A humongous explosion and ball of fire.

5 steps for security and disaster planning

22 Jan 2018

Barry Fisher - Technical Director

Written by
Barry Fisher
Technical Director

So you have a great new website built, but what happens when things don't go to plan? Backups should be a key part of your digital strategy. Here are my five steps for security and disaster planning...

1. Analyse

A "Worst Case Scenario" analysis is a closer look at your business requirements and in short poses the question: "If my website disappeared today, what would be an acceptable period to restore from a backup." Is it hourly, daily or up-to-the-minute? As you can imagine, the answer to this question will depend entirely from the type of the application you have. For eCommerce websites and applications which rely heavily on user interactions, backups should be up to the minute in an ideal world, however there is a trade-off between this kind of performance and your budget. There are ways to mitigate hardware failure and data loss due to corruption which involve distributed multiple copies of your data across different services, and there are plenty of levels of coverage to suit your needs.

How long you keep backups for will also be a consideration. This defines how many restore points you'll have to recover deleted data and content from. The larger backup history you need and the more restore points, the more disk storage is required so there is a trade-off to make here too.

These points should be at the forefront of your mind when building you new website or mobile app.

Sound confusing? We can help by applying our expertise and experience to define the right solution for you, in easy terms.

As part of the analysis process we'll help you identify risk areas and possible worst case outcomes so you're in a good position to deal with cases when technology lets you down. During the buzz and excitement of creating your new product you'll want to address backups and risk mitigation up front, so you have a plan when things don't go to plan!

2. Capture everything

We tend to take a "capture everything" approach to backups, rather than incremental backups, solely because it's the best fit practically and cost-wise for most applications (except the very largest enterprise level websites). This means taking nightly full snapshots of your website files and database (along with emails if the web server is set up to manage your emails). It makes it far easier to restore to given point in time than implementing a more comprehensive staged backup solution when used alongside hardware failure measures - such as RAID.

3. Test restore points

A backup is only as good as the last snapshot, so it's important to have an area where the restore point can be tested. For more cautious clients, we've set up a secure location online that they can visit to see the most recent backup restored and in place to see and interact with. This restore point is effectively a fully working version of your website at a given point in time, so provides the best way to assure you that should the worst happen the backup has been proven to work and captures everything (as described above).

4. Don't forget

Where we've taken over from a previous provider for our clients, we often find that there is no backup consideration at all in place. It is one of the first things we sort out when onboarding and advising our new clients.

Even once a backup solution has been considered and is in place, it's important to periodically check that everything is working as expected.

We set up notifications so that if backups fail for whatever reason, we're alerted to remedy the situation.

5. Scale

As the data and content for your website grows you can expect that the size of your backups will also grow. We can calculate how much space you need based on the solution you need (which we'll have defined from the previous steps).

Barry Fisher - Director

Get in touch about your project

Give us a call or send us an email to talk through your project

telephone+44 (0) 203 743 0887

emailbarry.fisher@pivale.co

Related articles

Boy expressing anger with a shouty face and outstretched hands.

Why the lack of industry standards makes us mad!

Calendar 22 Mar 2019 #Insights #Security & compliance We all too often speak to potential clients who have been 'scarred' by their experience with other providers in our industry.

Read the article
An infinite swirling clock.

Websites as an Investment Part 4: What happens if I wait?

Calendar 24 Feb 2016 #Advice The clock is ticking and time is money. It turns out that delaying your new website could actually be costing you money. We try and break down why that is.

Read the article
Chocolate cake with strawberry on top.

Not just another web developer!

Calendar 24 Apr 2019 #Insights #Security & compliance Have your cake and eat it! Find out how our approach gets you the quality and experience of working with a large agency without the overhead.

Read the article

More recent articles

A mockup of an ecommerce site home page.

Do you have a home page content strategy?

Calendar 2 Nov 2021 #Insights #Advice #User experience How to make an effective home page.

Read the article
Masterful lady in a zen pose.

Being compliant doesn’t have to be a bore

Calendar 24 Oct 2021 #Advice #Security & compliance The importance of balancing the exciting parts of web design with standards and good compliance.

Read the article
Five hands showing five through one digits elevated to indicate a countdown.

Top 5 cost influencing factors for your new website

Calendar 23 Jul 2021 #Advice In this article we will consider five areas which will often drive the main development costs for a website build.

Read the article

Subscribe for email updates

1 Your details

2 Your interests

Please select which Pivale services are of interest to you:

3 Legal info

By subscribing, you acknowledge that your information will be transferred to our marketing platform for processing.

You can unsubscribe at any time by clicking the link in the footer of our emails. You can find out more in our privacy policy.