World Backup Day: Why Backups Fail and What to Do About It

TECHx

31-03-2025

World Backup Day: Why Backups Fail and What to Do About It
Backups are supposed to be your safety net, but they fail more often than you think. This World Backup Day , it's time to stop trusting backups blindly and start making them work when it really matters. From ransomware threats to recovery delays, here's why backups fail and how to stay prepared.
Backups are supposed to be the ultimate safety net, a last line of defense against data loss caused by cyberattacks, accidental deletions, or hardware failures. But here's the uncomfortable truth: backups fail. More often than you'd expect. And when they do, the consequences can be catastrophic.
The problem isn't that businesses don't back up their data, most do. The problem is that they assume those backups will work when disaster strikes. According to Veeam's 2023 Data Protection Trends Report, nearly 21% of all enterprise recovery attempts fail due to corrupted or incomplete backupsv. The message is clear: just having backups isn't enough anymore.
Edwin Weijdema, Field CTO EMEA at Veeam Software, sums it up perfectly: 'Fourteen years ago when World Backup Day was started, the aim was awareness. But these days, the focus should instead be on preparedness. Having backups in place and being well prepared to use them during a crisis are different things. Today should be a reminder to stress-test your backups and their accompanying data recovery plans.'
Why Backups Fail, And What's Changing
One of the biggest culprits behind backup failures is blind trust in automation. Many organizations assume that because their backup software reports a 'successful' job, everything is fine. But without regular testing, they're operating on faith, not facts. Human error also plays a major role, misconfigurations, skipped directories, or improper retention policies can silently break your backups.
And even if you get the technical part right, there's the growing threat of ransomware. Attackers no longer stop at encrypting primary data, they go straight for your backups.
According to Alain Penel, Vice President of Middle East, Turkey and CIS at Fortinet: 'Backups are a prime target for ransomware actors. Simply having backups is not enough; you need to protect them as cyber criminals adopt more sophisticated methods. Organizations must make foundational changes to the frequency, location, and security of their backups to effectively deal with evolving ransomware risks.'
Immutable backups, which cannot be modified or deleted, even by an administrator, are now essential. This ensures your data is safe, even if your entire system is compromised.
Michael Cade, Global Field CTO at Veeam Software, emphasizes this point: 'Backups need to level up to match these threats. Immutable backups need to be the standard, keeping them tamper-proof, even when under attack. And while backups are vital, organizations can't just rely on them alone. A business-wide cybersecurity plan needs to be in place as a first line of defense.'
It's Not Just About Backups, It's About Fast Recovery
Even if your backups survive an attack, speed of recovery matters. If restoring from backups takes days (or weeks), the damage may already be done.
Fred Lherault, Field CTO at Pure Storage, highlights how advanced solutions are tackling this challenge: 'Reliable backups are limited in their effectiveness if operations cannot be restored quickly. Some of the most advanced flash-based storage solutions dramatically increase recovery speeds, up to hundreds of terabytes per hour, enabling organizations to get up and running again in hours rather than weeks.'
When disaster strikes, slow recovery can force companies to make desperate decisions, like paying a ransom. Yihao Lim, Lead Threat Intelligence Advisor at Google Cloud Security, shares a real-world example: 'In 2018, a US hospital paid a four-bitcoin ransom due to lengthy restoration time from backups to their encrypted assets. The time needed for backups was not compatible with the hospital's almost real-time need to access health records, emails, or other internal applications.'
To avoid this, Lim advises organizations to simulate real-world attacks: 'Organizations should conduct simulated attack scenarios to test and measure the time taken to restore critical systems, ensuring they can resume operations quickly when disaster strikes.'
Why Testing and Layered Defense Matter
Backing up data isn't a one-time task, it's a continuous responsibility. Ziad Nasr, General Manager of Acronis Middle East, puts it bluntly: 'World Backup Day is an important reminder that protecting data is not a one-time task, it's a continuous responsibility. Regular and tested backups are essential to ensure your data is safe and recoverable.'
The reality is, even the best technology won't save you without proper processes in place. Ram Narayanan, Country Manager – Middle East at Check Point Software Technologies Ltd., advocates for a layered approach to protection: 'Ransomware has evolved, it's not just going after primary systems anymore; backups are firmly in the crosshairs. Businesses need to ensure their backups are frequent, immutable, and tested regularly. A layered approach that combines smart policies, strong cyber hygiene, and real-time threat prevention can make all the difference.'
Narayanan stresses that technical measures alone won't cut it, building employee awareness is just as critical.
Always Have a Plan B (and C)
Even with the best technology and processes, things can still go wrong. Rick Vanover, VP of Product Strategy at Veeam Software, offers this practical advice: 'Always have a plan A, plan B, and a plan C. We don't know what could go wrong, we can only plan ahead to prevent and be prepared. Whether it's a user deleting a file, a 'fire, flood, and blood' scenario, or a cyberattack, staying resilient is ALWAYS in style.'
Future-Proofing Your Backups
The old 'set it and forget it' mentality for backups no longer works. As Michael Cade says, World Backup Day itself needs to evolve:
'Like backups themselves, World Backup Day needs to level up and evolve. It sparks great conversation, but it needs to go beyond talking just backups in isolation and cover the full data resilience picture.'
In today's volatile digital landscape, businesses need to think beyond traditional backups. Checklists and automated reports are not enough. You need resilience, the ability to not only back up but to bounce back quickly.
Key Takeaways to Keep Your Backups from Failing
Test your backups regularly – Never assume a backup is safe until you've verified you can restore critical data. Adopt the 3-2-1 rule – Keep three copies of your data on two different media, with one copy offsite and ideally air-gapped. Embrace immutability – Ensure backups cannot be changed or deleted, no matter who gains access. Simulate real-world attacks – Regularly run disaster recovery drills to measure how fast you can restore operations. Secure your backup environment – Use multi-factor authentication, encrypt backups in transit and at rest, and restrict admin access.
As Rick Vanover says, resilience never goes out of style, and when it comes to backups, it's the only way to ensure your business survives the unexpected.