A humongous explosion and ball of fire.

5 steps for security and disaster planning

22 Jan 2018

Barry Fisher - Technical Director

Written by
Barry Fisher
Technical Director

So you have a great new website built, but what happens when things don't go to plan? Backups should be a key part of your digital strategy. Here are my five steps for security and disaster planning...

1. Analyse

A "Worst Case Scenario" analysis is a closer look at your business requirements and in short poses the question: "If my website disappeared today, what would be an acceptable period to restore from a backup." Is it hourly, daily or up-to-the-minute? As you can imagine, the answer to this question will depend entirely from the type of the application you have. For eCommerce websites and applications which rely heavily on user interactions, backups should be up to the minute in an ideal world, however there is a trade-off between this kind of performance and your budget. There are ways to mitigate hardware failure and data loss due to corruption which involve distributed multiple copies of your data across different services, and there are plenty of levels of coverage to suit your needs.

How long you keep backups for will also be a consideration. This defines how many restore points you'll have to recover deleted data and content from. The larger backup history you need and the more restore points, the more disk storage is required so there is a trade-off to make here too.

These points should be at the forefront of your mind when building you new website or mobile app.

Sound confusing? We can help by applying our expertise and experience to define the right solution for you, in easy terms.

As part of the analysis process we'll help you identify risk areas and possible worst case outcomes so you're in a good position to deal with cases when technology lets you down. During the buzz and excitement of creating your new product you'll want to address backups and risk mitigation up front, so you have a plan when things don't go to plan!

2. Capture everything

We tend to take a "capture everything" approach to backups, rather than incremental backups, solely because it's the best fit practically and cost-wise for most applications (except the very largest enterprise level websites). This means taking nightly full snapshots of your website files and database (along with emails if the web server is set up to manage your emails). It makes it far easier to restore to given point in time than implementing a more comprehensive staged backup solution when used alongside hardware failure measures - such as RAID.

3. Test restore points

A backup is only as good as the last snapshot, so it's important to have an area where the restore point can be tested. For more cautious clients, we've set up a secure location online that they can visit to see the most recent backup restored and in place to see and interact with. This restore point is effectively a fully working version of your website at a given point in time, so provides the best way to assure you that should the worst happen the backup has been proven to work and captures everything (as described above).

4. Don't forget

Where we've taken over from a previous provider for our clients, we often find that there is no backup consideration at all in place. It is one of the first things we sort out when onboarding and advising our new clients.

Even once a backup solution has been considered and is in place, it's important to periodically check that everything is working as expected.

We set up notifications so that if backups fail for whatever reason, we're alerted to remedy the situation.

5. Scale

As the data and content for your website grows you can expect that the size of your backups will also grow. We can calculate how much space you need based on the solution you need (which we'll have defined from the previous steps).

Barry Fisher - Director

Get in touch about your project

Give us a call or send us an email to talk through your project

telephone+44 (0) 203 743 0887

email[email protected]

Related articles

Masterful lady in a zen pose.

Being compliant doesn't have to be a bore

Calendar 24 Oct 2021 #Security & compliance The importance of balancing the exciting parts of web design with standards and good compliance.

Read the article
The ruins of a building in the middle of a field.

6 reasons not to use a standalone microsite for your Christmas marketing campaign

Calendar 27 Oct 2022 #Insights #Advice #Security & compliance #SEO We've compiled a list of the six reasons businesses shouldn't entertain the thought of a microsite - and they're pretty compelling.

Read the article
An ambiguous figure in a suit throwing dice towards he camera.

Are you gambling with the security of your business?

Calendar 7 Jun 2022 #Security & compliance Ignoring security updates will seriously impact your business. It's time to take action.

Read the article

More recent articles

Bundles of Euro bank notes overlaid by handcuffs and a sinister sillouetted character on the left.

Google Analytics: Is it legal?

Calendar 24 Nov 2022 #Insights #Advice #Security & compliance Promise: not clickbait! It's hard to believe that this popular product could be considered illegal.

Read the article
A girl grimacing in disgust.

What to consider when you're thinking about your webforms

Calendar 3 Nov 2022 #Insights #Advice Webforms are a great way to consolidate interest and turn your visitors into potential new customers. But we bet you hadn't considered the power, positive and negative, that a webform can have on your potential new customer's experience of your business.

Read the article
Pivale logo + Platform.sh logo

Platform.sh: affordable and ethical enterprise-grade hosting

Calendar 21 Sep 2022 #Insights #Advice Your hosting headache - and how it's costing you business

Read the article

Subscribe for email updates

1 Your details

2 Your interests

Please select which Pivale services are of interest to you:

3 Legal info

By subscribing, you acknowledge that your information will be transferred to our marketing platform for processing.

You can unsubscribe at any time by clicking the link in the footer of our emails. You can find out more in our privacy policy.