roughly an hour.
A year later, the real cost of the disruption is now clear: $300 million in lost earnings.
TNT Express wasn’t the only victim. Container ship operator Maersk said the same ransomware attack could cost them $300 million as well. Reckitt Benckiser, the multinational consumer goods manufacturer, reported a loss of roughly $133 million from the attack.
‘But my business is small. Do I really need reliable data backup?’
Yes, you do.
1 in 5 small businesses are completely shut down by ransomware, according to a 2017 report by Malwarebytes. While most companies do eventually reopen their doors, the infections force them to totally stop operations when the attacks are underway.
That downtime is extremely costly.
Each hour of inactivity can cost small businesses as much as $9,000 an hour. And these costs typically snowball along with the length of the disruption.
And ransomware isn’t the only threat
Any IT person will tell you that the greatest day-to-day threat to your data isn’t usually ransomware. It’s you—the unpredictable human—and the humans around you.
Human error is typically the most common cause of corporate data loss. Files get deleted. Folders get moved. Critical data goes POOF—and nobody can remember how or when. And that’s just one example.
The top causes of data loss at SMBs include:
- Hardware and system malfunction: When a disk drive fails, or the machine powering that drive experiences fatal errors, some data is almost always lost.
- Corrupted software: Buggy, outdated, unpatched or poorly made software will greatly increase the risk of data being lost or compromised.
- Ransomware: Ransomware is designed specifically to go after your data by encrypting it. Once it’s encrypted, it’s pretty much gone. You can’t get it back unless the attackers give you the decryption key or you restore a backup.
- Malware and viruses: Beyond ransomware, there are countless other forms of malware and viruses that can wreak havoc on your systems and compromise your data.
- Human error & file deletion: Mistakes happen. Often. Accidentally deleted files hurt productivity and can have a major impact on operations when that data is business-critical.
- Theft: What if someone breaks into the office and steals your computers? If the data on those systems hasn’t been backed up to other machines, then it’s probably gone for good.
- Natural disasters and physical damage: Fire, flooding, tornados, earthquakes and other natural disasters will always pose a threat to your on-site infrastructure and data.
- Power outages and surges: When the power goes out, there’s always a risk of losing unsaved data. But also, system files are often corrupted by these sudden outages, leading to much larger amounts of unrecoverable data.
Alarming statistics on data loss
Still not convinced that data backups are important? Consider some of these stats:
- 93% of companies that experienced a data center outage for 10 or more days filed for bankruptcy within a year.
- Among companies that experience a major data loss, 43% never reopen, and among those that do, 51% go out of business within 2 years.
- 1 in 4 PC users (including SMB workers) experience data loss each year.
What data loss actually looks like
Admittedly, most businesses won’t experience a total data loss. But they don’t have to. Losing even just a few business-critical files can be catastrophic for SMBs.
Consider these scenarios for example:
- Critical applications suddenly not working
- Customer data not being available
- Important customer emails missing
- Accounting spreadsheets unable to be opened
- Order data being compromised or deleted
The list of possible scenarios is endless. Businesses today run on data. If you’re not backing it up, then you’re leaving the business at risk.
What to back up
Now that we’ve established why SMB data backups are so important, let’s focus on the what.
Should you be backing up every single file, all the time? Not necessarily. While many BC/DR gurus will argue that “everything” should be backed up, that’s not 100% true in every situation. Certain categories of data will naturally have a higher priority, depending on the business, and some data may indeed be useless.
Here are some tips on what to include in your backups, and how often:
- Exclude or deprioritize volumes that do not need to be backed up. This could be a folder for users’ personal (non-business) files. Or, for example, it could be external drives that are used for temporary and/or nonessential data.
- Use image-based backups to protect an entire system, i.e. not just your business-critical files, but also the data that runs your essential applications and operating systems. This is typically the recommended practice for most businesses, as it ensures that everything can restored after a major data loss.
- Certain folders or files can be backed up at the file level, for example, when you need to back up a database for a certain application, or a department-specific dataset, but not necessarily the application itself.
- Back up your exchange and production servers about every hour or so. Typically, these are the servers that are experiencing constant changes in data. They can include everything from email to contacts to files and folders being used throughout the organization.
- Terminal servers, which typically hold configurations that don’t change as frequently, can be backed up less frequently, i.e. once a day.
- Domain controllers, whose data is even more static (typically for security authentication requests, logging in, checking permissions, etc.) can be backed up as little as 2-3 times a week.
- Use your RPO and RTO as a guide for backup frequency. For example, if your recovery point objective is 6 hours (the age of your most recent backup), then you know that your backups should be at least every six hours. Similarly, if your recovery time objective (the goal for how quickly your business should recover after a disaster) is even shorter than 6 hours, then you’ll need to be backing up critical data even more frequently.
Today’s best data backup solutions for SMBs can perform backups as often as every five minutes—but that doesn’t mean you should.
Remember, your backup processes are just like any other server process: they use up resources and require disk input/output. Keep that in mind as you prioritize your data and set your backup schedules.
Where to keep backups
Too many small businesses are using inadequate backup methods or they’re storing their backups in vulnerable locations. Here are just a few common misconceptions among SMBs:
- “We use external hard drives on our desktops—that’s enough for our small business.” Is it? What if there’s a fire? What if the building is destroyed? What if the drives fail?
- “Our server room is safe. There’s a sprinkler system.” Really? What if the servers get wet? What if the room is flooded? What if a tornado wipes out the whole building? What if the server is infected with ransomware?
- “We use Dropbox.” Umm, okay, but what kind of data are you backing up? Will your Dropbox files restore your critical applications? Your operating systems? Your CRM data? And what if those files are infected with ransomware when they’re uploaded?
- “We have an off-site datacenter.” Good start, but what are your backup methods? Who’s managing the datacenter? What are the security protocols? What if there’s an outage? Are your backups being replicated to another site?
So where should you keep your backups?
For most SMBs, we strongly recommend a hybrid backup approach. This approach uses an on-site backup and disaster recovery device (BDR), which also sends mirrored backups to the cloud.
Why is hybrid ideal? For one, it ensures you’re not keeping all your eggs in one basket. The on-site backup gives you the fastest access to your data. The cloud backup provides extra assurance in-case the on-site BDR has been compromised.
Choosing the right backup technology
Not all SMB data backup solutions are created equal.
For small to medium sized businesses, we recommend the Datto ALTO or SIRIS backup appliances, for several reasons that we’ve already identified above. Datto uses hybrid cloud technology for greater protection of your data, combined with its Inverse Chain Technology for greater backup frequency and faster recoveries.
Datto also uses full-system image-based backups, which can be booted as virtual machines. This provides even faster access to your critical data and applications, available instantly and from virtually anywhere.
Get a free demo