Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

Smarter Writer
Smarter Team

The Smarter Team is made up of business and technology journalists who write to offer insights to small and medium businesses about technology, business know-how and emerging trends.

For all businesses, failing to back-up data can have drastic consequences. Here are five back-up essentials you need to know about.

Backing up your data may seem a mundane task. For small businesses in particular, data back-ups may be an unwanted diversion from serving customers and growing your business – but both physical and cyber-threats aren’t as unlikely as you may expect. Did you know that almost 50% of Australian businesses have experienced a security attack in the last twelve months? And in 2019, the global average cost of a data breach was US$3.92 million for organisations across all industry sectors.

For example, an extreme weather event or even a burst water pipe may damage your hardware. Or your business may experience a cyber attack that wreaks havoc on your network. As a result, you may lose sensitive business and customer data.

At the very least, you may be chasing your tail on lost project work and your customers may take their business elsewhere and loudly advise your prospects to do the same. And then there are the requirements for notifiable data breaches under the Privacy Act.

The 2019 Telstra Security Report found that 1 in 4 Australian businesses don’t have an incident response plan in place to deal with damaging cyber-attacks when they happen. Let’s look at the why, who, what, where and when of data back-up, so you can prepare your business today.

1. Why should I back-up my data?

It’s important to understand regulations and legal requirements for managing data, and the risk that data loss presents to your business.

For example, if you operate a financial services business, you may have to comply with strict Australian Prudential Regulation Authority rules governing data management and protection.

If you are involved in healthcare, you are bound by legislation and regulation to protect sensitive patient information. Whatever industry you are in, it is your responsibility to understand any obligations you have that affect how and when you back-up data.

However, you will also need to be able to quantify any damage to your productivity, reputation and brand. This requires conducting a full analysis of what a disaster could mean to your business. 

Protect your business from online threats.

Telstra Business Cyber Security Services can assess your business’s needs today.

Find out moreProtect your business from online threats.

2. Who would be impacted by a data loss?

Your business should understand and protect the interests of all its stakeholders when delivering business continuity, including creating and executing a plan for data back-ups.

The ‘people’ side of business continuity and data back-ups extend to creating teams with the skills to respond to, manage and recover from an incident. Each team should incorporate people skilled in the technical aspects of recovery, with people responsible for service delivery and customer relationships.

In addition, your business should regularly test its plan, so your team can keep their skills and expertise up to date and accommodate the emergence of new technologies and threats. 

3. What data do I need to back-up?

It’s important to understand the data that your business holds and the workloads you run in your IT environment, including any interdependencies between systems.


  • What services do you provide to your customers and what would be the impacts if your IT systems fail?
  • What IT systems and applications does your business need to support end users and customers?

Many businesses back-up file-sharing workloads and collaboration systems such as email and messaging systems. However, businesses typically appear to be less concerned with critical business management and revenue-generating systems. Things like e-commerce applications, enterprise resource planning systems and online applications can often be forgotten.

You should determine the importance of these systems to your business, or you can outsource an expert if you need a helping hand.

4. Where should back-ups be stored?

Cloud services can support corporate security and sovereignty requirements, while delivering the flexibility, agility and consumption-based models modern businesses demand.

Businesses can now access fast and reliable back-up and restoration services to store and retrieve data, for reference, regulatory compliance or business continuity. These services may span email, servers, hybrid services encompassing multiple providers, and even ease the occasionally fraught migration process.

5. When do I need my systems and data restored?

The key is to identify the recovery point objective (RPO) and recovery time objective (RTO) for your business. The RTO is the time for a system to be recovered and made ready for use by the business. The RPO is the time when the last back-up of data was made (reflecting how much data would be lost during a disaster.


  • How long could your business function without IT systems?
  • How would your business know what outstanding bills a customer needed to pay?
  • How long would your suppliers wait to be paid?
  • What alternative methods and procedures could employees or end users perform while your systems and applications were out of service?
  • At what cost and for how long could your business cope if revenue wasn’t generated?

The range of back-up options available to business has never been wider. You can adopt a solution that meets all your requirements, while allowing you to focus on core business activities. So, what are you waiting for? Make the time to review and update your back-up plans today. 

Originally published November 25th 2016. Updated February 6th 2020.

Is your business at risk of cyber crime?

Learn to assess risk and safeguard your business against online threats.

Access reportIs your business at risk of cyber crime?

Woman shopping online
Customer Experience
Customer Experience
5 things customers expect from your business online

Do you know which online features customers think are important when dealing with businesses online? Research shows that you may be underestimating these five things.

Man using tablet in stockroom
Business IQ
Business IQ
The fundamentals of online security planning

Protecting your business online requires more than set-and-forget antivirus software. In an increasingly digital world, planning and strategy are key for keeping your business ...

Man using tablet in stockroom
Your 5-step guide to digitising your business

Kickstart your business’s digital transformation with our quick guide. Discover the five essential steps that can help your business thrive online in 2021 and beyond.

Hacker working on a laptop
Business IQ
Business IQ
What it's like to be hacked: 2 businesses tell their stories

We uncover the financial, reputational and emotional impacts faced by two small Aussie businesses that have been victims of an online attack.