Success stories

Our customers come in all shapes and sizes.

We work with organisations from all walks of life, with different ambitions and requirements. Explore how we’ve helped them reimagine everyday, and align technology with their culture and business goals.

Data backup: are you backing up and protecting your business’s data correctly?

How does your business back up its data? There are many risks to a business’s data and not all data backup solutions are equal.

View case study >

Protecting your organisation in the cloud: disaster recovery plans

The number of businesses that have moved to the cloud has increased exponentially over the past 12 months. But have they updated their disaster recovery plans? Here's what you need to do.

View case study >

Business continuity and how to maintain it

Preparing for the unexpected is something every business needs to do. Here we look at business continuity and how that impacts on your IT systems.

View case study >

Data backup: are you backing up and protecting your business’s data correctly?

Your data is one of your business’s most important assets. Without it your business wouldn’t be unable to operate. Most companies have a disaster recovery plan in place to protect its data, however 23% of businesses have never tested their plans.

Business data is at risk from various threats, so it is important to test and reassess your disaster recovery plans regularly to limit data loss. The backbone to any disaster recovery plan is proper data backup, in this article we will discuss the risks to your business’s data and how to ensure your backups effectively support your disaster recovery plan.

What is your organisation’s current Cyber Security Posture? To understand what risks to prioritise and where your vulnerabilities are, explore the benefits of a Cyber Security Posture Assessment here >

Key risks to a business’s data

When considering the importance of data backup, first you must consider the common causes of data loss within a business. In the past, the three main risks to data were hardware malfunction, accidental deletion and natural disasters.

Hardware malfunction is when a storage device ceases to work, this is most common in disk drives where the disk or the arm fails causing data to be lost.
Human error is a common cause of data loss, this occurs when employees permanently delete or overwrite critical data.
Physical disasters are not as common, however fire, floods and other natural disasters pose a risk to on-premises and off-premises data storage locations.

Whilst these risks are remain relevant in 2021, in the past 5 years the most prominent risks to data have been cybersecurity incidents.

This includes the rise of ransomware attacks and system breaches leading to data loss. With the prevalence of these attacks, it is no longer a case of ‘if’ a business will fall victim to an attack, it is ‘when’. For this reason, businesses should have a comprehensive backup plan in place to ensure business continuity when these incidents happen.

Types of backup storage

The simplest form of backup is data backup to local disks. This is where data is regularly backed up to another drive on a PC or to an external hard drive. Although this is a fast and convenient method of backup, it offers no protection against a natural disaster, or a ransomware attack if it is stored on the local drive. Depending on the amount of data and employees, this solution is often not suitable for large environments.

One of the most common form of backup storage is data backup to NAS. A NAS or Network Attached Storage is a network device that allows all users connected to the network to access and backup their data. As data is regularly backed up it can be quickly recovered in the event of a cybersecurity incident or accidental deletion. The main downside to this data storage method is, as it is on-premises it offers no protection to natural disasters.

To overcome the risk of natural disasters, at least one copy of data should be stored off-premises. A traditional method of off-premises storage is data backup to tapes. This is where data is stored on tape devices over 100 miles away from the business location. This enables business continuity if there is a data loss incident or natural disaster at the business location, however the time to recover is increased as the tapes need to be collected or shipped from the off-premises storage location.

The modern equivalent of tape storage is data backup to cloud storage. This has all the benefits of tape storage but can be quickly accessed to avoid downtime within a business. It is also a more flexible solution as it does not require any additional infrastructure within a business.

Data backup best practices

The traditional backup best practice is the 3-2-1 rule. This states that business should keep 3 copies of all data, this includes one primary copy and at least 2 backups, copies of data should be on at least 2 types of storage and 1 copy of the data should be stored off-premises. Although this method is still effective, with businesses undergoing a digital transformation, the advent of cloud technologies and the ever-evolving cyber security threat landscape, this rule is being superseded by the 3-2-2 rule.

The 3-2-2 rule states that a business should keep 3 copies of all data, one primary, a synced version through One Drive for Business and a cloud copy. The data should be stored on 2 different clouds. This means that the data is stored in 2 off-premises locations for maximum redundancy. Moving to this rule allows for faster recovery from a data loss incident and easy access of all necessary data, regardless of where employees are working.

Backup software solutions

For a business to ensure that backups are completed regularly and effectively, a software solution should be in place to limit downtime after an incident and ensure business continuity. Look for solutions that combine backup, recovery, protection management and cyber security. Full-image and file-level backups should be completed regularly and stored in the cloud or on a NAS. Data backup solutions that deploy cyber security tools like AI-based behavioural detection for zero-day attack prevention and built in ransomware recovery, gives you an additional level of protection from cyber threats too.

To find out more about data backup and how to protect your business from cyber security threats, speak to our team >

Protecting your organisation in the cloud: disaster recovery plans

According to the Cloud Industry Forum, 88% of businesses in the UK are actively using cloud services, and that figure was based on activity pre-pandemic. With COVID-19 still forcing thousands of businesses to operate either remotely or with flexibility, it’s highly probable that the number of those relying on the cloud is already even greater than the statistic suggest.

If your business is one of those, or about to begin using cloud computing, there’s one question that you should be asking yourself in relation to protection. And not just at the outset. This question needs to be asked on a regular basis. Is everything in the cloud automatically protected? On the face of it, at least, it appears simple to answer. There are so many advantages to cloud computing, not least its physical security, that the most obvious response is yes. And, to a large extent, that’s correct. But it’s not quite that straight-forward.

For example, what do you do when the unexpected happens? A recent serious fire in the French city of Strasbourg, on a site operated by cloud firm OVH, resulted in the loss of data and service outages across Europe. Not all its data centres were affected by the fire, but OVH had to switch off every single one of its servers and recommended to its customers that they activate their Disaster Recovery Plans. OVH went on to add: “We ask that our customers exercise caution around the emails they receive: in times of crisis, it is common for malicious activity (phishing, spam, etc.) to increase. It is more important than ever to stay alert.”

Aligning your Disaster Recovery Plan with the cloud

How many businesses using the cloud have a Disaster Recovery Plan in place? And of those that do, how many are testing it regularly? At present, the data isn’t available to answer these important questions but what you can be certain of is that any UK business – of any size – could be derailed by a fire at a French data centre. The safest way to work through a situation like this to have a carefully architected cloud solution in place.

Data is likely to be your most valuable asset, as it is for most modern-day companies. Any loss of data, or loss of access to it by something like a fire, can cause immediate and sometimes permanent harm to your reputation, yield and efficiency. You can’t prevent the unexpected from happening, but you can be ready for it if it does. That’s where a Disaster Recovery Plan comes in. If the worst really does happen, how quickly and efficiently you recover will be largely down to what you’ve planned and tested for.

In the past, traditional disaster recovery involved establishing a remote site away from your business where protection protocols, often laborious and time-consuming, had to be tested and maintained manually. With the cloud, of course, that’s no longer the case. It’s a lot quicker, takes up much less of your time, but it still requires careful planning and testing. If your organisation is currently moving to the cloud, or is already cloud computing but would like to revisit or prepare a Disaster Recovery Plan, we can help you uncover the best solutions for you. Don’t let someone else’s disaster become yours too.

For help with a Disaster Recovery Plan, please get in touch >

Business continuity and how to maintain it

Cyber threats account for some of the most serious and prolific risks against SMEs, many of which can cripple a company that isn’t sufficiently protected. For many companies, it’s worth asking: can our IT department protect us? And if not, are we prepared in the event of an unexpected disaster that prevents us operating as normal?

However, cyber attack is not the only risk to business continuity. Power outages, adverse weather, terrorism and a host of other unforeseeable incidents can result in IT systems being unavailable, or inaccessible.

Preparing for the unexpected is something every business should do at least once a year (or more frequently, if you operate a high-risk business and the HSE recommends greater precautions are taken).

Business continuity planning

Business continuity planning is defined as: “A holistic management process that identifies potential impacts that threaten an organisation and provides a framework for building resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.”

Without continuity planning, companies can go out of business. Over 40% of those affected by the 1996 IRA Manchester bombing went under, never to return.

Maintaining IT systems in the event of a disaster is mission-critical. Without phone lines, email, computers – ways for the team to communicate and keep in contact with customers – a shutdown could cause prolonged damage to a business.

Are your IT systems resilient enough?

Business continuity planning is a different exercise for companies with on-site IT systems. When your servers, phone lines and core systems are on premises, you are running a much higher risk than companies that operate in the cloud.

Not only are on-site systems easier to cripple when a cyber attack happens, but without backup, anything that happens in the office – such as a fire or flood – could potentially destroy vital records, customer data, and everything you need to run the company. It is hard to ignore how much we store in digital files and how important they are to most businesses. Anything that damages your head office could have serious ramifications for years to come.

When weighing up the risks to vital IT systems, it’s recommended that you go through the following 5 step process:

Analyse the business – what do you rely on? How/where does it operate and how soon could you get back to ‘business as usual’?
Assess the risks – what risks are likely, what should you plan for? And how do you prevent them? If that isn’t possible: How soon would your IT team be able to get everything back online so your team can get back to work (even if that meant moving office or staff working remotely for a while)?
Develop your strategy around an operational goal of getting back to work as soon as possible.
Work out the details so that plan can be implemented
Rehearse that plan. Make sure you’re confident it can be implemented in the event of a disaster scenario actually occurring. Unless your IT team can handle a trial run, you can’t know how they would manage a real emergency.

As part of this plan, ask your IT team the following questions:

In the event of anything from a power cut to a fire, do we have a cloud-based backup of everything on our systems?
How quickly can we restore vital operational systems and are we clear which need restoring with backups in place in the first 24 to 72 hours after a disaster?
During a rehearsed disaster plan, how soon until – as far as clients are concerned – will the business be operating as closely to normal as possible?

From a planning perspective, if there is uncertainty on any of these points, you may need to rethink your business continuity planning. Putting the right steps in place to recover from anything unexpected is the best way to ensure you are prepared in the event of an emergency. Making sure vital systems are backed-up or running from public cloud and cloud-based platforms; one of the most effective ways to maintain business continuity if the unimaginable should happen.

Note: Business continuity planning is not just for the major incidents that have an effect on the entire business or departments. It’s also for more ‘minor’ incidents where individuals may be unable to continue with their work. This can have a significant impact on productivity and effect the bottom line.

Many of these incidents can be resolved by your IT support team or service desk, but it’s important that they know how to prioritise support tickets to ensure that mission-critical and other important functions don’t suffer from unnecessary downtime. Speak to your IT service provider about this to ensure that the processes are in place to identify the incidents that impact business continuity most severely, and that these are prioritised accordingly.

Download our article on ‘how to drive IT service desk efficiencies’ for advice on how to make your IT service desk more efficient…

Cloud Business Limited
8 North Street
Guildford
GU1 4AF

0845 680 8538
hello@cloudbusiness.com

Cookie	Duration	Description
__cfruid	session	This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic.
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
__RequestVerificationToken	session	This cookie is set by web application built in ASP.NET MVC Technologies. This is an anti-forgery cookie used for preventing cross site request forgery attacks.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
JSESSIONID	session	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
MS0	30 minutes	No description available.
MSFPC	1 year	No description available.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
__lotl	5 months 27 days	This cookie is set by the provider Lucky Orange. This cookie is used to identify the traffic source URL of the visitor's orginal referrer, if there is any.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_lo_uid	2 years	This cookie is set by the provider Lucky Orange. This cookie shows the unique identifier for the visitor.
_lo_v	1 year	This cookie is set by the provider Lucky Orange. This cookie is used to show the total number of visitor's visits.
_lorid	10 minutes	This cookie is set by the provider Lucky Orange. This cookie is used to identify the ID of the visitors current recording.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
ANONCHK	10 minutes	This cookie is used for storing the session ID for a user. This cookie ensures that clicks from advertisement on the Bing search engine are verified and it is used for reporting purposes and for personalization.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
MUID	1 year 24 days	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_gd1624628211813	session	No description
AADNonce.forms	session	No description available.
CONSENT	16 years 6 months 6 days 10 hours 23 minutes	No description
DcLcid	3 months	No description available.
GetLocalTimeZone	session	No description
lfuuid	9 years 7 months 6 days 10 hours 24 minutes	No description available.
MC1	1 year	No description available.
SM	session	No description available.
SRM_B	1 year 24 days	No description available.
yt-remote-connected-devices	never	No description available.
yt-remote-device-id	never	No description available.

Success stories

Data backup: are you backing up and protecting your business’s data correctly?

Protecting your organisation in the cloud: disaster recovery plans

Business continuity and how to maintain it

Data backup: are you backing up and protecting your business’s data correctly?