A computer attack, fire, theft or destruction of equipment can render inaccessible or corrupt data essential to the operation of the company. Setting up an operational backup system is the only effective countermeasure. Reminder of the main rules to follow.
Identify critical data
Backing up all company data is not useful. Only those which are important for its operation (customer data, technical data, manufacturing know-how, job descriptions, etc.) or which must be kept under legal constraints (employment contracts, invoices, etc.) must be saved.
In addition, with the proliferation of tools (laptops, tablets, smartphones, USB keys, connected objects, etc.), company data is increasingly scattered. It is therefore necessary to take a good inventory of all these tools and to identify the data they contain in order to determine whether or not they should be backed up.
Make regular backups
Backup operations should be performed regularly so that the copy is as up-to-date as possible in case it needs to be restored due to data loss, destruction, or corruption.
The backup frequency will depend on the size of the company and especially the volume of data produced each day. The latter varies mainly according to the activity of the company. Service VSEs and SMEs, whose information constitutes both their raw material and their finished product, will have to adopt a sustained backup rhythm (weekly at worst, ideally daily).
A small craftsman in the building or a restorer will be satisfied with a monthly backup operation. Operation during which it will save, at leastits quote base, its customer base, its exchanges with its private and public partners and its issuance of invoices.
A slower backup rate may be adopted for data that changes little, such as, for example, technical data or supplier sheets.
Tip: Remember the importance of having multiple copies of the original database. Thus, if a corrupted file is saved without having been detected, it will be possible to use an older backup copy to find a healthy version. For example, by making one copy per day (Monday, Tuesday, Wednesday, Thursday) and one more per week (week 1, week 2, etc.), we can go back a month with less than 10 different copies and so increase its chances of having a database in which it will be possible to find a “sound” version of all the files.
Even if the amount of data to be backed up is small, there is a risk of a problem occurring when copying it. It is therefore strongly advised to regularly (once every 6 months) restore a set of backed up files. This exercise also has the advantage of ensuring that the backup media are in good condition (the lifespan of these media rarely exceeds 5 years) and that the restoration procedure is well mastered.
Finally, among the other rules of caution to be observed, it is recommended not to leave the backup media permanently connected to the company network (to protect them from ransomware attacks), and to remember to store them in a place secured to protect them from theft and fire.
Attention to data confidentiality: the saved files, when they contain personal data, must be administered in compliance with the General Data Protection Regulations (GDPR). Their confidentiality and protection must therefore be ensured in the same way as the original data from which they are taken.
On what media?
Backups should allow quick and easy access to data. Preference will be given to media on which the information is not compressed and therefore directly readable. It is possible to make backups on external hard drives, USB keys, or by using external service providers offering online data storage spaces (cloud).