Most business owners know they should have a backup. Fewer know whether their backup would actually work when they need it most. Whether you’re relying on cloud storage, a USB drive in the desk drawer, or something more sophisticated, there’s a good chance your data isn’t as protected as you think.
After more than 20 years supporting businesses across Cheshire, we’ve seen the full spectrum, from well-managed backup systems that saved a business overnight to catastrophic data losses that could have been prevented with a few simple steps.
In this guide, we’ll cut through the jargon on local backup vs cloud backup, explain why the answer is rarely one or the other, and give you a practical framework for making sure your data is genuinely protected.
What’s the Difference Between Local Backup and Cloud Backup?
Before we compare the two approaches, it’s worth being clear about what each one actually means.
Local Backup
A local backup stores copies of your data on a physical device that you own and control, typically a USB drive, an external hard drive, or a network-attached storage (NAS) device in your office. The key advantage is speed: restoring files from a local device is fast, and you don’t need an internet connection to do it.
The drawback is physical vulnerability. If your office suffers a fire, flood, or theft, your backup could be lost alongside everything else.
Cloud Backup
A cloud backup copies your data to secure, off-site servers managed by a third party. Platforms like Microsoft OneDrive, Azure Backup, or dedicated business backup services all fall into this category. Because your data lives off-site, it’s protected from physical disasters at your premises.
The trade-off is that restoring large volumes of data from the cloud takes time and depends on your internet connection speed. There’s also an ongoing subscription cost to factor in.
Which Is Better?
Neither, and that’s the honest answer. The smartest businesses use both, with the two approaches complementing each other rather than competing. But before we get to that, there are three questions every business owner should be asking about their current backup setup.
Three Questions to Ask About Your Backup Right Now
1. Have You Actually Tested It?
This is the question that catches most people out. A backup that hasn’t been tested isn’t really a backup, it’s a hope.
Take cloud storage as an example. If your files are stored on OneDrive and your device is hit by malware, the ransomware will encrypt your files and then push that encrypted version straight to your cloud. Unless you restore quickly, you could be in trouble. OneDrive currently allows you to recover files up to 93 days from the recycle bin, and up to 30 days for a full drive restore, but what if the problem went undetected for longer than that?
We’ve also seen situations where a USB backup drive has been plugged in, backed up, and reported as successful, only for the data to be completely unreadable when someone actually tried to restore from it. Just because the software says it worked, doesn’t mean it did. The only way to know your backup works is to physically copy the files to a separate device and open them.
If you’re not doing this, start now.
2. Does Your Backup Have an Air Gap?
An air gap sounds technical, but it’s a simple concept: it means your backup is physically disconnected from your main systems.
When a USB drive is plugged into your computer, it’s exposed to the same risks as your computer. If ransomware hits, it can encrypt the drive just as easily as your local files. The moment you unplug the drive and take it off-site, you’ve created an air gap, the backup can no longer be reached by anything attacking your network.
A practical approach for smaller businesses is to keep a USB drive at the office during the working week, copy files to it at the end of the week, and take it home. You can protect it with a passcode or encryption if needed. Once at home, open the drive and check the files work. It’s low-cost, straightforward, and genuinely effective as a safety net.
This isn’t a replacement for cloud backup; it’s an additional layer. Belt and braces, as the saying goes.
3. Who Is Responsible for It?
This might seem like an obvious question, but it’s one of the most common gaps we see in businesses of all sizes.
Backup responsibility needs to be written down, whether that’s in a contract with your IT provider, a job description, or a documented process. If it’s not assigned to someone specific, it tends to fall into a grey area where two people each assume the other has it covered. We’ve witnessed this happen more times than we can count, and it never ends well.
If Amita manages your IT, we make this explicit from day one. Accountability for backup monitoring, testing, and recovery is clearly defined, and we check it, rather than just assuming.
Real-World Lessons From 20+ Years in IT
Theory is useful, but nothing illustrates the importance of a solid backup strategy quite like seeing what can go wrong in practice. Here are three scenarios from our experience that shaped how we think about backup today.
The Bank Holiday Problem
Early in our IT career, we implemented what was genuinely considered a gold-standard backup solution, nightly backups to tape, stored in a bank vault. Extremely secure. Perfectly reliable. Until a bank holiday weekend, when thieves broke through an external wall and stole the entire computer room.
The recovery company arrived within four hours with replacement equipment, but the backup tapes were locked in the bank, which wouldn’t open until Tuesday. The lesson was immediate: always keep more than one copy in more than one location, and make sure at least one copy is accessible out of hours.
The Obsolete Hardware Problem
A client had an excellent backup system: digital tape, monthly testing, and tapes stored off-site. Then their office building was badly damaged in an incident, and the servers were destroyed. They had the tapes. What they didn’t have was the hardware or software needed to read them; both had been superseded by newer models that were no longer compatible.
The backup existed. They just couldn’t use it. The lesson here is that your ability to restore is only as good as your ability to actually read the backup. If your solution relies on specific hardware or software, you need to maintain a working installation of that same environment, ideally in two separate locations.
The Drive That Looked Fine But Wasn’t
On numerous occasions, we’ve been handed a USB drive containing a company’s “backed up” files, only to find the drive contains no data when connected to another device. The backup software had reported success. The email confirmations had been arriving every night. But the data simply wasn’t there.
There is no substitute for physically testing your restore. Open the files. Check they’re readable. Don’t rely on reports.
The 3-2-1 Rule: A Practical Framework
If you want a simple rule to follow, the 3-2-1 backup rule is as good as it gets:
- Keep 3 copies of your data
- Store them on 2 different types of media
- Keep 1 copy off-site
In practice for a Cheshire SME, this might look like: your live files on OneDrive (copy 1), an automated backup to a dedicated cloud backup service (copy 2), and a weekly USB drive taken home or to another location (copy 3). The USB provides the air gap; the two cloud copies provide resilience and version history.
It sounds like a lot, but once set up, most of this runs automatically. The only manual step is the weekly USB rotation, and for most businesses, that’s a five-minute task that could save everything.
What About Business Continuity and Disaster Recovery?
Backup is one part of a wider picture. Business continuity planning is about ensuring your business can keep operating, or recover quickly, when something goes wrong, whether that’s a cyberattack, a power outage, hardware failure, or even a key person being unavailable.
Data recovery is a subset of that: specifically, how you get your files, systems, and applications back up and running. For most SMEs, the two key metrics to understand are:
- Recovery Time Objective (RTO) — how long can your business afford to be without access to its systems?
- Recovery Point Objective (RPO) — if you had to restore from a backup taken 24 hours ago, how much would that cost you in lost work?
The answers to those questions should drive your backup strategy, not the other way around.
Check our IT Support Packages here >
How Amita Can Help
We work with businesses across Cheshire to design and manage backup solutions that are proportionate to the risk and practical to maintain. That means no over-engineered systems that nobody ends up testing, and no false reassurance that cloud sync is the same as a proper backup, because it isn’t.
As part of our IT support agreements, we ensure backup responsibilities are clearly defined, restore tests are carried out regularly, and you always know exactly what’s covered and what isn’t. We’ve been doing this for over 20 years, and the businesses we work with have a 95% retention rate, in part because they trust that when something goes wrong, we’ve already planned for it.
Get in touch with Amita today and secure a reliable backup plan.
