Deciding how to approach your backup solution can be a daunting task. Your IT policies should make this easier if already in place because it will contain two major components that will help you understand your requirement i.e. a business continuity and disaster recovery plan
 
Since the business continuity plan specifies which measures should be in place for your business processes to keep functioning in case of a severe interruption, these measures are useful to consider:

• A risk assessment of all the resources required by your business operations
• Workplace alternatives in case of disaster
• Systems recovery in terms of redundancy and ease of switching from compromised systems to fail-over systems be it manual or automated

 
A disaster recovery plan relates to the steps required to allow uninterrupted continuation or quick resumption of infrastructure critical to your business. This includes hardware, software, systems and data required to ensure your compromised infrastructure interrupts business operations with the least amount of downtime such as:

• Cloud services or other hardware redundancy
• Appropriate levels of data backups and backup hardware, as well as a low RPO

The Appliance: hardware plus software

Backup appliances are definitely a more glitzy addition of backup hardware to your server room since they are usually designed to be a plug ‘n play solution to data backups. Providing features like preinstalled backup software, automatic syncing of backups to a cloud service and built-in disk space optimisation with deduplication of data, they make this an easy, low maintenance option for non-IT focussed business.
 
This certainly covers the disaster recovery aspect by being able to perform backup to a central location as soon as the appliance is installed. It also satisfies business continuity in making data backups accessible from any other cloud-connected device. These “appliances” however don’t come cheap and are usually not feasible for small businesses.

Cloud

Backup hardware is all good and well but expanding storage for an ever-increasing set of data can become costly. The appliances make life easy as far as backups go, but are not easily upgradeable. Redundant storage such as RAID or swapping NAS servers in and out make your disaster recovery solutions more flexible. This can be implemented in a private cloud where you would essentially be responsible for the maintenance thereof. Companies in the SME segment opt for the outsourced route from cloud service providers. 

Don’t forget the hybrid 

You can, of course, create a hybrid environment where private cloud environments have their redundancy fulfilled in off-site cloud environments. Once again, it lowers Recovery Point Objective (RPO) due to the instantly accessible nature of the storage. Since most cloud service providers have their own disaster recovery procedures in place (or should), this can take the load off an encumbered IT department.

Useful software

It’s important to choose backup software that will be able to scale with the needs of your business. Sometimes it’s useful download a free version of software but this can be risky if the provider of the software is not reputable. This can leave your backups vulnerable to corruption, malware and security breaches.
 
Commercial software often has the investment required to be tested thoroughly and to be created with innovation in mind. This often provides the features required by a complex business environment of a multi-national corporation.

Cover your bases

There are also contractual factors to consider when letting others take care of your data. This applies to backup hardware and software:

• Will there be a legal and binding agreement in place between the two parties?
• Can confidentiality/non-disclosure of information guaranteed?
• What levels of security or access restrictions do they enforce?
• Do they conform to regulatory requirements of your business e.g. jurisdictional limits to your clients’ personal information across borders?