Fresh Thoughts #57: Backup and Disaster Recovery Are Very Different Things

One match next to the other and now also

Am I the only one to notice how everything seems to be a disaster... all the time?

Backup and Disaster Recovery Are Very Different Things

In cybersecurity, we care about disasters. Or, more accurately, protecting against them. We call it availability - one of the foundational cybersecurity concepts.

For several years I worked in the computer storage industry. And I learnt a valuable lesson which many knowledgeable, technical people still don't recognise...
Backups and disaster recovery solve two entirely different problems.


What happens when you accidentally delete a file?
Or overwrite the wrong file?
Or experience ransomware encrypting all your files?
Or a fire or flood engulfs your office building?

In all these cases, you need to go back in time to get a known good copy of your business-critical files. That's where a backup comes in.

A backup is simply a copy of a file as it was at some point in the past.
On the surface - that sounds great. And it is.

But there are some secondary issues you need to consider.

Storage Space

If you're continually saving copies of your files - the amount of storage capacity you need balloons quickly.
But it's pretty simple to solve:

  • Firstly, do you really need to store a full copy of your data? Many backup systems only keep the changes made to a file. This means you'll be able to get back to a known good place - without needing endless storage.
  • Secondly, do you need to keep data that's 10 years old? While the idea of storing backups forever may seem appealing initially, it is likely unnecessary. I can't recall when I needed to roll back a change I made to a file 6 months ago... So, focusing on what happened last week, last month or last quarter provides the protection you need.

Keep Backups Offline and Offsite

You'll notice that security certifications don't simply refer to "backups", but rather "offline and offsite backups".

In the event of a problem - a backup has no value if it is as easy to delete or encrypt as the original file. Therefore it needs to be kept - offline from the source data.

Moreover, if your backup is stored next to your computer and both are destroyed in a fire or flood, the backup effort comes to nought.

The final essential ingredient is to know that your backups work. Writing a file to a backup device is excellent, but it has no value if it can't be read back. Worse - it will give you a false sense of security.

So the final step in all backup plans is to check that the backup process and technology are working correctly.

March 14, 2023
2 Minutes Read

Related Reads

father helping son observe

Fresh Thoughts #49: How Do You Respond? OODA

This is the model I use to respond to all types of cybersecurity and business situations... OODA.

Fresh Thoughts to Your Inbox

Fresh perspectives on cybersecurity every Tuesday. Real stories, analytical insights, and a slash through buzzwords.

We'll never share your email.

Subscribe to Fresh Thoughts

Our weekly newsletter brings you cybersecurity stories and insights. The insights that help you cut through the bull.

We'll never share your email.


Fresh Security Support

Your Questions


Fresh Sec Limited

Call: +44 (0)203 9255868