When was your last successful test restore? Most businesses can't answer. πŸ“ž (203) 985-1000 Β· Mon–Fri 8 AM – 5 PM
Home  /  IT & Security  /  Backup & BCDR

Backup that actually restores when you need it.

Most businesses have "backups." Far fewer have backups that they've actually restored from successfully. We architect business continuity around Datto SIRIS appliances β€” local backup for fast restore, offsite cloud replication for catastrophes, immutable snapshots that ransomware can't touch. Quarterly test restores are part of the service, not an add-on.

Get a backup assessment β†’ πŸ“ž (203) 985-1000

The difference between backup and BCDR

People use these terms interchangeably but they're not the same.

  • Backup is what you do daily β€” copying your data somewhere safe.
  • Disaster recovery (DR) is how you get back to work after something terrible happens β€” a fire, a flood, a ransomware attack, a building you can't get into.
  • Business continuity (BC) is the bigger picture β€” keeping the business operating during and after the disaster, not just restoring files.

A USB drive plugged into your server is "backup." It is not BCDR. If the server burns, the USB drive burns too. If ransomware hits, ransomware encrypts the USB drive too. Real BCDR requires backups that are offsite, immutable, tested, and fast to restore from.

Why we use Datto

We've evaluated more backup products than we can count, and we standardized on Datto because the snapshots are immutable. That means once a backup is taken, it can't be modified or deleted by anything on your network β€” including ransomware that gains administrator access.

This matters because most ransomware operators don't just encrypt your live data. They go after the backups first. If your backups can be deleted by whatever's running on your domain controller, your backups don't exist for ransomware-recovery purposes.

  • Local Datto SIRIS appliance sits in your server room. Backups happen frequently (every 15 minutes during business hours is standard).
  • Offsite cloud replication to Datto's data centers automatically. Even if your building is destroyed, your data isn't.
  • Immutable snapshots can't be deleted by anyone β€” including admins, including attackers β€” within their retention window.
  • Virtualization on the appliance means we can boot your servers directly from backup, on the appliance, in minutes β€” without waiting to restore them to new hardware.

What our standard BCDR includes

  • Servers backed up every 15 minutes during business hours, hourly off-hours.
  • Workstations backed up daily if requested (most customers protect the servers and rely on M365/OneDrive for workstation data).
  • Microsoft 365 backups separately β€” yes, you need to back up M365. Microsoft is not responsible for your data; you are. Mailboxes, OneDrive, SharePoint, Teams.
  • Offsite cloud replication with industry-standard retention.
  • Quarterly test restores. We boot your servers from backup, verify they come up clean, document it. You get the report.
  • RTO/RPO targets documented for your environment. We tell you, in writing, how fast we can get you back online and how much data you might lose.

What "good" RTO/RPO looks like for SMB

RTO = Recovery Time Objective (how fast you're back online). RPO = Recovery Point Objective (how much data you could lose).

  • RPO of 15 minutes β€” meaning you'd lose at most 15 minutes of data during business hours.
  • RTO under 1 hour for critical servers β€” boot them as virtual machines on the Datto appliance, users keep working while we restore to permanent hardware.
  • RTO of 4–8 hours for full business restore β€” getting everything back to a normal state.

These are realistic for most environments we work with. Customers with tighter requirements (manufacturing taking critical orders, medical billing, etc.) get a custom architecture.

Ransomware reality check: According to the most recent Datto State of the Channel Ransomware Report, businesses that pay the ransom usually still don't fully recover their data. Average ransom payments are tens of thousands of dollars. The average cost of downtime per ransomware incident is significantly higher than the ransom itself. The point of immutable backup isn't to "avoid paying ransom" β€” it's to not be in that conversation in the first place.

BCDR for cloud workloads

If your business runs in the cloud (Microsoft 365, AWS, Azure), you still need backup. Microsoft and AWS have a shared responsibility model: they keep the platform running, you're responsible for your data on it. If a user deletes a SharePoint site, if a malicious admin wipes your tenant, if ransomware encrypts files synced to OneDrive β€” that's on you.

We back up cloud workloads with Datto SaaS Protection (for M365 and Google Workspace) and architecture-specific tools for Azure and AWS environments.

How we onboard new BCDR customers

  1. Assessment. What data do you have, where does it live, what would actually need to come back during a disaster, how fast.
  2. Sizing. Right-size the Datto appliance for your data volume + growth + retention requirements.
  3. Installation and seed. First full backup. Depending on data volume, may take days. We seed from local drives when needed to skip a multi-week cloud upload.
  4. Verification. First test restore happens within the first 30 days. Documented.
  5. Ongoing. Quarterly tests. Monthly reports. Annual review of retention and RTO targets.

If your current backups are unproven

We'll do a free assessment of your current backup setup. We'll check whether backups are actually running, whether they're stored somewhere ransomware can't reach, whether they could actually be restored. About half of the businesses we assess find out their backups don't work β€” better to find out now than during a disaster.

Are your backups actually going to work when you need them?

Free assessment of your current backup setup. We tell you what we'd do differently.

Schedule a backup assessment πŸ“ž (203) 985-1000