This document provides information on backup and disaster recovery strategies for business owners. It discusses the importance of regularly testing backups to ensure they are working properly. Nearly half of disaster recovery tests fail, demonstrating the need for proper testing. The document also emphasizes that having backups is not the same as having a disaster recovery plan to restore essential systems if compromised. It notes that losing data for even a short time can cost businesses thousands and risk their survival, making backup and disaster recovery strategies crucial investments.

1. WELCOME TO:
BACKUP & DISASTER RECOVERY
FOR
BUSINESS OWNERS & DIRECTORS

2. Backup
backup
/ˈbakʌp/
noun
• In information technology, a backup, or the process of backing up,
refers to the copying and archiving of computer data so it may be
used to restore the original after a data loss event

3. Data repository models
Any backup strategy starts with a concept of a data repository. The backup data needs to be
stored, and should be organised.
Different approaches have different advantages. Part of the model is the backup rotation
scheme.

4. How to store your backups
Unstructured
An unstructured repository may be CDs, DVDs or USB drives. This is the most simple form but has
the lowest success rate for data recovery.
Incremental
An incremental-style repository aims to make it more feasible to store backups from more points in
time by organising the data into increments of change.
Differential
Each differential backup saves the data that has changed since the last full backup.
Continuous
Instead of scheduling periodic backups, the system continuously logs changes on the host system.

5. Storage Media
In order of reliability, the types of storage media for your backups are:
• Optical Disks
• Tapes
• USB Disk
• Disk to Disk
• Offsite Backup
• Cloud

6. Testing your backup
When was the last time you tested your backup?
All too often testing is the missing step in the Backup Strategy.
Companies make substantial investments and spend a lot of time backing up their data only to
find the backups won't work when something goes wrong with their data storage.
According to "The Symantec Disaster Recovery Research " report, 48% of the disaster
recovery tests run by companies fail.

7. Testing – what to do
Step 1. Test your backups regularly
Step 2. Test realistically
Step 3. Test systematically
Step 4. Test everything.

8. Director’s responsibility
Gartner Group says that 43% of companies were immediately put out of business by a “major loss” of
computer records, and another 51% permanently closed their doors within two years.
As a Business Owner or Director not only do you have a moral obligation to your staff, you also have a
legal obligation under your Duty of Care.
Many companies give the role of changing, storing or transporting their data backup to someone with no
knowledge of the procedure they are carrying out.
Imagine if that data went missing and you could no longer access it. How would you do business? How
long – hours or days – could you survive without your data?
The data that is stored in your system is often worth millions of pounds, if this was physical cash would
you take more steps to protect it?

9. Disaster Recovery
The terms Backup and Disaster Recovery (DR) are often misused and misunderstood when
discussing the growing need to protect data and IT systems. As security breaches become
more commonplace it is important to understand the difference between the two.
Having a Backup strategy is not the same as having a DR strategy. In basic terms a Backup is
having a copy of your data, whilst DR is the strategy to recover your essential IT environment
in the event that it is compromised.

10. The Ugly
A large company in Yorkshire trusted that their IT Support company was backing up
their system. Recently they fell victim to Cryptovirus and spent two weeks trying to
recover their critical data and server. The last viable backup they had was from May,
meaning they lost five months’ worth of data.
The cost to this company in lost revenue was £30k-£40k.
This doesn’t take into account the time to manually input data they could only
recover from paper records, and worse the emotional impact on the staff who were
unsure about the future of the company and therefore their jobs.
This company trusted that the people they employed to look after their backup were
doing this correctly, but had not tested it themselves. The result of this was that
when they truly needed their backup it failed.

11. How expensive is BUDR?
When looking at Backup and DR it is important that a cost versus value analysis is carried out.
If we break it down by turnover versus cost of BUDR, based on 254 working days per year, we
can calculate the cost versus value as:
£1m annual turnover = £3,937 per day or £82,677 per month.
Average cost of BUDR = £23.80 per day or £500 per month
With an annual turnover of £1 million, this is 0.7% of the monthly turnover cost to secure your
business’ data.

12. How expensive is BUDR?
ANNUAL TURNOVER DAILY REVENUE
(254 WORKING DAYS)
MONTHLY REVENUE
(21 WORKING DAYS)
£1 million £3,937 £82,677
£3 million £11,811 £248,031
£5 million £19,685 £413,385
£10 million £39,370 £826,770
The average cost of BUDR is just 0.13% of a 5 million turnover company.
When hit by a major catastrophe most companies experience 10-15 days of
lost business. With the above figures and based on £1 million annual turnover,
the loss incurred would pay for advanced cloud backup for 7.5 years.

13. Secure your business
Practical steps to improve your data security:
Cyber Scams:
• Do your staff know how to spot potential cyber scams such as fake invoices, the ‘bogus boss’ scam or
emails containing Cryptolocker?
• Would your staff know what to do if hit by a cyber scam?
Backup:
• Do you know how your company backs up its data?
• When was the last time you tested your backup?
• Do you know how long your business could survive without its data?
• Do you understand the reputational damage your business could sustain from a data loss?
Disaster Recovery:
• Identify the key systems the business cannot function without
• Decide how long the business can function with each of the key systems offline
• Decide how much data the business can afford to lose (if any)
• Decide how a DR system would take over (manual/automatic)

14. Summary
• If your business is important to you, it is worth protecting it with a Backup & Disaster Recovery strategy
that you can be confident works
• Educate your staff of the latest cyber scams and types of Ransomware attacks (ask AAG for posters
for your office)
• Test your current backup
• Review your disaster recovery plan
• Implement a Responsibilities chart
• Book an independent consultation with AAG to assist with the above.
sales@aagsystems.co.uk www.facebook.com/aagsystems 0114 399 0995