最新您知道哪些法規適用於貴公司嗎?3 分鐘內即可確認。我們誠摯的禮物:歐盟法規工具韓國法規工具
我們能為您做什麼?

透過以下方式傳訊

KakaoTalkLINE

48 小時內回覆

傳送電郵給我們 →
部落格
Why Untested Backups Fail
中小企業安全

Why Untested Backups Fail

2026年7月16日·Alex Holmquist, Panke IT Solutions LLC

I am assuming you have backups for your critical data (if you don't, please stop reading and go make backups!). The question I have is: when was the last time you tested your backups? From start to finish, onto a clean machine, opening the files to check they were actually there? For most small companies the honest answer is: "never". The gap between an untested backup and a tested one is what decides whether the next ransomware note means a bad week or the last week of the business. Here's what to test and what to prepare if you want to survive an attack.

A small-business owner calmly connecting a labeled offline backup drive to a laptop in a workshop, an amber warning light glowing behind them — recovery underway as a practiced routine.

Everyone has a "backup". Few have a "recovery".

A backup you have never restored is a guess about the future, and you find out whether it was a good guess at the worst possible moment.

Last year, in companies whose data was encrypted by ransomware, 97% eventually got it back — but only 54% recovered from their own backups, the lowest rate in six years, and 49% paid the ransom anyway.

Sophos, The State of Ransomware 2025: backups were used in just over half of recoveries, while nearly half of victims paid.

Most of the companies that paid had backups. The backups just weren't there when it counted — stale, sitting on a drive the attacker also encrypted, or never once tested.

The same backup drive in two fates: dusty and unplugged on a shelf (an assumption) versus plugged into a laptop mid-restore (a recovery).

The cheapest thing on your security list

Cloud storage and an external drive are cheap. The expensive part is the thinking.

YOU are the one responsible for your Disaster Recovery Plan. If you're a CTO yourself, or you've hired one, let them make the call — but the conversation between the CEO and CTO still needs to happen. It will save you countless hours of pain in the future.

Sit down and get it over with in an afternoon, this is not the type of project that takes months to complete.

Write the plan: what, where, who, how long

Keep it to one page.

  1. What comes back first. List the handful of systems the business genuinely can't run without, in order. You restore those before anything else.
  2. Where the safe copy lives. At least one copy offline or immutable — a version the same attack can't reach or overwrite.
  3. Who runs it. A named person, with the access and the steps written down, so recovery doesn't depend on one busy founder being reachable.
  4. How long you can survive without it. How old a copy you can accept, and how many hours down you can absorb before it hurts. Plain numbers, no jargon. This will determine how frequently you need to back up your data.

A single-page disaster recovery plan on a desk, hand-written with a heading and four short lines: what comes back first, where the safe copy lives, who runs the restore, and how long the business can be down.

Test the restore

Once a quarter, restore your critical systems onto a spare machine, time how long it takes, and open the files.

The first test always finds something — an incomplete backup, a missing password, a step only one person knew. If the first test works, I would question the quality of the test. A failing test is doing its job. You want to find issues on a quiet Tuesday, while nothing is on fire.

Do this before you buy a single tool

Antivirus, EDR, firewalls — every one of them assumes you survive the day it fails to stop something. A tested recovery plan is what makes that assumption true, and it comes before any of them.


When did you last actually restore from a backup and watch the files open? If you're not sure, that's the first thing to fix this week.

If you'd rather not find out your backups don't work during a real incident, we are here to help. We help small teams pressure-test their recovery plan — pankeit.com.

References

  1. Sophos, The State of Ransomware 2025: https://www.sophos.com/en-us/blog/the-state-of-ransomware-2025
擔心您的攻擊面暴露風險?

若想了解您的基礎設施在攻擊者掃描模型中的評分,請聯絡 contact@pankeit.com,進行攻擊面評估。

訂閱我們的部落格

掌握最新資安趨勢

絕無垃圾郵件,隨時可取消訂閱。

©2026 Panke IT Solutions LLC

Austin, TX