Report reveals: A surprising number of organizations still tethered to outdated backup practices
You’re probably well aware that efficiency and optimisation are the name of the game for organisations in 2025.
But many businesses are unknowingly leaving immense value on the table, simply because they don’t maximise their backup strategies.
Added to this challenge is the reality that the winds of change aren’t letting up. With more and more of your teams depending on digital data, and—in tandem with the rising role of data security—it’s predicted we’ll all be witnessing the upward trajectory of backup and restore software from 2025 to 2032.
While backing up data may seem like a no-brainer, outdated practices like manual backups remarkably continue to plague nearly a third of organisations.
For those of us trapped in the now-archaic practice of tape storage, the time has come to jump into the 21st century and consider an updated approach to our data management and protection strategies.
Today’s state of backup disarray is more common than you’d think
In addition to the alarming 29% of organisations still manually copying backup data, 5% of businesses leave their SaaS applications completely unprotected.
While these statistics may seem shocking, they’re a symptom of an outdated mindset that backups are merely ‘nice to have’.
To understand how far we’ve come, let’s take a step back and consider the legacy of tape backups.
Manual intervention used to be the norm. We didn’t have the option to question the laborious practice of swapping tapes out daily and transporting them offsite for security. As well as being taxing, getting to a point of recovery frequently chewed up months of valuable time and resources that nobody had to spare.
Annoyance with backup tapes was something that Colin, Biggers & Paisley, a Sydney-based law firm, could relate to. Their systems administration manager, Steven West, has looked after their backup and recovery process for over a decade, and remembers the frustration well.
“Using backup tapes was a massive commitment in terms of both time and effort. We ran old-school backup and sync products (like tape and disks) to cover on-premises and virtual machines throughout the week, and on weekends and public holidays.
“Unfortunately, it didn’t leave us a lot of room for system maintenance windows. By the time our backup technician finished, we’d have over a dozen tapes or disks to remove from the offices and store off-site in a bank vault. Then we’d start the whole backup process again.”
Since investing in a modern, fully-managed solution, the Colin, Biggers & Paisley team has come out the other side with bragging rights that feature business-enhancing advantages like streamlined processes, reduced downtime, and significantly minimised disaster recovery risks. What’s not to love?
Backing up responsibly is in your hands, so don’t sit on them
The age of cloud backups is saving the day, but to truly safeguard your organisation against the inevitability of a cyberattack, your backup strategy needs to be automated, tested, and proactive.
Rather than mopping up the mess after a disaster, the first prize is to get ahead of the problem.
Enter the proactive approach of data resilience. With this key piece of the disaster recovery puzzle in place, you can weather a cyberattack, retrieve critical data and applications during the attack, and get back to work in record time.
To shed light on how to implement robust cybersecurity plans that defend your business during that inevitable attack, these three standards can help you cut through the clutter:
- The Shared Responsibility
The essence of this security and compliance framework may come as news to some: protecting your data is your responsibility.
Most businesses in Australia use an average of three public cloud service providers, and assume that data protection is part of the deal. But while platforms like Microsoft 365, Salesforce, and Google Workspace manage infrastructure, many cloud applications only offer limited protection.
Building cyber resilience requires action and should be top of your agenda. Make a start today by confirming that your SaaS solutions like Xero, Salesforce, or Intuit are truly backed up. - Australian Signals Directorate (ASD) Essential Eight
According to guidelines from the ASD, data protection plans should include:- Consistent and trustworthy backups that support the continuation of your business services
- Disaster recovery activities that stress-test the effectiveness of your data restoration strategy
- Guardrails to protect backups from being edited by the backup team during their retention period
- Proactive retention procedures that guarantee secure compliance
- The National Institute of Standards and Technology (NIST) 3-2-1 Rule
While navigating the expanse of security threats can feel complex and daunting, the NIST 3-2-1 Rule is simple, clear, and succinct:- Secure three copies of your data
- Keep the copies in two different locations or media formats
- Store one copy in the cloud or offsite
Subpar backup strategies can result in eye-watering costs
According to Forbes, the global average cost of a data breach amounted to a whopping $4.88 million in 2024. As we all become increasingly data-dependent in our workplaces, the expected consequences for those of us who don’t have plans to upgrade to automated, cloud-based solutions are clear.
While your teams may already be lagging behind in their backup strategy, all is not lost. The promise of efficiency and peace of mind are well within reach if you’re ready to fight—and win—the war on risk.
