Ask almost any business owner whether they have backups, and the answer is yes. Ask when they last successfully restored from those backups and watched the business come back online, and the room goes quiet. That gap — between having backups and having a recovery capability — is where organizations get hurt.
A backup you've never restored is a guess. It's an assumption that the copy is complete, the media is readable, the software still works, and someone knows the steps. On an ordinary day, that assumption costs nothing. On your worst day — a ransomware event, a failed server, a flooded office — it's the only thing standing between you and a permanent loss.
Backup Is Not the Same as Recovery
These two words get used interchangeably, and that's part of the problem. A backup is a copy of your data. Recovery is the process of getting the business functioning again — data restored, systems rebuilt, applications reconnected, and people back to work. Data is only one ingredient. Recovery also depends on infrastructure, configurations, access, and a sequence of steps performed correctly under pressure.
You can have flawless backups and still fail to recover if you've never worked out how long a full restore actually takes, which systems must come back first, or who is authorized to make the call. Recovery is a capability, not a file.
Setting Targets: RTO and RPO
Two plain-language targets anchor any recovery plan. Recovery Time Objective (RTO) is how long you can afford a system to be down before the impact becomes serious — the answer to "how fast must we be back?" Recovery Point Objective (RPO) is how much data you can afford to lose, measured in time — the answer to "how much recent work can we redo?" An RPO of one hour means your backups must be recent enough that you'd never lose more than an hour of work.
These targets aren't one-size-fits-all. A billing system or line-of-business application may need an RTO of a couple hours and an RPO measured in minutes, while an archive of old files can tolerate a day or more. Setting realistic targets system by system is what turns a vague wish for "getting back up quickly" into a plan you can design and measure against.
Backup Fundamentals That Actually Matter
Before you can recover well, the underlying backups have to be sound. A few principles carry most of the weight:
- Follow 3-2-1. Keep at least three copies of your data, on two different types of media, with one copy offsite. This protects against the failure of any single device, location, or medium.
- Keep an offsite copy. A backup sitting next to the server it protects won't survive a fire, flood, or theft that takes the whole room.
- Keep an immutable or air-gapped copy. Modern ransomware actively seeks out and encrypts backups. A copy that cannot be altered or deleted for a set period — or that is disconnected entirely — is what lets you refuse to pay and restore instead.
The Part Everyone Skips: Testing
This is where good intentions go to die. Backups are configured, the dashboard shows green, and everyone moves on. But a backup job completing successfully does not prove the data is recoverable. Corruption, misconfigured scopes, and silent failures are common, and they only reveal themselves when you try to restore.
Testing comes in two forms, and you need both. Tabletop exercises walk the team through a scenario on paper — who does what, in what order, using which contacts and credentials — to expose gaps in the plan. Real restore drills actually recover data and systems into an isolated environment to confirm the backups work and to measure how long recovery truly takes against your RTO. Run both on a regular schedule, not once and never again.
A restore drill answers the only questions that matter on a bad day: does the data come back intact, does the application actually run, and how long did it take? If you can't answer those from experience, your RTO and RPO are still theories.
Don't Let Recovery Depend on One Person
Many recovery plans live in a single administrator's memory. If that person is on vacation, unreachable, or no longer with the company when disaster strikes, the plan is worthless. Document the process in clear runbooks — step-by-step instructions for restoring each critical system, including the order of operations and any dependencies. Define roles so everyone knows who declares an incident, who executes the recovery, and who communicates with staff and clients. Recovery should be a repeatable procedure, not a heroic act.
Getting all of this right — sound backups, realistic targets, immutable copies, regular testing, and documented roles — is ongoing work. That's precisely why continuity is worth managing deliberately rather than assembling piece by piece and hoping. A managed continuity program keeps the backups verified, the targets current, and the restore drills on the calendar, so that when the worst day comes, recovery is something you've already practiced.
Ready to Move From Reactive to Proactive?
Plexus helps organizations transition from reactive, break-fix IT to a managed model with real monitoring, defined SLAs, and accountability to outcomes. Schedule a complimentary discovery session — we'll review your current environment and give you an honest picture of where the exposure is.
Schedule Free Discovery