What is Your Backup Plan? Managing Data Breach Recovery


By: Karl Bickmore, CEO, Snap Tech IT

The Capital One data breach is another astounding example of how your data can be compromised. Pile that one on top of the Equifax disaster that affected so many, and it seems that nobody in the US with a bank account or a credit card can avoid a data breach. Both individuals and businesses of all sizes are being impacted. At this point, the question to be asking isn’t what can you do to prevent it, it’s what can you when managing data breach recovery?

Don’t Let This Happen to You

Take, for example, the small to medium-size businesses (SMBs) that comprise 80% of businesses in the United States (US). Most of these organizations rely on valuable data stored in their computer systems to perform daily functions, even if it’s just simple accounting. Shockingly, most of these small businesses don’t have the proper backup or disaster recovery capabilities in place for managing data breach recovery. If they do have systems, they are often outdated and ill-used. Or worse, the business owner doesn’t have the time, inclination, or knowhow to bother with it. Instead, they focus on running their business, and hope they don’t get hit by the next data breach.

This needs to change. As a business owner, you must prioritize understanding today’s IT risks. You should be asking your IT staff or outsourced managed service provider (MSP) the difficult questions about their system risks, what the backup plan is, and what could happen in the event of a ransomware attack, a flood, a power surge that damages equipment, etc. What’s more, rather than take their MSPs word for it, you should request proof that your systems are current and ready for anything.

Sadly, many outsourced IT providers are prone to neglecting a solid back up strategy. When we, Snap Tech It, are brought in for a new client risk assessment, 9 times out of 10 the backup doesn’t work the way the client thinks it does. They say things like “but I pay for a backup every month” or “my IT provider said they would tell me if it’s not working.

Don’t let this be you. As a business owner, you need to take an active role. Your IT provider should provide regular reports showing when backups occurred and when test restores were done.

Know Your Recovery Point and Recovery Time

When thinking about your backup plan, there are two main items to consider: Your recovery point objective (RPO) and recovery time objective (RTO).

Recovery Point Objective

RPO refers to how much data is at risk if a total failure occurs and is related to how often your data is backed up. There are systems that backup every 15 minutes, every day, and once a week. You need to know what RPO is right for your business. How far can your data backup be from a failure? Would an hour of data loss be something you can handle?  A day? A week? For many SMBs, once a day is workable. However, something that runs hourly is not as expensive as it used to be. It can also be crucial to managing data breach recovery.

Recovery Time Objective

RTO refers to how long it will take to restore your data after a catastrophe. You may have a great backup that sends all your data to a secure cloud and runs every hour. However, if it takes 3 weeks to restore it all, you may have a problem. Many of the less expensive cloud-only backup systems have major issues with restore time. The backup solution we use for our customers can have you up and running with your data on a spare device in a matter of minutes. Even for a SMB, this is more affordable than ever.

Now that you understand RPO and RTO, there are a couple more things to know about your backup plan. Your backup should be transported offsite to protect your data in the event of full building destruction or a power surge that damages all your local equipment. Most businesses today automate this backup over the Internet. This is a great solution. Just make sure you receive regular reports confirming back-up success. We regularly find inconsistencies in this.

The last thing you need in backup selection criteria is the security of the solution. It should be encrypted at rest and in transit. The IT provider should be managing the access to the backup with secure passwords and regularly updating them. Many backup systems also provide some malware and ransomware prevention capabilities. We highly recommend you choose a solution that has those kinds of security features built into the product.

In Summary

  1. Be an active participant in your IT systems by working with a provider that is transparent and explains things in a way you can understand.
  2. Define your RPO
  3. Define your RTO
  4. Make sure the backup solution is secure.
  5. Hold your IT provider or IT staff accountable for regular back up reports and restore tests.


While there is much more to learn about backup protocol and even more about disaster recovery, you can relax in knowing that at the very least, if your backups are in good shape, any disaster recovery will go smoothly.

Download the Disaster Recovery Services Overview for more information.