Managed IT • Commercial Security Cameras • Cybersecurity • WiFi • Northern Michigan
833-787-2487support@northern-pc.com
Backup & Disaster Recovery

Backup & Disaster Recovery

Backups are not complete until they are monitored, protected, documented, and tested. Recovery planning matters before something goes wrong.

Recovery Is the Goal

We help businesses design backup systems that can actually restore files, servers, Microsoft 365 data, and operations when needed.

  • Local and cloud backup planning
  • Microsoft 365 backup review
  • Ransomware-aware recovery strategy

Backups Are Not Finished Until They Are Tested

Every business says it has backups. The real question is whether those backups can restore the data, systems, and operations the business needs after a failure, deletion, ransomware event, hardware problem, or account compromise.

A backup that has never been tested is not a recovery plan. It is a guess. Backup strategy should answer practical questions: what is backed up, how often, where it is stored, who receives alerts, how long data is kept, how fast recovery needs to happen, and what happens if ransomware tries to delete or encrypt the backups.

Common Backup Mistakes

  • Backing up only one computer when business data is stored in several places
  • Assuming Microsoft 365 is fully backed up by default
  • Never testing restores
  • Using the same password for backups and daily administration
  • Keeping backups permanently connected and easy for ransomware to reach
  • Not monitoring failed backup jobs
  • Not documenting where backups are stored
  • Not planning for internet speed during large restores

The 3-2-1 Backup Rule

The traditional 3-2-1 rule is still useful: keep three copies of important data, on two different storage types, with one copy off-site or isolated. The exact implementation may be different today, but the principle remains sound. Do not put all recovery options in one place.

Local Backup vs Cloud Backup

Local backup can provide faster recovery for large data sets because restoration happens over the local network. Cloud backup provides off-site protection and can be valuable if the building is damaged or local equipment is compromised. Many businesses benefit from both.

Ransomware Changes Backup Planning

Ransomware may try to encrypt or delete backups. Backup systems should be protected with separate credentials, restricted access, immutable storage where practical, monitoring, and alerts. The backup repository should not be treated like an ordinary shared folder.

Recovery Time Matters

Backup planning is not only about whether data exists. It is also about how long recovery takes. Restoring a few files is different from restoring a server, a full NAS, a Microsoft 365 mailbox, or a line-of-business application.

Businesses should identify which systems must come back first: email, accounting, front desk systems, shared files, phones, point-of-sale, cameras, or remote access.

Backups for Microsoft 365

Microsoft 365 includes retention and recovery capabilities, but it is not the same as a dedicated backup. Businesses should review Exchange Online, SharePoint, OneDrive, Teams files, retention settings, deleted item recovery, and third-party backup options.

Frequently Asked Questions

Is cloud backup enough?

Cloud backup can be useful, but the right design depends on recovery time, data size, internet speed, ransomware risk, and whether local recovery is also needed.

How often should backups be tested?

Backups should be tested regularly. A backup that has never been restored is not a proven recovery plan.

Can backups protect against ransomware?

Backups do not prevent ransomware, but properly protected backups can make recovery possible without paying attackers.

What is the 3-2-1 backup rule?

The 3-2-1 rule means keeping three copies of data, on two different types of storage, with one copy off-site or otherwise isolated.

Do Microsoft 365 files need backup?

Many businesses should consider Microsoft 365 backup for OneDrive, SharePoint, and Exchange Online, especially when long-term recovery or protection from account compromise matters.

Backup Design Questions We Review

What must come back first?

Email, accounting, front desk systems, shared files, phones, and line-of-business applications do not all have the same recovery priority.

How much downtime is acceptable?

Recovery time objective helps determine whether basic file backup is enough or whether faster recovery options are needed.

How much data can be lost?

Recovery point objective determines whether daily, hourly, or more frequent backups are appropriate.

Can ransomware reach the backups?

Backup repositories should be protected with isolation, restricted credentials, monitoring, and immutability where appropriate.

For deeper planning guidance, visit the Backup & Disaster Recovery Knowledge Center, including What Is the 3-2-1 Backup Rule?, What Is Immutable Backup?, and Ransomware Recovery Planning.

Need Help With This?

Northern Computer Services helps Northern Michigan businesses plan, secure, maintain, and recover their technology systems.