WORLD BACKUP DAY

Overview

Why modern data backup is essential 

World Backup Day serves as a reminder of a simple truth: only companies that proactively back up their data are prepared for data loss and theft. As attacks by cybercriminals become ever more frequent and sophisticated, data protection strategy has long since become a key factor in a company’s survival. Yet data backup alone is no longer sufficient today. A backup is not an isolated product, but an essential component of a comprehensive incident response and disaster recovery strategy.

In today’s digital world, system failures not only cost a great deal of money, but often damage a company’s reputation as well. Business processes in virtually every company now depend on IT running smoothly. Unexpected failures can lead to a real disaster if there is no comprehensive data backup solution in place. In the worst-case scenario, the very survival of the business is at risk if operations cannot be resumed quickly enough. The ability to deal with an emergency situation quickly determines the extent of financial losses and damage to reputation. This is precisely why a carefully drawn-up emergency and recovery plan is so important.

Be prepared for a wide variety of incidents

One of the most important principles when responding to incidents is an action plan that covers as many scenarios as possible. In addition to classic risks such as power cuts, hardware failures or user errors, highly specialised threats have now emerged. Modern strategies increasingly rely on AI-powered anomaly detection: today’s backup systems are capable of identifying atypical data changes – such as those occurring during the initial stages of ransomware encryption – in real time and raising the alarm before the damage becomes irreversible.

CYBER RESILIENCE THROUGH MODERN DATA BACKUP 

Reliable backups are one of the most important measures a company can take to avoid long-term damage following a data breach. If, for example, the company falls victim to a ransomware attack and all data is encrypted, high-quality backups may mean that the only risk is the loss of a few hours’ or days’ worth of data – depending on the backup frequency.

Modern ransomware variants specifically attempt to identify and encrypt or delete backups. Therefore, simple data backup is no longer sufficient. Companies need immutable backups that cannot be deleted or altered, even if admin accounts are compromised.

The gold standard is the 3-2-1-1-1 rule:

  • Create 3 copies of the data.
  • Use 2 different media.
  • Store 1 copy off-site.
  • Keep 1 copy offline (air-gapped) to prevent network access.
  • Store 1 copy in an immutable format.

The aspect of immutability is particularly crucial today. Technologies such as S3 Object Lock ensure that data is locked in an immutable state for a specified period. Even attackers with administrator rights cannot manipulate or delete these backups – an essential defence against ransomware.

BACKUP IS NOT THE SAME AS RECOVERY – WHY TIME IS THE MOST CRITICAL FACTOR 

Many companies simply assume that backups exist. The more crucial question, however, is: how quickly can we get back up and running? Two key metrics are central to this:

  • Recovery Point Objective (RPO):
    What is the maximum acceptable amount of data loss? Hours, minutes, or even just seconds?
  • Recovery Time Objective (RTO):
    How long can a system be down before the damage becomes critical?

In practice, it is often the case that whilst backups do exist, the recovery process takes too long. Whilst production stands still and customers wait, enormous financial losses are incurred. Modern strategies therefore classify systems according to their business impact. Not every application requires the same RTO. Technologies such as instant recovery or automated workflows enable business-critical applications to be restored as a priority. World Backup Day is the ideal occasion not only to check that backups exist, but also to honestly assess their speed in an emergency.

TYPES OF DATA BACKUP 

Not all backups are the same. The speed of recovery depends on the type of backup:

  • Full backups:
    These create a copy of the entire data environment. They are the quickest to restore, but require the most storage space.
  • Differential backups:
    These back up all files that have been changed since the last full backup. This saves time, but requires access to the full backup and the latest differential backup for recovery.
  • Incremental backups:
    These cover only the data that has been changed since the last backup (regardless of type). This is the most efficient method in terms of storage space.
  • Snapshot backups:
    They create point-in-time copies of the system state and enable particularly fast restores of virtual environments.

COMPLIANCE AND LEGAL REQUIREMENTS 

Data backup is no longer merely a technical decision, but a legal necessity. With the introduction of regulations such as NIS2 and DORA, companies – particularly in critical sectors such as energy, healthcare, finance and IT services – are legally required to demonstrate robust business continuity plans.

A breach of the duty of care regarding data backup can not only result in substantial fines but also entail personal liability for the management. NIS2 explicitly requires evidence of regular backup tests and documented recovery processes. A certified backup strategy therefore also serves as a safeguard against legal risks and protects management from personal consequences.

COMMON MISTAKES IN DATA BACKUP 

The frequency should always be guided by the question: How long can the company do without a specific piece of information? The biggest mistake remains the complete absence of backups or their insufficient frequency. Other critical mistakes:

  • Not creating backups
    Backups are an essential precaution. How often backups should be created depends on how important the data is.
  • Not testing backups
    In many companies, this point is simply forgotten. A backup is only useful if files can be restored from it if needed. Regular restore tests are mandatory.
  • Don't protect backup access
    If backup systems are accessible with the same login credentials as the production systems, cybercriminals can delete or encrypt backups after a compromise. Multi-factor authentication and separate permissions are essential.
  • Don't secure cloud data
    A common misconception is that cloud data is automatically protected across SaaS applications. Microsoft 365, for example, offers only limited recovery options in the event of ransomware or file corruption and does not meet the Gartner definition of backup.
  • No encryption
    Backups often contain the most sensitive company data. They must be encrypted both during transmission and at rest.
  • Lack of documentation
    It must be clearly documented who has access to the backups, how they are labelled and what recovery processes are in place. Ideally, this should not be just one person.

MTF: YOUR PARTNER FOR PROFESSIONAL DATA BACKUP 

Implementing a well-thought-out data backup system takes time and money, but it is a more than worthwhile investment in an organisation’s resilience. It is at the heart of any incident response strategy.

How is your backup strategy shaping up? Do your backups comply with the 3-2-1-1-1 rule? When was the last time you tested your backups? If you have any questions or need support with your incident response and disaster recovery strategy, please contact us. Our experienced experts will be happy to advise you.

CONTACT NOW

FAQs 

  1. Why is the classic 3-2-1 rule no longer sufficient?
    Previously, the greatest danger was technical failure or fire. Today, it's targeted cyberattacks. Modern ransomware actively searches the network for backup servers in order to delete them before the actual encryption begins. The extended 3-2-1-1-1 rule adds two crucial safeguards—air-gapping (offline copy) and immutability—which cannot be overcome even with compromised administrator access.
     
  2. Isn't my data in Microsoft 365 (Office 365) automatically backed up by Microsoft?
    A common misconception. Under the "Shared Responsibility Model," Microsoft is only responsible for the availability of the infrastructure, not for backing up your individual data. If an employee accidentally deletes data or a mailbox is encrypted, Microsoft offers very limited recovery timeframes. A dedicated third-party backup solution for SaaS applications is therefore essential.
     
  3. What legal requirements does NIS2 impose on my backup strategy?
    The NIS2 directive requires companies in critical sectors (energy, healthcare, finance, IT service providers) to have robust business continuity plans. Specifically, NIS2 requires:
    -Verifiable regular backup tests and documented recovery processes
    -Incident response plans in which backups play a central role
    -Documentation of RPO and RTO for business-critical systems
    A breach of this duty of care can not only lead to massive fines, but also result in the personal liability of management. A certified backup concept is therefore also a safeguard against legal risks.
     
  4. How can I tell if my backups have been manipulated?
    Modern backup solutions use AI-supported anomaly detection. The system learns normal behavior (data growth, change rate). If suddenly thousands of files are encrypted or deleted simultaneously, the system raises an alarm. This makes it possible to stop attacks at a very early stage and to immediately isolate infected backups.
     
  5. How often should I perform a restore test?
    A backup that hasn't been tested is effectively nonexistent in an emergency. We recommend restoring critical systems for testing purposes at least once per quarter. This should not only check whether the file exists, but also whether the application (e.g., database or ERP system) starts without errors and the data is consistent.

Also interesting 

Remotebackup

More

Microsoft365 Backup

More
Overview

Do you have Questions ?

Stephan Keller
Chief Financial Officer
+41 62 205 97 07
[email protected]