Add regular testing of your backup file system to your routine

Originally published March 10, 2022

July 9, 2025

This post was originally published in March 2022 around daylight savings time. We've recently updated the Backup and Recovery Best Practices resource for the 2025 reporting year. You can find the new guide in SAO’s Resource Library. We've also updated the links in this post for your convenience.

What's new:

• Expanded information on the 3-2-1 backup rule and storing backups off-site 
• New section focused on identifying your most significant disaster risks, including region-specific threats for Washington 
• Added guidance on testing your backups to ensure they work, choosing a recovery site location for emergencies and having a storage strategy to protect data during regional events 
• Expanded advice for training staff and conducting annual reviews

Original article below.

========

Daylight saving time: Add testing your backup file system to your time change routine

This weekend marks the start of daylight-saving time, and we all know the drill: Change your clocks and the batteries in your smoke alarms. But how often are you testing your government's backup file system? With the rapid rise in phishing and ransomware schemes, the biannual time change can also serve as a handy reminder to perform this critical task.

First, you need to have a backup file system

A backup file system provides a secure archive of your government's data. Should your government experience a data loss caused by a ransomware attack, natural disaster, or just a simple hardware failure, a backup file system will allow you to restore your data quickly and seamlessly. Being able to restore the data quickly enables your organization to minimize the effect on business, reduce loss of customer confidence, and avoid paying ransom demands.

Next, you need to test that system

If your government routinely performs data backups, that's a solid first step. But you also need to test that backup system periodically to ensure you can retrieve your data when you need it. It's not uncommon to think your backup is working well, only to find out it didn't run properly or can't be recovered. This step is key to averting a larger disaster that will be costly for your government.

Finally, you need to test your backup files

We recommend that you make multiple copies of your backup files—keep one copy on-site and another off-site or in the cloud. To test your files:

• Take a copy of the backup files and place it in a location you can access from your workstation
• Try to open different document types like PDF files, Word documents, and Excel spreadsheets
• Check the files and ensure that all the information you expect to use is readable
• Test files from each backup copy and location to ensure they are working properly

After you've tested your backup files, inspect your backup equipment so that you can identify any other issues before it's too late.

Performing regular data backups gives your government peace of mind, but testing your system when we spring forward and fall back ensures that you can retrieve your data and continue operations if an emergency occurs.

For additional tips on disaster recovery and creating data backups, download SAO's Backup and Recovery Best Practices guide.

How to reach us for more assistance

Do you have questions about cybersecurity? SAO's Center for Government Innovation has a cybersecurity specialist available to talk with you about best practices and resources. For assistance, reach out to us at Center@sao.wa.gov.