Protecting Your Data with Backups

Executive Summary

Backups are the organization’s safety net that keep operations and data recoverable. Ransomware, insider actions, and outages can corrupt or delete production data, sometimes even targeting backup copies. The result is extended downtime, costly disruption, and potential data loss. Reliable backups provide a safety net to restore systems and information to previous checkpoints. When backups are protected and dependable, incidents become recoverable events rather than crises. Multiple overlying factors create the reality that dependable backups are a cornerstone of organizational resilience.

Background

Effective backups need redundancy and tamper-resistance. This means keeping copies on different media and in different places, with controls that prevent anyone from altering or deleting them [2]. Two key ideas are immutability (a copy that cannot be changed for a set time) and offline/air-gapped copies (a copy stored where network attacks can’t reach it). Together, these safeguards ensure that even if production is compromised, you still have clean recovery points [2].

National standards require documented targets: the Recovery Time Objective (RTO) specifies the time needed to restore a system, and the Recovery Point Objective (RPO) indicates the amount of data that can be lost without compromising business continuity (the time frame between the last good backup and the incident) [3]. Clear procedures, tested steps, and named roles keep the process predictable under pressure, so teams know who does what and in what order [3]. In short, defined RTO/RPO and practiced roles turn recovery from guesswork into a precise, preplanned action.

Regular restore drills prove that backups actually work. Modern guidance emphasizes testing restores on a schedule and bringing back critical dependencies like identity services, DNS, and configuration stores in the correct order so everything functions after restoration [4]. Writing down these dependencies and practicing full restores prevents “half-restored” environments that fail at the finish line [1]. The result is confidence that you can recover end-to-end, not just files in isolation.

Impact

When backups are weak and or vulnerable, the people who feel it first are customers and possibly patients who can’t access services, followed by frontline staff and IT teams who can’t operate systems, and then finance, legal, and compliance who face revenue loss, regulatory exposure, and breach reporting. If backup copies sit next to production, can be altered, or haven’t been tested, a single attack or outage can corrupt both production data and the backups meant to save it [2]. That cascade drives longer downtime, higher costs, and the loss of critical or regulated data often exceeding the damage from the initial incident itself [4]. Reliable, isolated backups break this chain by restoring services to clear RTO and RPO targets, turning a business-halting event into a controlled recovery with limited impact.

Mitigation

Build for recoverability first. Start with a layered backup design that survives mistakes and attacks: keep three copies of your data on two different types of storage, with one copy off-site and one copy that can’t be changed for a set time. Tighten access to the backup console and turn on protections that prevent deletion or changes during your set retention window, which is the time frame on how often a backup is changed or altered [2]. Set clear recovery goals for each system, how fast you need it back, and how much data you can afford to lose. Practice is restored on a schedule, not just single-file tests, including full or physical/cloud-based restores. During drills, bring services back in the right order (identity, DNS, keys, configuration) so everything works together when it comes online [3][4]. Monitor backup jobs, keep simple logs of what succeeded or failed, and act on alerts quickly. Do spot-check restores so problems are caught early, not during a real outage. If primary tooling is unavailable, have alternatives ready, such as cloud snapshots, offline copies, or a secondary provider to reduce downtime and data loss [1][4].

Relevance

Backups are the organization’s last line of defense when prevention fails, so everyone from leadership to frontline teams needs to understand why they matter. Resilient backups turn catastrophic breaches and outages into manageable operational events. Choosing disciplined, tested backups over accepting recovery risk preserves revenue, supports compliance, and maintains customer trust and satisfaction while reducing downtime and insurance scrutiny. This shared understanding also drives clear roles and practiced drills that hold up under pressure. In short, knowing how to build and maintain dependable backups is essential to keeping the organization running no matter what goes wrong.

References

[1] Center for Internet Security (CIS). (2021). CIS Critical Security Controls v8 – Control 11: Data Recovery. https://www.cisecurity.org/controls/v8

[2] Cybersecurity and Infrastructure Security Agency (CISA). (2025, March). StopRansomware Guide. https://www.cisa.gov/sites/default/files/2025-03/StopRansomware-Guide%20508.pdf

[3] NIST. (2010, May). SP 800-34 Rev.1: Contingency Planning Guide for Federal Information Systems. U.S. Department of Commerce. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf

[4] NIST. (2016, Dec). SP 800-184: Guide for Cybersecurity Event Recovery. U.S. Department of Commerce. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-184.pdf