Skip to content
NeoGuard

Backup

A copy of your data stored separately from the original, allowing recovery after data loss from ransomware, hardware failure, accidental deletion, or natural disaster.

A backup is a copy of data stored independently from the original. When ransomware encrypts your files, a server fails, or someone accidentally deletes a critical folder, a backup is what lets you recover without paying a ransom or starting from scratch.

The 3-2-1 Rule

The standard backup strategy:

  • 3 copies of your data (the original plus two backups)
  • 2 different storage types (e.g., local drive and cloud)
  • 1 copy offsite or offline (unreachable by ransomware that spreads through your network)

Why Backups Fail When You Need Them

Having a backup is not the same as having a working recovery process. Common failure modes:

  • Ransomware encrypts backups too: If backups are on a network-connected drive, ransomware can reach them. Offline or immutable backups solve this.
  • Never tested: Organizations discover their backups are corrupted or incomplete only when they try to restore. Regular recovery tests are essential.
  • Too slow: Full recovery from backup can take days. Know your Recovery Time Objective (RTO) and plan accordingly.
  • Too old: If your last backup is a week old, you lose a week of work. Know your Recovery Point Objective (RPO).

Backup and Encryption

  • Encrypt your backups: If a backup is stolen or a cloud account compromised, encryption ensures the data is unreadable.
  • Protect encryption keys separately: Store backup encryption keys in a different location than the backups themselves. A password manager is a reasonable option for this.

Backup and Swiss Compliance

The nDSG requires appropriate technical measures to protect personal data. Maintaining encrypted, tested backups is considered a baseline expectation. For organizations handling particularly sensitive data (medical records, financial data), regulators expect documented backup procedures and regular recovery testing.

Practical Guidance for SMEs

  1. Cloud backup for documents and email (Microsoft 365, Google Workspace backups are not automatic: the provider protects infrastructure, not your data)
  2. Local backup for rapid recovery of critical systems
  3. Immutable/offline copy for ransomware resilience
  4. Test recovery quarterly with a documented process
  5. Monitor backup jobs so failures are caught immediately, not discovered during a crisis

Related Terms

RansomwareEncryptionEndpoint Protection