Choosing a backup system rarely comes down to the price of the licence. It comes down to the question of whether, after a failure, you get back to work in an hour, in a day, or not at all. Below I show which criteria are worth being guided by before you sign up for yet another tool.

Start with the data, not the tool

Before you compare products, answer a simple question: what exactly are you protecting and how quickly do you need to recover it.

  • Make a list of critical systems and data: servers, databases, email, files, line-of-business applications.
  • For each item set an RTO, that is the acceptable time to get back to work.
  • Set an RPO, that is how much data you can lose, counted in minutes or hours.

Only with those numbers do you know whether a copy once a day is enough, or whether you need replication every few minutes. They, not the vendor’s leaflet, define the requirements.

Scope: what the tool can cover

A common mistake is backing up only the servers, when half the company’s data sits in the cloud.

  • Check whether the solution covers physical and virtual servers.
  • Make sure it supports your virtualisation, for example Proxmox or VMware.
  • Verify support for Microsoft 365 or Google Workspace, because that is not covered by default.
  • Pay attention to databases, which require application-consistent copies, not a plain file dump.

Resilience to ransomware

This is the most important criterion today, and at the same time the most often overlooked.

A modern attack first looks for the backup and tries to destroy it. A copy reachable with ordinary domain credentials disappears along with production in a serious attack.

That is why you should ask specifically about the mechanisms that protect the copies:

  • Immutability, that is a copy that cannot be deleted or overwritten for a set period.
  • Separation from the domain and everyday credentials.
  • A copy outside the main location, in line with the 3-2-1 rule.

Recovery, the crux of the matter

A backup exists in order to restore data, so judge it by how it restores.

  1. What restoring a single file looks like, and what restoring a whole server looks like.
  2. Whether a machine can be started directly from the copy to shorten downtime.
  3. How long a real restore of critical data takes and whether it fits within your RTO.
  4. Whether the tool lets you test recovery without touching production.

If the provider cannot show a test restore, that is a warning sign.

Management and monitoring

A system that quietly stops making copies is worse than not having one, because it gives a false sense of security.

  • Alerts about failed jobs, sent where someone will read them.
  • Clear reports that can be shown at an audit.
  • A simple console, so managing it does not require a specialist at every step.

Cost counted honestly

The price of the licence is the beginning. Count the whole: storage space for the copies, transfer, any cloud, administrator time, the cost of the downtime you avoid. A cheap tool that fails during an outage turns out to be the most expensive.

Summing up the choice

A good backup system is one that covers all the important data, protects the copies against deletion, fits within your RTO and RPO, and lets you test recovery regularly. The rest is add-ons.

If you want to translate these criteria into a concrete solution matched to your company, see how we deliver server backup and how we combine it with a disaster recovery plan. We will gladly help you choose something that actually restores data, rather than just copies it.