I am interested in
The “Search” function is not available at the moment, please try again later.
Please get in contact with us. To contact form

Backup strategy for your SME

As the shift towards digitalization continues, handling data correctly is becoming increasingly important for SMEs; a loss of data, through an IT failure, a fire or flood in the server room or a cybercrime attack, could threaten the existence of a business.

How can I protect myself and my business from ransomware?

Cyber attacks through encryption Trojans, also referred to as ransomware, are steadily increasing. In these attacks, all of the data of a business is encrypted through malware and then the hackers demand a ransom to decrypt it again. You should never pay this ransom as you would be promoting crime without any certainty of actually receiving the decryption code.

The answer lies in a well-considered backup strategy.

We will show you the measures you can take to protect your business data with a structured, comprehensive backup strategy and avoid large data losses and operational disruptions.

What is a backup?

A backup consists of digital data that are manually or automatically copied onto storage media such as an external server, a portable hard drive, a NAS (Network Attached Storage) system or magnetic tape. External cloud backup service providers can also be used for backing up data.

Advice: Check your backups at least once every six months to make sure that they work. For businesses with a high dependence on IT, shorter intervals between checks are recommended.

How often should you create a backup?

Backups should be performed daily. For additional security, a grandfather-father-son scheme (multiple backups taken at different intervals) should be applied.

In an SME with a five-day work week, a full set of backups taken under this scheme could look like this:

  • four son backups (daily from Monday to Thursday; Friday is kept as a father backup)
  • four father backups (weekly, every Friday of the month)
  • twelve grandfather backups (monthly, on the last day of every month)

Using relatively little storage space, this scheme ensures that all data are stored in the short, medium and long term and that any data lost can be restored from a previous level, at least to a large degree.

Why do we need to back up our data?

Regular backups are essential in order to get up and running as quickly as possible after an incident. The more recent the backup, the faster your business can return to normal operations.

Advice: It is advisable to simulate a disaster recovery from the backups from time to time so that you are familiar with the process and can respond efficiently and effectively in the event of a problem.

What are the legal considerations concerning backups?

To determine the security measures for the backups, you have to establish the confidentiality level of the data. This means clarifying whether certain data have to be, for example,

  • backed up separately
  • encrypted with a special password
  • subject to special rules if kept off-site

As a business, you are also legally obliged to store certain documents for a particular time period. If these documents are lost, there are legal consequences. In both instances, a well-considered customized backup/archive concept will help.

Advice: Personal data must not fall into the wrong hands. This is why backups that are kept off-site have to be encrypted.

Which backup strategy is safe and effective?

The correct backup strategy for a business depends on a number of factors. The size of the business and its budget, dependence on IT, resources, restoration time and other business-specific requirements have to be taken into consideration. Many experts recommend the 3-2-1 rule. It sets out the minimum requirements for a responsible backup strategy and can be applied to companies of almost any size and IT budget. This rule ensures that data are protected at three levels, eliminating most data loss risks.

3-2-1 backup rule

  • Keep three copies of your digital data. The first one is the version that you work with productively. The other two copies are backups.
  • Store your digital data on at least two different types of storage media (e.g. NAS and cloud).
  • Keep at least one copy of your digital data off-site (e.g. on the cloud or an offline portable hard drive in an external safe).

Who can provide you with professional assistance?

Contact your IT consultant or one of our specialist partners to implement your backup strategy.

Advice: Don't compromise when it comes to protecting your data. If you lose your data and don't have a functioning backup, the future of your business is at risk. It is advisable to approach this topic in a professional and structured way to minimize the risks as much as possible.

Specialist partners

Belsoft Infortix AG
Russenweg 26, 8008 Zürich
P: +41 44 388 13 31
E: infortix@belsoft.ch

netrics AG
Tennisweg 6, 2504 Biel
P: +41 58 531 31 31
E: info@netrics.ch

Cyber Insurance

Helvetia Cyber Insurance will complete your company's risk management as a complement to the technical and organizational measures you take. Get in touch if you are interested.