The Basics for data backup and disaster recovery

Most businesses and organisations in the small and medium and not for profit area have very predefined ideas about backing up their data.    If they have some back up regime it is very often haphazard with little though for the data and what is required to be backed up.

Here is a quick break down of what you need to look at when thinking about backing up your data.

Types of data storage

There are 3 types of back up media in use today.

Tape backup is being slowly phased out for the following reasons: they are not the most secure, if something happens you have to have the same hardware and software on the recovery system to recover the data and storage space is limited.

With most system looking at 1TB of data including applications and operating systems purchasing tape storage and systems is very expensive.

USB storage is cheap and inexpensive and can image a complete environment with the capability to restore it or access the data at will.

Internet based backup allows for the backup of all important data to an external source depending on your locality and Internet capability.


We, as humans, will always take the easiest way forward.

Just like water going down hill we follow the path of least resistance.

When it comes to backing up the incredibly important data of a business, it is not the time to say ” she’ll be right” because I will bet you that when you say that, the worst possible scenario will present itself.

A certain level of thought has to be used to calculate and work out what data is important and what needs to be backed up.   It is all very well just backing up the data directory but there are certain applications that store their data in unexpected places.

If your business relies on something like SQL then there better be something backing up the database correctly.

Historical data

There are times when a business has to back track and gain access to data that was created 3 months, 6 months or 12 months previous.   The data may have changed or been deleted since its creation.

There maybe times when you have to restore an accounting application from 6 weeks ago because there was a major duplication of information.   These times require some level of historical data restoration.

There are a number of ways that you need to create the capability within your business for these types of emergencies.

With tapes it is relatively easy to do a quarterly tape backup and keep it off site.   This can also be achieved with both USB storage and a little with Internet based systems.

Human nature

When it comes to backing up the least human involvement, the better.   If you need someone to move a USB device or tape off site it will happen, but the will be times when it is forgotten, miss placed or lost.

The least human involvement the better makes for a secure and fully functioning system.

As long as the system is set up correctly, backup up the data then an Internet based system is the best.   The system can be configured to email you every time that the backup is completed.


For me, I recommend a back up system that does the following:

  • Does a regular backup
  • Keeps a retention level and snap shots at quarterly and annual points
  • Stores the data off site in an encrypted format
  • Report that it has backed up and
  • Can be seeded using an external storage system (USB)

Another alternative is to have a system that does an incremental 15 minute backup to an internal location but which does an external upload every 1 or 2 hours to an Internet based system.

Turn on the rapid restart – now!!!!!!

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world. 

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.