Skip to main content
Informationssicherheit / NIS2

Backup

A backup is the regular, planned creation of copies of critical data and systems so they can be restored after loss, corruption, or a security incident.

Backup (data backup) is a core information security practice that protects the availability and integrity of information. It involves regularly creating redundant copies of business-critical data, configurations, and systems and storing them securely in separate locations. The goal is to enable a timely and complete restoration of operations after data loss caused by technical failures, human error, malware such as ransomware, or physical damage.

An effective backup strategy defines, for each data set, the backup scope, the backup method (full, differential, or incremental), backup intervals, retention periods, and the recovery targets Recovery Time Objective (RTO) and Recovery Point Objective (RPO). The 3-2-1 rule has become established practice: three copies of the data on two different media types, one of which is kept off-site. This is increasingly supplemented by an immutable or offline copy to prevent tampering by attackers.

Backup is closely linked to business continuity and disaster recovery management and is a mandatory building block of common security standards. What matters is not only creating the backups but also verifying them regularly through restore tests: only a successfully tested backup guarantees that the data will actually be usable in an emergency. In addition, backups must be protected themselves, for example through encryption, access control, and separation from production systems.

Legal Basis

ISO/IEC 27001 (Annex A 8.13 Information Backup); BSI IT-Grundschutz module CON.3 Backup Concept; Art. 32 GDPR (availability and resilience); Art. 21(2)(c) NIS2 Directive

Practical Example

An information security officer at a mid-sized machinery manufacturer discovers that, although the ERP database is backed up daily, the backups reside on the same server cluster as the production data. After a ransomware incident in the industry, she introduces a 3-2-1 strategy supplemented by a weekly immutable offline copy. She also schedules quarterly restore tests and documents RTO and RPO in the backup concept. At the next audit she can thus demonstrate the availability of critical data in a verifiable way.

FAQ

The 3-2-1 rule recommends keeping three copies of your data, storing them on two different media types, and keeping at least one copy off-site. This ensures recovery remains possible even if one storage location or medium fails. The rule is increasingly extended by an immutable or offline copy.
A backup is only reliable if it can actually be restored when needed. Corrupted, incomplete, or misconfigured backups often only reveal themselves during restoration. Regular restore tests are therefore an indispensable part of any backup strategy.
Ransomware often tries to encrypt or delete reachable backups as well. Immutable or offline backups cannot be manipulated by attackers and enable recovery without paying a ransom. The prerequisite is that backups are separated from production systems and protected against unauthorized access.

How preeco supports you

Learn how our software supports you with this topic.

Learn more

Related Terms

Business Continuity Management (BCM) Disaster recovery Ransomware Availability ISO 27001
Back to Glossary