Data Backup and Recovery

No business today can afford to be offline for long--every minute your system is down will cost you in customers, dollars and reputation. You need to protect your business from accidents of all kinds, local disasters, user errors and malicious cyber-attacks.

While there are a number of ways to protect your data from attack, one of the most basic, vital, yet often over-looked methods of defense is to make sure that if the worst happens, you have a routine process in place and your data securely backed up. This is a lot like an insurance policy - you hope you never need it; you may even resent paying for it every month. But if you DO need it, you're awfully glad you have it.

Key questions to answer for your organization:

  1. What to backup? Mission critical data (sales transactions, employee information, customer contact information, HR records, data required for certifications). Ask yourself: if this data suddenly disappeared, what would happen to my organization. If the answer is, we'd be out of business, this is mission critical data that needs multiple backup solutions to ensure it's always available to you.
  2. How often you backup: Again, this depends on the kind of data you've got and how important that type of data is to your system. If you're dealing with data that could cause your organization to shut down, lose tremendous amounts of revenue, or result in legal or regulatory action, you need to ensure that data is backed up daily. Data that is less mission critical can be backed up on weekly or monthly schedules depending on how often that data changes or is updated.
  3. Who is responsible: One person in your organization needs to hold the responsibility for ensuring that your backups are completed successfully and on schedule. Otherwise, backup failure could occur for some time before someone notices. Either this person needs to be internal staff, or you need to outsource this responsibility to your IT provider.

Major types of Data Backup/Recover Systems

Data backup can come in 5 basic forms, with different levels of security and price points.


The simplest and most basic level of securing your data is to have an onsite backup system. This consists of backup hard ware (which can be tape drives, optical drives or portable disk drives that plug into a USB port on your computer/server) and the software to run the system as well.

Make sure that whatever software you choose allows you to automate the backup so you don't have to remember to make it happen every night (or on whatever schedule you want, but AT LEAST weekly). In addition, the software should send you an alert if a backup fails for any reason, so you know you need to manually reset and backup. Otherwise, you could go for months and find out the hard way that your backup system hasn't been working for a long time, and the data you can recover is too old to be very useful.

This is the bare minimum that individual computers and micro-businesses should have, and frankly, CSI believes it does not give businesses or health care organizations adequate protection and leaves you vulnerable. If for any reason the on-site system fails (and it does happen - no hardware/software is perfect), you are left with old or no data. We have seen this happen to customers and the outcome has been difficult for the organization to deal with. While recovery services are possible, there are no guarantees that your most important and vital data will be fully recovered. Our strong recommendation is that businesses and health care organizations dealing with mission critical data do not take needless chances and that they have a second line of defense as well--one of the other backup/recovery procedures detailed below.

Level 1 Off site

Instead of the backup/recovery hardware and software residing on the customer's site, the customer's data is backed up over the internet to an IT provider's server. This way, if there is any failure in the hardware, software, or backup process, your data is still protected. This is an excellent second line of defense for mission critical data and very cost effective. Like insurance, you don't realize how much its worth until you really need it. But then you're very glad you have it.

Level 2 Off Site

The IT provider provides a server at their location that "mirrors" the customer's server—it contains all the data that the customer server does, being only second/minutes behind in the data the customer's server contains because the two are in constant contact over the net. This backup and recovery solution is often referred to as High Availability Solutions and it provides almost Real Time. Bundled with this mirrored server is the Level 1 backup system, so the mirrored server is also backed up, providing full replicability to the customer in a short period of time. For example, if a fire destroyed your office (including your IT systems), this option would give you immediate access to the data you would normally have with your own server as well as the backup of data you might need.

Level 3 Cloud Backup and Recovery

An extremely cost effective method of data backup and recovery is the use of the Cloud. With this solution, the customer does not need a server, backup hardware or software, since they are "leasing" all of that equipment from their IT provider and it resides on site with their provider. Backup and Recovery is part of that bundled package. The drawback with this approach is that the customer is reliant on access to the internet. If for any reason, the net goes down, the customer's ability to conduct business and access backed up data also disappears.

Recent media reports on key cloud sites being hacked have also raised concerns about the security of data in the cloud as well. In truth, your data is more secure with an IT provider who has access to and knowledge of the latest security measures than it is on your own in-house network. While no cloud is completely secure, your IT provider can take a number of steps to ensure your data is as secure as it can possibly be, regardless of whether its location on the cloud or on your own server.

Level 4 Hybrid Cloud Backup and Recovery

As its name suggests, this is a blended backup and recovery method in which the customer keeps mission critical data/systems on its server with their own local backup and recovery systems (see Level 1), while non mission-critical applications (like email) are sourced on the IT provider's cloud. This provides some cost savings by outsourcing some applications while keeping key applications/data in house.

Call Now For a Free 30 Minute Phone Consultation

To find out what method is best to keep your mission-critical data safe and available to you no matter what emergency might strike, CSI is happy to review your systems, your current process and make recommendations for any changes if needed.

For more information on which approach would best meet your needs and budget, please contact us at 712-255-1775 or