1300 349 195

Our Blog

Backups 101: Best Backup Strategy for Small and Medium Business

Backups 101: Best Backup Strategy for Small and Medium Business

Teng Yew Ang Teng Yew Ang
Originally published on August 18, 2019
Last updated on May 22, 2025 Post a comment

You hear it all the time. “Make sure you back up your data”.

And yes, you’ll hear it again here.

That’s because backups are important.

In fact, if you only have time to do one thing today, verify that your backups are working and up to date.

Why?

Because your business is likely to fall into one of two categories.

  • Category A: Those that have lost data, or
  • Category B: Those that will.

Data loss happens. A lot. Sometimes it's accidental. Sometimes it’s not. And other times it can be a comedy of errors - but it’s not just four misplaced clicks of your team members' mouse that can cause unintentional data loss.

There are a whole bunch of factors that can have an impact on whether your team, your data, and your business stay up and running. Or not.

Hardware failures, theft, fire, water leaks and natural disasters are some of the physical threats to your data. But there are incessant cyber threats too. And as much as you don’t like to think that your team members have any malicious intent, it’s not unheard of for relationships to go sour. Fast. Leaving your critical business data exposed and vulnerable.

But enough of the doom and gloom. Restoring your business from significant data loss is possible. Easy, almost. But only if you (or your managed IT security provider) put a good backup strategy in place for your small to medium-sized business. Oh, and you enforce it - or better yet, automate it.

Here’s how.

3-2-1: A simple backup strategy for small to medium-sized businesses

Establishing a useable and comprehensive business backup plan can be daunting. Complex. And overly technical. But it doesn’t need to be.

Sometimes the simple approach is the most effective. And the 3-2-1 backup strategy for your business doesn’t get much simpler – or more effective. Which is why it forms the core of all our comprehensive business backup solutions.

321 Diagram-min

Following the 3-2-1 backup system means you’ll have 3 copies of your data, 2 of which will be local, i.e. in your office, and 1 copy will be stored offsite in a remote location. Here’s how it looks in a little more detail.

Copy #1 (In your office)

This is your live data that your business and team members access day to day.

Copy #2 (Also in your office)

This is a backup of your live data and should be stored on a separate storage device. Common scenarios include storing this backup on a USB Drive, NAS, or local backup server.

Copy #3 (Offsite location)

This is a backup that is safely secured off-site. This means that when disaster strikes, in one of its many forms, you’ll be able to restore your data and get back to business fast.

But. There’s a but. Restoring your data from an off-site backup means you need to keep this copy up to date – all the time. Which (we know) doesn’t always happen.

Tell me If this sounds familiar:

  • Your live data sits on your server and is humming away without a problem. Perfect. That’s Copy #1.
  • And you’ve got some sort of storage device, like a NAS (also known as a smallish, boxy-looking thing, with flashing lights and a bunch of hard drives inside), which stores a backup of your live data. Great. That’s Copy #2.
  • Finally, you’ve got a USB drive plugged into this ‘boxy-looking thing’ that stores another backup of your data. Oh, and there’s a convenient little reminder in your calendar that tells you to take the USB drive offsite each night, week, or month. You never snooze. Ever. Excellent - that’s Copy #3 in the bag.

Now, if you’re reading this, thinking “Great. Nailed it. Our current backup strategy seems to meet the 3-2-1 criteria,” - because after all, you’ve got 3 copies of your data, right? Then it’s time for a little (honest) self-reflection:

  • Who is responsible for taking Copy #3 (That USB Drive) home or to a safe location each night or week?
  • When was the last time they did it?
  • Can you confirm that?
  • In fact, how old is that USB drive?
  • And when was the last time it was rotated?

The truth is, if your off-site backup isn’t off-site, not kept up to date, or not maintained, no amount of superhero IT wizardry can recover data that isn’t there in the first place.

We know prioritising the logistics of your offsite backup slips off your to-do list when you have a business to run, targets to meet, people to manage, etc. But the good news is, there’s a more convenient, automated and affordable way.

Introducing Cloud Backup Solutions for SMBs

In plain English, a cloud backup is a replication of your critical business data, which is typically stored offsite and inside a futuristic-looking and very secure vault full of storage drives and flashing lights - also known as a Datacenter.

321 Cloud Diagram-min

At its most basic level, a cloud backup works by installing the best backup software application on your servers. This software is configured to automatically - and periodically - upload an encrypted copy of your data, via your internet connection, to the data centre for safe and secure storage.

Essentially, this automated solution manages your off-site backup for you, so you don’t have to.

Advantages of Cloud Backup for Businesses

Convenient

Transitioning your off-site backup to the cloud makes the ongoing management and restoration of your data easy. Enjoyable, even. You choose how often you’d like to back up your off-site data, and the cloud does the rest.

Reliable

Get rid of the manual processes, calendar reminders and risk of human error. In short, it’s just a simple and reliable off-site backup that works.

Secure. Physically and Digitally.

Using the cloud means your data will be encrypted before it’s uploaded to a secure data centre for safe keeping.

Affordable

From data recovery and hardware to logistics and time. Managing your data can be a costly business. But it doesn’t need to be. Cloud backups leverage your existing IT equipment, so you don’t have to fork out for expensive hardware.

Automated

Enjoy the peace of mind that comes with a fully automated off-site backup solution that just works, even if you’re out of the office.

Flexible

Your cloud backup isn’t restricted by the size of your hard drives. It isn’t restricted at all. Scaling your cloud backup to meet the needs of your business is simple, quick and affordable.

What data should I back up?

Everything. I know, it’s not the specific answer you were looking for. But anything and everything that’s critical to the day-to-day running of your business should be backed up. From financial records and inventory databases to CRMs and other essential information, backing up all your data isn’t to nice-to-have.

It’s essential.

It’s easy to think, “Ah, just back up our server. That should cover it.” But think.

  • Is there a legacy database that still gets referenced?
  • Perhaps someone uses an old USB drive to retrieve information occasionally?
  • Are you using virtual servers? Do you have a backup plan in place for these?

It’s a good idea to get across the details of your backups, so you can identify any gaps in your current business backup solutions now before it's too late.

A good place to start is to spend 5 minutes writing a list of every resource that your team uses. And when you’re done, send it to your IT Partner, so they can confirm whether it is being backed up or not.

Alternatively, you can copy these 7 questions and forward them to your IT Partner, so you can get clear on:

  • Precisely what data you’re backing up
  • What are the expectations for your recovery time in the event of a disaster? and
  • To what point in time can you expect to be restored after a data failure

Oh, and whilst you’re at it. Have your IT Partner confirm the level of security of your backups. i.e. Are your data backups encrypted and at an arm’s length (ie, physically disconnected) from your operational IT systems?

If you’re using Office Solutions IT’s Cloud Backup, you can relax knowing that these boxes are ticked and should a malicious user gain access to your systems, they won’t gain access to your backup data.

Do we need to back up our software subscription data, too? (Think Office 365)

Absolutely!

If your business is using Software as a Service (SaaS) solutions, such as Microsoft Office 365, your business might be a data loss disaster waiting to happen unless you have a third-party backup strategy in place.

Keep in mind that your Microsoft 365 data (whether it be files on OneDrive, Emails in Outlook, documents in SharePoint, spreadsheets in Excel, etc.) is not stored inside your network.

It’s sitting elsewhere - on one of Microsoft's servers.

And while Microsoft maintains this infrastructure to make sure you can access it all day, every day, your data is your responsibility to maintain, not Microsoft's.

Which means it’s a single point of failure and vulnerable to data corruption and malicious activity. That is, until you apply the 3-2-1 backup system to this data, too. Which a lot of businesses forget. And if you’re in this category, consider Office Solutions IT’s Microsoft 365 Backup, so you can avoid the unnecessary risks of accidental – or intentional – data loss.

When to Back up your data

The regularity with which your backups are scheduled to run will typically be decided after a conversation with your IT Partner. This conversation would aim to determine how quickly you need to recover your data and how far back in time you can recover. Here's a template you can use that will help you work out what these timeframes are for each of your business applications.

Every business is slightly different, and as a result, your business will have different RPO and RTO requirements than others. Oh, and if your eyes just glazed over at these acronyms. Here’s what they mean.

Recovery Point Objective (RPO)

This refers to a time in the past when you will recover.

Recovery Time Objective (RTO)

This refers to the time in the future at which your business will be up and running again.

RPO vs RTO-min

In a perfect world, your business will have:

  • An RPO that means your business can recover to the very second before a disastrous data loss; and
  • An RTO, which means you’ll be back up and running in seconds.

But for most businesses, that is not physically or financially possible. The idea here, if you haven’t already done so, is to use this RPO and RTO guide to establish what your business requirements are and schedule that conversation with your IT Manager to determine an RPO and RTO that:

  • You are comfortable with for each area of your business, and
  • Sits within your business constraints.

Your data is your business; helping you to look after it, well, that's ours.

Every business is different. Different infrastructure. Different needs and different priorities. Which makes writing a generic article on backups that accounts for all the possible variations difficult.

Having said that, your business should have a comprehensive 3-2-1 backup strategy in place. And our ultimate backup guide for SMBs provides the all-important final piece of this strategy, to make it happen automatically.

If you’re aware of our proactive maintenance service, you’ll know that we routinely audit, test, update, and optimise every aspect of the IT environments we manage.

This includes analysing our historical incident data to identify issues proactively, so we can suggest modifications to improve your IT environment before they cause costly downtime.

And after a recent review of our historical incident data, we’ve seen a significant increase in the unreliability of off-site backup solutions that require the manual process of:

  • a team member having to swap tapes,
  • rotate USB drives; or
  • action those, often-neglected, notifications to take your backup drive offsite every week.

When your offsite backups are automated, you’re free to focus on looking after your customers and building your business.

There are a bunch of other benefits you’ll receive when transitioning to our new cloud backup solution. But there’s an outcome that stands head and shoulders above the rest. And that’s greater reliability and less risk for your business. Oh, and no more pesky calendar reminders either.

Frequently Asked Questions

What is the best backup strategy?

When it comes to effective data protection, the best backup strategy is one that offers comprehensive coverage against a range of potential data risks. Industry experts recommend maintaining at least three copies of your data to significantly minimize the risk of losing everything due to a single point of failure. 

The 3-2-1 backup strategy is a proven solution that ensures sufficient redundancy to recover from any failure scenario and guarantees business continuity. It involves keeping three copies of your data: two copies stored on local media and one copy stored offsite.

What is a good backup schedule?

According to best practices, full backups should be conducted weekly, bi-weekly, or monthly, depending on your organization's specific needs and data volume. When determining a backup schedule, ensure that the frequency aligns with your operational requirements and the critical nature of the data being protected.

When backing up your data, consider network congestion. Schedule backups during periods of low activity, such as weekends or overnight, to maintain the performance of your IT systems and to avoid disrupting daily business operations. 

Which backup is most efficient?

In addition to the 3-2-1 backup strategy, incremental backups are also an efficient solution. Incremental backups capture only the data that has changed since the last backup, regardless of whether that backup was full or incremental. This method is ideal for organizations looking to streamline their backup processes, as it allows them to maintain up-to-date recovery options without excessive data duplication.  

Why do we need backup?

Backups are essential for protecting your business against various disruptions and cyber threats. They serve as a critical defense against human error, hardware failures, power outages, physical damage to IT infrastructure, and malware attacks. With backups, you can recover your data and maintain business continuity even if your systems are compromised. 

Ultimately, backups help preserve the financial health of your organization by minimizing downtime and avoiding the costly consequences of data loss. Investing in a robust backup strategy can save time and money while ensuring your operations remain resilient against cyber incidents. 

What is the rule of thumb for backups?

A widely accepted rule of thumb for backups is to maintain at least three copies of your data. This practice involves multiple layers of security which acts as a safety net to ensure your data is accessible and recoverable in the event of cyber disasters. Importantly, these copies should be distributed across different storage media to protect against hardware failures or other issues that might affect any single type of storage. 

Two of these backup copies should be stored on different types of storage locations, such as external hard drives or network-attached storage (NAS). The third copy should be stored offsite, ideally in a location separate from your primary office.

You may also be interested in

Why You Need Cyber Security in Your Perth Business
Why You Need Cyber Security in Your Perth Business
What is cyber security architecture?
What is cyber security architecture?
What is Digital Forensics in Cyber Security?
What is Digital Forensics in Cyber Security?
Backing up your business: the ultimate guide for SMBs ebook cover

Backup your data before disasters strike

You might not know this but cyber disasters are inevitable no matter how secured your IT is.

So what do you do? Of course, create a backup strategy that will help you save and restore your business data.
OSIT Footer Logo

Turn that IT frown upside down

IT isn’t supposed to distract you from the important stuff. It’s supposed to enable you to do more of it, more efficiently. And that’s our sole purpose at Office Solutions IT – delivering IT support services that take care of the complex business of managing IT, so you can focus on your business. Get in touch and find out more.

Call us on 1300 349 195
Email us connect@osit.com
Schedule a call

What We Do

Recent Blog Posts

Terms & Conditions

Privacy Policy

©2025 Office Solutions IT. All Rights Reserved.