A small business backup strategy is what you need if you are to survive a business disrupting cyber attack, especially one where you lose your business or customer related files!

Making backups of files is of utmost importance. If your computers or devices built-in storage media malfunctions or stops working, as most of them eventually do, how are are you going to get your lost data back?

What if you get a cyber-attack such as a common Ransom-ware attack? Are you going to pay the criminal(s) gobs of money for the slim possibility of getting your data back? No, you don’t have to if you have many backup copies to fall back on.

Physical Security Considerations Risk Assessment

The good scheme to backup your data for most very small businesses is to have at least 3 layers of backups (yes, 3!) for your desktop or laptop PCs and Macs to cover most disasters: A local simple backup on the machine, an off-site backup not located at your business, and a full on-site backup located at your business. (Note: We prioritize cloud-based off-site backups higher than on-site backups due to the ease of restoring files through cloud backup software.)

Backup media can be on all kinds of media. But please make sure you have it encrypted in case the media get’s lost or stolen!

Working backups will help you recover from many common computer issues that could arise OR from major cyber security attacks such as a ransom-ware attack!

The following won’t protect you unless have all 3 layers of backups:

  • Small Business Backup Strategy Layer 1 – Simple copies of important files
    1. Simply copy the computer files you want backed up into another folder/directory OR your files can be ‘saved as’ a different name in the same folders they reside (perhaps named like accounting.docx.bkup or accounting_bkup.docx for example).
    2. Best if done after every file save. At least do this once a day if not at every file save.
    3. Great for super quick recovery of a file.
  • Small Business Backup Strategy Layer 2 – Off-site online backups over the internet (optional)
    1. Consider cloud backup services. They will save your important documents OR your entire system(s) encrypted and store it on the internet. Then you’ll be able to restore your backups to your machine theoretically when you want. Since it’s encrypted, only you will be able to view and use your backups. Here are some internet cloud backup providers, though there are many more out there:
    2. This can be a quick and easy way to recover from partial or complete data loss due to a cyber attack or a computer “crash”, etc. It can be generally be set up to automatically update your backups so you never have to worry manually making backups. If it’s not automatically backed up as you change your files, every 24 hours is an ideal interval.
  • Layer 2.5 – Off-site physical backups (*Optional* IF you use Cloud Storage Backups, required if you don’t)
    1. Make an offsite backup of your important files or entire system that is not located on the same premises written to a removable usb stick (or other media) to be put in another safe in a trusted location off-site. But it has to be off-site in case a natural or fire disaster happens to your computers and business.
      • Like layer 1 above, instead of saving your important files locally to your computer, save them to portable storage media (like a portable usb hard drive/SSD drive, usb stick, or SD card) and place them in a safe or other locked place away from your business.
        • For this to work and be secure, you must encrypt your backup files! We use the free utility 7zip (7zip for Windows and Keka for Mac) to achieve this encryption. – guide here
        • Due to the potential inconvenience, weekly or shorter intervals are ideal, but monthly backups should be minimum.
  • Small Business Backup Strategy Layer 3 – On-Site System level backups
    1. Backup your entire computer systems to spacious removable media (like a portable usb hard drive/SSD drive, usb stick, or SD card)
      • A piece of software we’ve used has been Acronis Standard for Windows or Mac. And it can encrypt your backups too. Other backup software can be found here.
      • Windows and Mac do have their own backup utilities built in though they may lack in some features that commercial backup software above may have.
    2. Make sure your backed-up files are encrypted (and password protected, but don’t forget that password!) so no one but you can access the data on the backup (This may have been done in step 1)
    3. Then place the backup media physically into a safe after you backup to it. Best if done daily of course but weekly is acceptable for this kind of backup)
      • If you have no safe available, then place it in a lockable place like a lockable file cabinet. The theory here is as long as it’s lock out of sight and ENCRYPTED with a complex password to access, your data should be safe.
    4. You can store multiple past backups as you wish, just in case. However, remember to clear too-old of backup files to free space on your storage media.

Now if disaster happens and you have the above backup setup, you can start from the top layer of backups (layer 1) to restore your data. If that doesn’t work, work your way down the layers (to layer 2 then to layer 3, etc.) until you retrieve the data you’re looking for! That’s it. The backup plan can be quite simple if you have many backups to choose from.

For backing up mobile devices, there isn’t too much you can do other then standard backups, usually over the internet:

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only.