No restore? Then your backup was useless.
A backup is not a safeguard. It is a promise. It is only fulfilled when the restoration works.
Monday morning, 8.15 am. The systems are silent. No staff member can access their data. Production has ground to a halt, customers are waiting, and the phones are ringing off the hook. Ransomware has struck – or a hard drive has simply stopped working after seven years. Whatever the cause, there’s only one question that matters now.
How quickly can you get back up and running?
Anyone who points to their backup at this moment and says, “But we’ve backed up everything” – only to realise that the last successful restore test was months ago, or never even took place – has a very costly problem. Studies show that around 60% of small and medium-sized enterprises that suffer a serious data loss close down within six months. Not because of the attack. Because of the downtime that follows.
Backup is the means. Restore is the end.
The IT industry has been discussing backup strategies, backup frequencies and backup media for decades. Yet there is far too little discussion of the truly crucial question: how long does it take for a system to be up and running again after a failure?
There are two key metrics every business should be aware of – and actively manage:
- RPO (Recovery Point Objective): How much data loss is acceptable? Will I lose the work from the last 24 hours – or the last 15 minutes?
- RTO (Recovery Time Objective): How quickly must the system be restored? In 4 hours? In 30 minutes? Immediately?
These two figures determine which backup method, which infrastructure and which storage strategy a company needs. Those who are unaware of them are making their backup decisions blindly.
Ransomware targets backups
Modern ransomware is no longer a blunt instrument. It lies in wait. It analyses the network. And it deliberately and systematically encrypts any backup systems it can access. A backup stored on a permanently connected NAS or in an unsecured cloud is no longer a backup. It is a second target for attack.
The solution to this is called Immutable Backup – immutable backup copies to which ransomware has no write access. Combined with a 3-2-1-1-0 strategy:
- 3 copies of the data
- on 2 different media
- 1 copy off-site (cloud or another location)
- 1 copy offline / air-gapped (physically separated from the network)
- 0 errors – verified by regular restore tests
The last point, 0 errors, is the most important. It is not the backup that determines your survival – but the test that proves the restore works.
| Storage medium | Brief description | Advantages | Disadvantages |
|---|---|---|---|
| External hard drive | Locally connected hard drive for data backup | Cost-effective, readily available, easy to use | Manual or only partially automated, vulnerable to theft, fire or breakdown |
| NAS (Network Attached Storage) | Centralised, network-based storage solution for businesses | Can be automated, quick access, suitable for multiple systems | Same location as the original data, investment and administrative costs |
| Tape library | Magnetic tape-based long-term storage | Extremely durable, cost-effective for large volumes of data, can be stored offline | Slow recovery, significant organisational effort |
| USB stick | Portable storage device for individual files | Very simple, portable, low initial cost | Cannot be automated, easily lost, low security, not suitable for business use |
| Cloud backup | External, internet-based data backup | Location-independent, scalable, protection against local damage | Dependence on the internet, ongoing costs, being tied to a provider |
| Hybrid backup | A combination of on-premises and cloud backup | Rapid recovery + external backup, high reliability | More complex planning, greater coordination efforts |
Restore tests aren't optional. They're mandatory.
A backup that has never been restored is merely a hypothetical scenario. Companies that take resilience seriously treat restore tests like fire drills: regular, documented and mandatory.
In concrete terms, this means:
- Regular restore tests – at least quarterly, more frequently for critical systems
- Documented results – for internal processes and compliance evidence
- Clear responsibilities – who carries out the test, who validates the result?
Those who fail to do so will only realise in an emergency that the backup has been silently failing for weeks.
What Securepoint has to say about this
In practice, we see the same pattern time and time again: companies invest in backup software, set up automated processes – and never test whether the recovery actually works. The solution does not lie in more complex technology, but in a clear strategy: backup as a means, recovery as an end.
With Securepoint’s backup solutions, companies can rely on data protection that meets precisely this requirement – automated, encrypted, with immutable backup protection against ransomware and with measurable recovery times.
Because the goal is not simply to back up data. The goal is to be back up and running within 30 minutes.
![[Translate to English:] Kevin Thomas, Ihr PR-Ansprechpartner bei Securepoint.](/fileadmin/securepoint/allgemein/geteilte_inhalte/bilder/securepoint-mitarbeiter/kevin-thomas.jpg "Kevin Thomas")