Backup that actually restores
Untested backups are not backups. Whether it's M365 data, file servers, endpoints, or virtual machines, we design backup and DR that's immutable, offsite, regularly tested, and documented properly. So that the day you need it, you already know it works.
Talk to us about backupBackup that earns its keep before the bad day.
Offsite, immutable, ransomware-resilient
Backups that an attacker can't encrypt or delete. Immutability is now the baseline, not a nice-to-have, because every serious ransomware crew targets backup systems first.
Restore testing, not just backup checking
"The backup job completed" is not the same as "the data will come back". We schedule and run real restores against a sample of your data, document the result, and surface failures before they matter.
Recovery runbooks for the day it matters
A written DR plan, a contact tree, restore priority order, and a runbook for the first 24 hours. So that whoever's awake at 3am is following a plan instead of improvising.
Who backup & DR work is for
Backup is the dullest topic in IT and the one that's most often skipped. We work with businesses that have either had a near-miss with a restore, are about to be asked to prove their recovery capability, or have just realised that their existing backup hasn't been touched in two years.
You rely on M365 or Workspace and assume the platform backs you up
It doesn't. Microsoft and Google replicate for service availability, not for your protection. Their retention windows are short, and deleted SharePoint sites, mailboxes, and Drives are gone faster than you'd guess.
You've had a backup fail when you actually tried to restore
The classic. The dashboard said green for years, but when something broke, the restore didn't. We rebuild backup from the restore end first, not from the backup end.
You're still on a USB-drive or tape rotation someone set up in 2014
Time to retire it. We modernise the lot: cloud, immutable, encrypted, automated, monitored. No more swapping disks on a Friday, no more wondering if it's working.
You hold client data and need to prove recovery capability
Customer security questionnaires now routinely ask about backup, RTO, RPO, and recovery testing. We build the answer you can give honestly because the work is actually being done.
You want to sleep through a ransomware attack
You won't sleep through it, but the recovery shouldn't keep you up for a week. Good backup turns a five-day incident into a two-day incident. That's the actual ROI.
Everything that needs covering. End to end.
Microsoft 365 backup
Exchange, OneDrive, SharePoint, Teams, OneNote. Long retention, granular restore, immutable copies. See our Microsoft 365 service for the full M365 picture.
Google Workspace backup
Gmail, Drive, Calendar, Contacts, shared drives. Same protection model, configured for Workspace. See our Google Workspace service.
Endpoint backup
Mac and Windows endpoint backup for users who keep work locally. Quietly running in the background, with self-service restore for the small stuff.
Server and VM backup
On-prem and cloud VMs, file servers, application data, line-of-business systems. Image-level and file-level recovery, with bare-metal restore where it matters.
Immutable offsite retention
3-2-1, modernised. Local copy for fast restore, offsite cloud copy that can't be touched by ransomware, retention policy that survives a compromised admin account.
Scheduled restore testing
Quarterly test restores against a sample of your environment, documented and reviewed. Failures get fixed. Successes get logged so you have something to show a customer auditor.
DR plan and runbooks
Documented disaster recovery plan, contact tree, system priority order, and a runbook for the first 24 hours. Written for the person who has to use it under pressure.
RTO and RPO planning
Per-system targets agreed with you, not invented in a vacuum. The design follows what the business actually needs, not a generic best-practice template.
Backup design that's been used to recover, not just to demo
We've designed and operated backup across multiple agencies inside a publicly listed group, where a lost dataset would have been a board-level event. We've done real restores under real pressure. That experience changes the design: where the test cases sit, what gets monitored, what immutability buys you, and what the runbook needs to look like when the person reading it has been awake for twenty hours.
How backup & DR engagements work
Most backup work falls into three patterns. A backup review is a one-off audit of what you've got, with a prioritised plan to fix the gaps. A backup rebuild is a scoped project to put the right design in. Managed backup is retained ongoing: tooling, monitoring, scheduled restore testing, and runbook maintenance. Almost everyone we work with ends up on the managed model because backup that no one is looking at goes stale within months.
Simple as it should be
We audit what you have
Existing backup, retention, immutability posture, restore history, and DR documentation. We map where you are and where you should be.
We design and rebuild
Per-system backup policy, immutability, offsite retention, RTO/RPO agreed with you. Then we execute and document.
We monitor and test
Daily monitoring, quarterly test restores, annual DR runbook review. Backup is a process, not a product. We run the process.
Frequently asked questions
Doesn't Microsoft already back up my Microsoft 365 data?
No. Microsoft replicates your data for service availability, which protects them from datacentre failure. They're explicit that customer data protection is your responsibility. Native retention is short (typically 30-93 days depending on the data type) and is not designed for accidental deletion, ransomware, rogue admins, or anything that needs long-term restore. Proper third-party backup is the only sensible answer.
Is OneDrive or SharePoint version history enough?
Version history protects you from a user editing a file badly. It doesn't protect you from ransomware that encrypts everything (versions get encrypted too), from a deleted SharePoint site after the retention window expires, or from a compromised admin who clears the recycle bin. Version history is useful, but it's not backup.
What does immutable backup actually mean?
Immutable means write-once: once a backup copy is written, nothing can change or delete it for a defined retention period, not even an administrator. This is the single most important defence against ransomware that targets backup systems. We build immutability into every backup design we deliver.
How often should we test restores?
Quarterly at minimum for the workloads that matter. Backups that have never been restored are theoretical. We run scheduled test restores, document the results, and surface failures so they get fixed before they matter.
What's a sensible RTO and RPO for our business?
RTO is how long you can be down. RPO is how much data you can afford to lose. Both vary by system: email might be 4 hours RTO and 1 hour RPO, the finance system might be 1 hour and 15 minutes, an archive might be 7 days. We help you set realistic targets and then design backup and DR around them, rather than picking numbers that sound impressive.
Backup & DR across Kent and London
Same backup practice, framed for your area. Looking at the broader security picture? See cyber security.
Get the backup sorted
Have a conversation about what you're actually protecting, and whether the current setup would survive a real incident. No hard sell, no scaremongering.