Backup & Disaster Recovery
When the problem happens, it is too late to think about backups. My job is to ensure that when that moment arrives, your business can continue operating within hours – not weeks.
A data loss incident – whether from ransomware, hardware failure, human error or fire – is one of the main causes of small-business closures. The good news: it is a fully manageable risk with the right strategy.
What this service includes
3-2-1 strategy. Three copies of your data, on two different media, with one stored off-site. This is the minimum standard I recommend and configure for all my clients.
Automated backup with Borg or Restic. Incremental, encrypted and deduplicated copies. No manual intervention, with configurable retention (daily, weekly, monthly, yearly).
Off-site copy. Encrypted synchronisation to a remote destination: a second server, a NAS in another location, or a European cloud provider (Hetzner, OVH, Nextcloud).
Specific ransomware protection. At least one immutable or network-isolated copy, so that an attack encrypting your environment cannot touch your backups.
Regular recovery testing. An untested backup is not a backup – it is wishful thinking. I schedule documented quarterly recovery tests.
Disaster Recovery Plan (DRP). A living document describing step by step what to do if the server does not start tomorrow morning. Who does what, in what order, how long it will take.
Who is this service for
Any business that depends on its data to operate: law firms, clinics, accountancy practices, architects, online retailers, manufacturers. If losing data tomorrow would mean a crisis, this service is for you.
Frequently asked questions
How long does it take to implement a complete backup system?
For a typical SME, between 1 and 3 days. This includes analysis, configuration, first full backup and documentation. Daily copies then happen fully automatically.
Where is off-site data stored?
We choose together based on your requirements. I recommend European providers subject to GDPR, with data centres in Spain, Germany or France. I never use US services for sensitive data without explicit client consent.
Can ransomware affect my backups?
Only if they are accessible from the infected system. That is why I always configure at least one isolated copy and, where possible, an immutable one (which cannot be deleted or overwritten).
What happens if the server is physically destroyed?
In that scenario, the DRP covers complete restoration on replacement hardware (borrowed, rented or new). Regular testing ensures we know exactly how long this takes.