Sign in Subscribe
protect your organisation

Tip 4: Backups (and test them)

Jonathan

2 min read
The text "security tips for your organisation" on a blue/green background.To the right is a silver shield and padlock.In the background are dots linked by lines suggesting a network.
🛡️
This post is one in a collection of tips to help you protect yourself, your business, or your organisation online. The series was published from 23rd June 2025 over two weeks and you can view other posts in the series here.

Having only one copy of your data is a risk, and losing access to that data could destroy your business.  You can reduce the risk of data loss by ensuring you have backups, and you can create a simple backup easily (or spend hundreds on more complex and comprehensive solutions). Remember, it might not be an attack that removes your access - you could just have a laptop fail.  By making sure you have good, regular, backups you can protect against both hardware failures and attacks like ransomware where an attacker locks you out of your files.

🗐 Easy backup - just have another copy

Backups don’t have to be costly, and could be a simple case of copying files to a separate disk or location. If you're making copies yourself ensure this complies with your organisation's rules. The backup should be encrypted too.

🏗️ More advanced backups

More advanced backup tools often automate retention policies (how long you keep the backup), can produce incremental backups, and provide additional features. Importantly, these tools will send you a notification when the backup completes or fails, meaning you can check everything is backing up on schedule.

Keeping backups for longer gives you more opportunities to recover your data. If the backup from last week is damaged, then the backup from two weeks ago may be good enough (and is probably better than nothing).

Consider your organisation's requirements when choosing a tool, but make sure the process is easy so the backups still get done!

🏘️ Keep the backup separate & disconnected

Make sure that your backup (be that a separate disk or something more complex) is not kept with the original, otherwise a fire, flood, or theft would still destroy both copies. The backup copy shouldn't be permanently connected to ensure that if ransomware strikes the backup can't be attacked too.

Keeping the backup media (disks, tapes, etc.) in another building the organisation owns, or taken home by a trusted staff member, provides a good separation between the original data and the backup.

🧪 Test your backups 

Having a backup is great, but you need to test it - it's a bit like driving a car and checking the brakes work before a journey. What you choose to test can vary from restoring individual files to recovering whole systems, but importantly test your backups regularly and fix any problems quickly 🙂.

Banner image: Generated by Google Gemini from the prompt "Generate a new banner image. There should be a dark background with a network of nodes overlaid. A shield and a padlock should be on the right, on top of the nodes. On the left should be the text "Security tips for your organisation". That exact text should be used. Make the network nodes have a green and blue gradient."

This post was also shared via LinkedIn as post from my company, Jonco IT & Security Ltd.