Small Business IT Backup Plan: A Haddington Guide

What a working backup plan looks like for small businesses around Haddington and East Lothian — what to back up, where, and how to test it really works.

16 June 2026 8 min read Business IT Alex M.
Small Business IT Backup Plan: A Haddington Guide

Most of the small business IT calls we take from Haddington and the wider East Lothian aren't about broken computers — they're about lost data. An accountant's workstation drive fails the week before a VAT deadline. An architect's project folder disappears after a Windows update. A consultancy's shared drive gets encrypted by ransomware on a Friday afternoon. In every one of those calls there's a backup conversation, and in roughly half of them the backup that the owner thought existed wasn't really a backup at all. This guide walks through what a working small-business backup plan actually looks like — the kind we set up and recommend through our business IT support work.

It's written for the typical Haddington-area small business: somewhere between two and fifteen people, a couple of shared folders, one or two critical applications, and no dedicated IT person on staff. If that's you, the rest of this is worth ten minutes.

Sync Is Not a Backup

This is the single biggest mistake we see, and it's the one that hurts most. OneDrive, Dropbox, Google Drive and iCloud are sync services. They keep the same files on multiple devices in real time. If a file changes on your laptop, it changes in the cloud a few seconds later — and on every other device the account is signed into.

That's not a backup. That's a copying machine. If a file gets corrupted, encrypted by ransomware, or accidentally overwritten, the corruption syncs everywhere too. A real backup is a separate copy you can restore from a point in time, even after the original is gone.

We had a small practice near Haddington bring in a workstation last winter convinced they were "fully backed up to OneDrive". The SSD had failed mid-week, and their assumption was that everything would be on the cloud. Most of it was — but a folder of working drawings updated that morning had synced into a half-written state, and when we recovered the older copies from the SSD's spare blocks the version history in their plan only stretched back thirty days. They lost a working week to file reconstruction. The conversation we should have had with them was about versioned backup, not sync.

The 3-2-1 Rule — and Why It Still Matters

The 3-2-1 rule is old, slightly nerdy, and still the simplest way to describe a backup plan that survives the real world:

  • 3 copies of the data — the live working copy plus two backups.
  • 2 different media or destinations — for example, an external drive and a cloud account. If both copies are in the same place, one event can take them both out.
  • 1 copy off-site — somewhere that survives a fire, a flood, a theft, or a ransomware event that touches the office network.

For a small business with one or two workstations, that usually looks like: live data on the PC, a versioned image to a NAS or external drive in the office, and a cloud backup off-site. For a slightly bigger team, the local copy becomes a shared NAS or server, and the cloud copy becomes a true backup service rather than a sync folder.

What Actually Needs Backing Up

Not everything is equal. The mistake at the other extreme is trying to back up everything and then giving up because it's too slow or too expensive. A working plan separates data into tiers.

  • Tier 1 — irreplaceable. Client files, financial records, contracts, original photography and drawings, your accounting database. Lose these and the business genuinely stops. Back these up daily, versioned, with at least one off-site copy.
  • Tier 2 — recreatable but painful. Email archives, configuration files, installed-software licence keys. Back these up weekly. Cloud email services usually keep this for you, but verify before you rely on it.
  • Tier 3 — the operating system and apps. These are replaceable. An image-level backup of the system drive is useful for fast restore after hardware failure, but it isn't the priority.

If you only have time to get Tier 1 right, do that. It's most of the value.

Cloud vs Local — Choosing the Right Mix

A cloud backup service (a proper one, not a sync folder) is the easiest off-site copy a small business can have. It runs in the background, keeps versions, and survives an office fire. The downside is that a full restore over a Scottish broadband line can take days, which is painful if a workstation dies on a deadline.

A local backup — a NAS or a rotated external drive — gives you fast restores. You can rebuild a failed workstation in an afternoon rather than waiting for hundreds of gigabytes to come down the line. The downside is that anything that destroys the office (theft, fire, flood, a ransomware event that reaches the NAS) destroys this copy too.

The right answer for almost every small business is both. Local for speed, cloud for resilience. If we set this up under business IT support, that's the shape we aim for. The remote monitoring side runs through our remote support tooling so we know when a backup job fails before you do.

The Restore Test Most Businesses Skip

A backup you've never restored from isn't really a backup — it's a hope. The job that catches more businesses out than any failed drive is the day they finally try a restore and discover the backup has been silently failing for months. Mailbox quota full, NAS drive failed without alerting, encryption key forgotten, cloud account suspended for an unpaid card.

The fix is dull but cheap: a real restore test once a quarter. Pick a random file from last month, restore it to a spare folder, and open it. Once a year, restore a whole machine image into a spare laptop or a virtual machine and check it boots. Put it in the calendar. Most small businesses we look after across Haddington, Tranent and North Berwick don't do this until we sit down with them — and almost every first restore test we run together finds something.

Common Backup Failures We See on the Bench

Patterns from the workshop and from callouts across East Lothian:

  • Modern NVMe SSDs failing with little warning. Spinning hard drives usually announce themselves — clicks, slow boots, the SMART warnings Windows surfaces. Modern NVMe drives often go from "fine" to "the BIOS doesn't see it" overnight. If your backup plan assumes you'll get a warning, it's already weak.
  • Backup on the same machine as the original. A second partition, a "backup" folder on the C: drive, a USB stick permanently plugged in. None of these survive a drive failure or a ransomware event. The backup destination has to be a separate device.
  • Old backup software pointed at a folder no one writes to any more. The business moved its working files to a new shared drive a year ago. The backup is still dutifully backing up the empty old one.
  • Cloud backups silently paused. Trial expired, payment card replaced, password change broke the service. The icon still looks green, but nothing's actually uploading.
  • NAS drive failed without anyone noticing. Most NAS units handle a single drive failure gracefully — but only if someone is reading the email alerts. If the alerts go to an old staff address, the second drive failure is the one you discover.

Decommissioning Old Drives Safely

When you replace a workstation or retire a backup drive, the old disk is full of business data. "Format and bin" doesn't wipe it. A standard drive can be wiped with built-in tools; an SSD needs a secure-erase command or physical destruction to be genuinely clean. We handle this end-to-end through our IT recycling and e-waste disposal service — drives are wiped to a recognised standard or physically destroyed, with a certificate for your records. For a small business, that's usually the cleanest way to retire kit without leaving customer or financial data sitting in someone else's hands.

Frequently Asked Questions

Questions we hear from small business owners across Haddington and East Lothian when the backup conversation comes up.

  • Isn't Microsoft 365 enough on its own? Microsoft is responsible for keeping its service running. It is not responsible for protecting you from your own mistakes — deleted-by-accident files past the retention window, mailboxes overwritten, ransomware that spreads through synced folders. A separate backup of your Microsoft 365 data is increasingly standard for serious small businesses.
  • How much does a small business backup plan need to handle? Less than people think. Most of the small offices we look after fit comfortably in tens to a few hundred gigabytes once you exclude operating systems and re-downloadable software. The hard part isn't the data volume — it's setting things up so they keep working on their own.
  • What about ransomware specifically? The defining feature of a ransomware-resistant backup is that the backup destination cannot be modified or deleted by the workstation that's being backed up. "Immutable" cloud backup tiers and properly air-gapped local copies meet that bar; a USB drive permanently mounted as D:\ does not.
  • Do you cover businesses outside Haddington? Yes — we cover all of East Lothian, Edinburgh and the wider Lothians, including Musselburgh, Tranent and North Berwick, plus remote support across Scotland.

Getting a Backup Plan That Actually Works

The pattern, in one line: separate destinations, versioned, off-site, tested. That's the gap between a plan that survives the first real incident and one that quietly fails the day you need it. If you'd rather have someone sit down, look at what you've got, and design something that fits the way your business actually works, that's exactly the conversation our business IT support team has with small businesses across Haddington and the rest of East Lothian. Book a consultation online and we'll come and look — and the first thing we'll ask is when you last did a restore test.

Last updated: 16 June 2026

Frequently Asked Questions

Common questions we hear about small business backup across Haddington and East Lothian.

Microsoft and Google keep the service running, but they aren't responsible for protecting you from your own mistakes — deleted-by-accident files past the retention window, mailboxes overwritten, or ransomware spreading through synced folders. A separate backup of your 365 or Workspace data is increasingly standard for serious small businesses.

A quick file-level restore test every quarter, and a full machine-image restore once a year into a spare laptop or virtual machine. Most first-time tests find something — a quota full, a NAS drive degraded, a paused cloud job — which is exactly why testing matters.

The defining feature of a ransomware-resistant backup is that the destination can't be modified or deleted by the workstation that's being backed up. Immutable cloud tiers and properly air-gapped local copies meet that bar; a USB drive permanently mounted as D:\ does not.

Yes — we cover all of East Lothian and the wider Lothians, including Musselburgh, Tranent, North Berwick and Dunbar, plus on-site visits across Edinburgh and remote support further afield in Scotland.

Backup Plan That Actually Works? Let's Build One.

We design and look after backup, monitoring and continuity for small businesses across Haddington, East Lothian and Edinburgh.

Book a Consultation Contact Us