A guide to staying calm when everything hits the fan
Data backup and disaster recovery:
planning for the worst Because hoping for the best isn’t a strategy.
Imagine your office is flooded. Or your servers are hacked. Or someone in accounting accidentally deletes the entire shared folder marked “DO NOT DELETE.” What happens next? If your answer is “Well… we’d be in trouble,” then it’s time to talk about backup and disaster recovery.
These aren’t just IT buzzwords. They’re the digital equivalent of having fire extinguishers, first aid kits, and a plan to get everyone out safely when the building’s on fire. The only difference? Instead of people and furniture, you’re protecting your data — and your business’s ability to function.
What’s the difference between backup and disaster recovery?
They sound similar, but they’re not quite the same:
- Backup is about making copies of your important data and storing them safely, so you don’t lose everything when something goes wrong.
- Disaster recovery (DR) is the plan for how you’ll restore your systems, files, and operations if a major incident occurs — like a ransomware attack, server failure, or natural disaster.
Think of backup as the parachute. Disaster recovery is knowing how (and when) to pull the cord — and what to do when you hit the ground.
Why you should care (even if you’re not in IT)
Data is the lifeblood of modern business. Without it, you can’t serve customers, run operations, track finances, or even send emails.
When disaster strikes, businesses without a recovery plan typically face:
- Days (or weeks) of downtime
- Lost customer trust
- Legal or regulatory consequences
- Massive costs for recovery and investigation
- Sometimes — total shutdown
Having good backups isn’t just about files. It’s about survival.
Backups: the basics, done right
Here’s what a good backup approach looks like — and what you should ask about:
- 1. Back up everything critical
Ask: “Are we backing up all the data and systems we rely on — not just files, but email, CRM, financials, cloud data, etc.?” - 2. Store backups somewhere safe
Ask: “Are our backups stored offsite, in the cloud, or on systems isolated from our main network?
(The technical term is “air-gapped.” Think of it as your backup living in a secure bunker.) - 3. Back up often
Ask: “How frequently do we back up data — hourly, daily, weekly? Could we afford to lose a day’s work?” - 4. Test the backups
Ask: “When was the last time we tested a restore? Do we know it actually works?”
Backups are only useful if they can be restored. It’s like buying insurance and never checking if the policy covers fire.
Disaster recovery: the plan you hope you never need
Disaster recovery isn’t about guessing. It’s a documented, rehearsed plan for what to do when systems fail.
Here’s what it should cover:
- 1. Clear roles and responsibilities
Ask: “Who does what in an emergency? Who calls vendors, customers, or regulators?” - 2. Communication plan
Ask: “If email goes down, how do we talk to each other and to clients?” - 3. Alternative systems
Ask: “Do we have temporary tools to keep us operating if our main systems fail?” - 4.Recovery time targets
Ask: “How long can we afford to be offline? Do we have a Recovery Time Objective (RTO) and Recovery Point Objective (RPO)?”
“How long can we afford to be offline? Do we have a Recovery Time Objective (RTO) and Recovery Point Objective (RPO)?
Common pitfalls (and how to avoid them)
- Assuming cloud = backup
Cloud storage is convenient, but it’s not the same as proper backup — especially if you can accidentally delete files and they’re gone forever. - No regular testing
Backups that fail silently are like smoke alarms without batteries. You need to test them. - No plan for people
What if your IT manager is on holiday when disaster strikes? Make sure more than one person knows the drill.
The leadership role
You don’t need to choose the backup software or rehearse the recovery plan yourself. But your job is to make sure these questions are being asked — and answered clearly:
- Do we have a solid, tested backup system?
- Do we have a documented disaster recovery plan?
- Are the right people prepared to act if the worst happens?
And most importantly: could we keep operating — even in a limited way — if our systems failed tomorrow?
In short…
When it comes to backup and disaster recovery, “We’ll deal with it if it happens” is not a plan. That’s a gamble. And in today’s world of ransomware, hardware failures, and unexpected mishaps, it’s a gamble no business can afford. So don’t wait for disaster to strike. Ask the questions now, build the plan, and give your business the one thing that matters most in a crisis: resilience.
Because surviving the worst starts with preparing for it.
Backup & Disaster Recovery: Leadership Checklist
Backups - are we covered?
- ☐ Are we backing up all critical systems (email, CRM, financials, cloud apps)?
- ☐ Are backups stored offsite, offline, or securely in the cloud?
- ☐ Do we back up frequently enough to avoid major data loss?
- ☐ Are backups encrypted and protected from tampering?
- ☐ Do we regularly test restores to ensure backups work when needed?
Disaster recovery – are we ready?
- ☐ Do we have a documented disaster recovery plan?
- ☐ Does everyone know their roles and responsibilities during a crisis?
- ☐ Can we still communicate if systems go down (e.g., email outage)?
- ☐ Do we have temporary alternatives to keep business running?
- ☐ Do we know our Recovery Time Objective (RTO) and Recovery Point Objective (RPO) — even in plain English?
Leadership questions to ask today
- ☐ “If our systems went down tomorrow, how fast could we recover?”
- ☐ “Have we tested that plan — and do more than two people know it?”
- ☐ “Is this part of our overall business continuity and risk strategy?”
We are pleased to offer WYSE Travel Confederation members these options to increase your cybersecurity and protect your organisation’s data.