A humongous explosion and ball of fire.

5 steps for security and disaster planning

22 Jan 2018

Barry Fisher - Technical Director

Written by
Barry Fisher
Technical Director

So you have a great new website built, but what happens when things don't go to plan? Backups should be a key part of your digital strategy. Here are my five steps for security and disaster planning...

1. Analyse

A "Worst Case Scenario" analysis is a closer look at your business requirements and in short poses the question: "If my website disappeared today, what would be an acceptable period to restore from a backup." Is it hourly, daily or up-to-the-minute? As you can imagine, the answer to this question will depend entirely from the type of the application you have. For eCommerce websites and applications which rely heavily on user interactions, backups should be up to the minute in an ideal world, however there is a trade-off between this kind of performance and your budget. There are ways to mitigate hardware failure and data loss due to corruption which involve distributed multiple copies of your data across different services, and there are plenty of levels of coverage to suit your needs.

How long you keep backups for will also be a consideration. This defines how many restore points you'll have to recover deleted data and content from. The larger backup history you need and the more restore points, the more disk storage is required so there is a trade-off to make here too.

These points should be at the forefront of your mind when building you new website or mobile app.

Sound confusing? We can help by applying our expertise and experience to define the right solution for you, in easy terms.

As part of the analysis process we'll help you identify risk areas and possible worst case outcomes so you're in a good position to deal with cases when technology lets you down. During the buzz and excitement of creating your new product you'll want to address backups and risk mitigation up front, so you have a plan when things don't go to plan!

2. Capture everything

We tend to take a "capture everything" approach to backups, rather than incremental backups, solely because it's the best fit practically and cost-wise for most applications (except the very largest enterprise level websites). This means taking nightly full snapshots of your website files and database (along with emails if the web server is set up to manage your emails). It makes it far easier to restore to given point in time than implementing a more comprehensive staged backup solution when used alongside hardware failure measures - such as RAID.

3. Test restore points

A backup is only as good as the last snapshot, so it's important to have an area where the restore point can be tested. For more cautious clients, we've set up a secure location online that they can visit to see the most recent backup restored and in place to see and interact with. This restore point is effectively a fully working version of your website at a given point in time, so provides the best way to assure you that should the worst happen the backup has been proven to work and captures everything (as described above).

4. Don't forget

Where we've taken over from a previous provider for our clients, we often find that there is no backup consideration at all in place. It is one of the first things we sort out when onboarding and advising our new clients.

Even once a backup solution has been considered and is in place, it's important to periodically check that everything is working as expected.

We set up notifications so that if backups fail for whatever reason, we're alerted to remedy the situation.

5. Scale

As the data and content for your website grows you can expect that the size of your backups will also grow. We can calculate how much space you need based on the solution you need (which we'll have defined from the previous steps).

Barry Fisher - Director

Get in touch about your project

Give us a call or send us an email to talk through your project

telephone+44 (0) 203 743 0887


Related articles

A series of tesselating hexagons containing padlocks - one of which is open and highlighted in red.

Why poor web security will damage your business

Calendar 27 Apr 2022 #Security & compliance The consequences of poor web security can be catastrophic so it's essential you have a strategy.

Read the article
A hand made, brightly coloured sign with the word OPEN.

The benefits of open-source website CMS software

Calendar 16 Jun 2021 #Insights #Security & compliance What exactly are the differences between open-source and closed proprietary software and why should I care?

Read the article
Chocolate cake with strawberry on top.

Not just another web developer!

Calendar 24 Apr 2019 #Insights #Security & compliance Have your cake and eat it! Find out how our approach gets you the quality and experience of working with a large agency without the overhead.

Read the article

More recent articles

A sky scene with indecipherable technical information overlaid for effect indicating cloud hosting

3 reasons your choice of website host isn't just an IT issue

Calendar 16 Aug 2022 #Advice #Security & compliance Choosing the web infrastructure that supports your website is of paramount importance. And given that your choice of website host underpins the ability of your business to exist online, it's fair to say you need to make a well-informed decision about your hosting service.

Read the article
A roll of blueprints

Why documentation and processes could stop your website from failing at a critical moment

Calendar 29 Jun 2022 #Advice #Security & compliance Do you have documentation in place so that, when changes to your website are needed, there is a clear process to be followed whether by your in-house developers or your outsourced digital marketing partners?

Read the article
An ambiguous figure in a suit throwing dice towards he camera.

Are you gambling with the security of your business?

Calendar 7 Jun 2022 #Security & compliance Ignoring security updates will seriously impact your business. It's time to take action.

Read the article

Subscribe for email updates

1 Your details

2 Your interests

Please select which Pivale services are of interest to you:

3 Legal info

By subscribing, you acknowledge that your information will be transferred to our marketing platform for processing.

You can unsubscribe at any time by clicking the link in the footer of our emails. You can find out more in our privacy policy.