Skip to content
Close
Contact Sales
Contact Sales
VC3 is the bar

We Make IT Easy

With VC3, it’s never license this, per hour that. Instead, it’s good people. Good people who work tirelessly .

Learn More
"VC3 has made it easier than ever before for our local government to serve our citizens by providing us with modern web tools and a team
of talented and courteous professionals.
City of Valdosta, GA
Get out of the IT trenches

Municipalities

VC3 has spent the last 29 years making IT
personal, making IT easy, and getting IT
right for over 1,100 municipalities.

Learn More

Municipal League Partnerships

VC3 is the IT partner that focuses on municipalities. We understand your budgeting cycles and critical
concerns.
Our Partners

Find All the Resources You Need

Our resources & insights includes case studies, client testimonials, guides, checklists, blog articles and more!

 

All Resources
Get Started
7 min read

Is Your IT ready for the Worst?

Subscribe
Is Your IT ready for the Worst?

It’s 2:05 am… 

The phone rings. A successful ransomware attack encrypted every file on your network. That is one of the worst things you could hear as a business owner. Because you lack offsite backups that you’ve tested, you may be facing permanent data loss—and a business-ending event. They keep talking, but you don’t register anything else they’re saying. There’s only the knot in your stomach as you start asking yourself, “Okay, what do we do now?”

Do you know what your answer would be?

The Joni Mitchell song “don't it always seem to go, that you don't know what you've got 'till it's gone” is not the approach to take here.

If you don’t know, now is the time to start figuring it out. Regardless of industry, an integral part of running a successful business comes down to managing risk.

To ensure you have the information and systems you need to keep your business running, you need a business continuity plan that properly covers your business­. Then, if you ever do find yourself asking, "Okay, what do we do now?” it will be a call to action, not panic.

Redundancy versus Backup and Recovery

In the world of IT, business continuity means two things: redundancy, and backup and recovery. The difference between the two is subtle but important, especially when we apply it to IT.

Backups and recovery are your fallback position -- insurance against a worst-case scenario. In the old days, your backup would be copies of important documents stored in a bank safety deposit box or fire safe.

Backups are key to your ability to recover after a disaster happens. Recovery is the actual process of restoring your information -- making new copies from originals, rebuilding photo albums from new prints, and replacing whatever was lost.

Redundancy, on the other hand, is your ability to avoid the disaster before it happens and keep doing business.

Using a wood-burning fireplace as well as a gas furnace gives your home heating redundancy. Your home stays heated without interruption, even if one of the two systems breaks down.

However, a backup generator is indeed a backup. If you lose your electrical service, a backup generator has to be hooked up and switched on. Even if it is automatic and doesn’t take long, it exists to replace something that has been lost. Having solar panels, on the other hand, would be a redundant system.

So how does this look in the IT world?

Backup Basics: The 3-2-1 Rule

When it comes to backups, everyone should start with the 3-2-1 rule: at least three copies stored in two different ways, with at least one copy stored offsite. This applies as much to your personal digital music and photo collections as it does your company information.

Why “at least three copies”? You never want only one copy, and when something happens to one of your three copies, and it will, you want at least two more. That way, you always have a backup, even when you are working to restore a damaged or lost copy. The more critical the information, the more copies you may want to consider keeping.

“Store it two ways” is another way of saying, “don’t keep all your eggs in one basket.” Having three, ten, or even 50 copies of a document won’t help you if they are all stored on the same laptop. What if the hard drive fails or your laptop gets stolen? Storage options include the hard drive on your computer, an external hard drive, a NAS (network-attached storage) device, a folder on your corporate network, and numerous cloud-based options.

“One copy offsite” protects you from a worst-case scenario such as ransomware, a fire, flood, or similar disaster. If the "two ways" rule keeps your eggs in more than one basket, the “one offsite” rule makes sure they’re not sitting side by side if catastrophe strikes. Cloud-based backup services are considered the best option today—and it’s ideal that these backups are “immutable,” meaning that they are segmented from your data and unable to be modified or deleted.

In fact, if you want to be thorough, many practitioners today now recommend the 3-2-1-1-0 Rule:

  • Three copies
  • Two media types
  • One offsite
  • One immutable
  • Zero errors verified by testing

This reflects the importance of tested backups (not just untested copies) to ensure that you can actually restore your data in the event of an incident.

The real issue is downtime: How long can you work without your information and systems?

The 3-2-1 rule is only intended to make sure your data isn’t lost. But backing up is only the first part. Recovery is the second.

Imagine your corporate server suffers a critical failure. Fortunately, you followed the 3-2-1 rule, so you know you’ve got a backup of all the data that was on that machine. But do you know what needs to happen in order to get it back?

Replacing a server can sometimes take weeks. Depending on the amount of data you have and the speed of your internet connection, the restoration time required might be measured in days, not hours.

This is where redundancy comes into play. If your business can only afford a few hours without a critical system, your business continuity plan needs to include something more than just backup and recovery.

For a small company, the solution might be as simple as including a clone of their hard drives -- basically an exact duplicate of their computer contents that they can immediately start using while their original hard drive is repaired or replaced.

A larger enterprise often needs more complexity in the systems, but fortunately, there are even more options for providing redundancy. Enterprise-grade computer hardware includes features that allow you to repair critical components without even turning off the machine. And cloud-based services mean entire systems can be run offsite.

The business continuity plan for your company needs to account for the full range of possible risks and what you’re willing to do to manage those risks.

So what do I need for my business?

As a starting point, every business should follow the 3-2-1 rule of backups. Period.

From there, determining what you need for recovery and redundancy needs to start with your company’s goals and the strategies and business processes that flow from the very top. What are your mission-critical systems? What downtime can your business afford? What systems for backup and redundancy do you need to keep your business running?

Whether you’re reviewing an existing plan, or getting one in place for the first time, make sure you are getting solid guidance that takes into account your needs at the highest levels first. The fanciest, most sophisticated egg basket in the world won’t work for you if it’s designed for chickens and your business deals in ostriches or hummingbirds.

Common Questions About Data Backup and Disaster Recovery

 

How often should we back up our data?

It depends on how much data loss your business can tolerate. For most businesses, daily automated backups are a minimum. If your data changes constantly, you may need continuous or near-continuous backup.

What's the difference between backup and disaster recovery?

Backup is the copy. Disaster recovery is the plan for how you actually restore operations — which systems come back online first, in what order, and how fast. You can have great backups and still be down for days without a tested recovery plan.

Is an offsite cloud backup enough on its own?

Cloud backup creates an excellent offsite copy, but it shouldn't be your only copy. Restoration from cloud backup can be slow depending on data volume and connection speed. A local backup gets you back up and running faster, while cloud keeps you protected if your onsite backups are destroyed.

How do we know if our backups are actually working?

You don't — unless you test them. An untested backup means unknown reliability. Schedule periodic data restoration tests so you're not discovering problems for the first time during an actual emergency.

What's the biggest mistake businesses make with business continuity planning?

Treating business continuity as a one-time project. Your plan should be reviewed at least annually and updated whenever your infrastructure, team, or risk profile changes significantly.

TL;DR

Every business needs a plan for when things go wrong — whether that's a fire, a server failure, or a ransomware attack. That plan rests on two pillars: backup and recovery (your fallback when disaster strikes) and redundancy (your ability to keep running so disaster never fully lands). Start with the 3-2-1 rule — at least three copies of your data, stored two different ways, with one copy offsite. Then ask the harder question: how long can your business actually survive without its critical systems? Your answers should drive everything else.

May 26, 2026

VC3

Let's talk about how VC3 can help you AIM higher.