Eureka! I’ve found “The Meaning of Life!” and I will share it with you now:

undefined

Don’t panic: it was only “The Meaning of Life.” It’s just the greatest insight ever known and will be known. But I have good news: like you, I always backup my data—you do backup your data, right?undefined

Oh crap.

Don’t let your small business end up like me. But according to a survey led by The Diffusion Group chances are good you might. 40 percent of small businesses don’t backup their small business data—not daily, not weekly, not monthly—not at all.

Your small business can’t afford to stall on adopting a data backup strategy; businesses that don’t backup their data are rock-climbing without ropes.

It’s true, a single data loss event causes fatal downtime: companies that aren’t able to resume operations within ten days of a data loss disaster are not likely to survive. You need to implement an effective data restoration strategy in your small business.

To successfully execute small business data backup, I’ve put together these 10 Commandments to follow:

  1. Thou shalt organize thy files
  2. Thou shalt flag important data
  3. Thou shalt backup locally
  4. Thou shalt backup off-site
  5. Thou shalt remember endpoint devices
  6. Thou shalt do thy important backups once daily
  7. Thou shalt test backups when thou art finished
  8. Thou shalt store thy backups very carefully
  9. Thou shalt automate the data backup procedure
  10. Thou shalt adopt a 3-2-1 data backup strategy

I. Thou shalt organize thy files

One of the simplest and most overlooked aspects of data backup is properly sorting, managing, and deleting files. If you don’t establish a file organization standard in your business, data restoration takes longer and requires more effort to retrieve lost files and move dislocated files to the right place.

Our Recommendation: Establish uniform file name conventions, use sub-folders or categories, and be consistent. There’s no perfect blueprint for folder structures and system directories, so create policies around what’s right for your business and users.

II. Thou shalt flag important data

Make sure you don’t backup data you don’t need, such as redundant, outdated, and trivial (ROT) data, by identifying which data needs to be backed up. This is also an opportunity to uncover your business’ “dark data,” the business data that exists without your knowledge and is of unknown value. Much of this dark data has important uses—especially for analytics—and it might not be making into your backups.

Our Recommendation: As much as 90 percent of business data does not need to be backed up. Backups take up a lot of space, and it is a bad practice to buy additional backup storage you don’t need. However, err on the side of caution and backup data that you feel is essential, or will be essential, to keeping your business running. This will vary with your industry and the types of data your organization deals with. Examples include financial records, tax forms, sales records ,customer records, and of course, files important to legal matters.

III. Thou shalt backup locally

In 2008, Jack Schofield, contributor for The Guardian and resident computer wizard, presented to the public his Second Law of Computing: data doesn’t really exist unless you have two copies of it. It’s important to have a backup of your files kept locally for easy retrieval, quick recovery from outages, and for direct control over your critical data.

Our Recommendation: Prioritize convenience when choosing your local backups. Local backup storage options include:

  • Locally on your machine: backups saved to your main internal hard drive, or on a separate internal hard drive.
  • Locally, to an external drive: backups saved to an external hard drive or USB flash drive

IV. Thou shalt backup off-site

Updating Jack Schofield’s Second Law of Computing for the modern era, I would revise it to say that data doesn’t really exist unless you have three copies of it: the copy you’re using, a local backup, and a backup kept offsite—preferably in the cloud. Offsite backups are important to provide redundancy in the event of hardware failure. They also provide catastrophe insurance to shield against acts of God (e.g. fire, flood) and theft. More recently, ransomware attacks, which lock users out of their backups along with their main files, have affirmed the need for off-site backups.

Our Recommendation: Prioritize security when choosing your off-site backups. Off-site backup options include:

  • Off-site in the cloud: backups saved to cloud directories—often managed by a third party.
  • Off-site removable storage media: backups saved to hard drives, optical storage, or tape-media preserved in vaults off-premises.

V. Thou shalt remember endpoint devices

60 percent of business data is living on endpoint devices such as desktops or laptops. End point devices should be the place of focus for where backups occur, but nearly 60 percent of businesses don’t backup endpoints.

Our Recommendation: Look to backup software with the ability to automate retention policies and procedures, as well as the flexibility to work on mobile devices. That way, end point devices can be scheduled for backup to meet legal and business compliance requirements without burdening the user, and completed wherever business travels.

VI. Thou shalt do thy important backups once daily

Your backup is only as good as the last. Often the frequency of backups is determined by how important the data is. Essential records may be backed up once or even twice daily, while less critical data may be saved to the archive on a weekly or biweekly basis.

Our Recommendation: 57 percent of IT managers have a backup solution in place, but 75 percent of them were not able to restore all of their lost data. A fresh, most up-to-date backup is most useful; commit to following a backup schedule, and be sure to backup your most important files at least once daily.

VII. Thou shalt test backups when thou art finished

Actually, your backup is only as good as the last test. 57 percent of IT managers reported having a backup solution in place, of these, 23 percent weren’t able to recover any data at all. Reasons included corrupted disk images, errors during the restoration process, or the backup procedure not working as expected.

Our Recommendation: Test your backups. Then test them again. Then after that…you see where this is going. While it is unfeasible to expect to test every backup, make sure you and your teams are familiar with your data backup procedure, backup software, and storage configurations. Schedule bimonthly data backup fire drills: a time to test and rehearse the backup procedure.

VIII. Thou shalt store thy backups very carefully

Ransomware is one of the main adversaries to data backup. Today’s ransomware is evolving to target files and directories common to store backup data. Less than 50 percent of ransomware victims fully recover their data, even with backup. Modern variants of ransomware lock users out of restore points, may target internal drives other than the main drive (typically the C: drive) and could stretch their claws to external drives that are accessible on the same network. Some ransomware can even bore into cloud drives!

Our Recommendation: Implement an air gap to evade ransomware. An air gap is an isolation technique to highly segregate a network to protect it from security threats. Put simply, ransomware can’t infect what it can’t reach; an air gap quarantines your backups by keeping them off network/off-premises, inaccessible to ransomware. An example is a hard drive or tape-based media kept offline and offsite.

IX. Thou shalt automate the data backup procedure

The ideal data backup would create itself. Human operators often neglect to do backups because it is a hassle or they forget. Properly calibrated automated backups are more precise, help to avoid missing critical files or directories, avoid saving to the wrong place, or other issues caused by human error.

Our Recommendation: Invest in backup software with an automation feature to prevent ineffective backups due to human error. It is important to note that modern backup software automation still requires human operators to schedule backups, setup preferences, and intervene in the event of errors. People must still be part of the process to ensure scheduled backups are configured correctly.

X. Thou shalt adopt a 3-2-1 data backup strategy

If I was to do it all again, I would have used a 3-2-1 data backup strategy to share with the world “The Meaning of Life.” If I could turn back the clock here is what I would have done:

3 total copies of “The Meaning of Life.doc”

  • One stored locally on my laptop for ease of access/editing/revising .
  • One stored on my external hard drive or a usb stick for convenience and redundancy.
  • One stored on an off-site storage option such as the cloud for security.

2 different types of media:

  • “The Meaning of Life.doc” is kept on my laptop’s internal hard drive.
  • “The Meaning of Life.doc” is kept also on my flash drive.

1 off-site backup:

  • “The Meaning of Life.doc” is saved in the cloud as a Google Doc to protect against destruction of my local backups.

Our Recommendation: STOP! Stop reading this article and go backup your data. Do that or flip a coin: 51 percent of companies who experienced catastrophic data loss closed within 2 years. You need to invest in data backup software and secure storage options as part of a 3-2-1 data contingency strategy in your small business.

Learn more about IT security software: