What Data Should You Back Up
What Data Should You Back Up

Photo by Pixabay on Pexels
Not all data is equal. Backing up everything wastes storage and time; backing up too little risks losing critical information. Let's walk through a systematic approach to identifying what to protect.
Tier 1: Critical Data (Must Back Up)
These are the files and systems your business cannot operate without. Losing them means immediate downtime and potential closure:
- Customer databases — CRM data, customer contact info, order history.
- Financial records — Accounting databases, invoices, tax records, payroll data.
- Business documents — Contracts, legal agreements, employee records, intellectual property.
- Application data — Website content, application databases, configuration files.
- Email and communications — Email archives, chat logs, voicemails (often required for compliance).
Tier 2: Important Data (Should Back Up)
Losing these causes significant disruption but may not halt operations immediately:
- Project files — Source code repositories, design files, marketing materials.
- System configurations — Server configs, network device configs, firewall rules. Recreating these from scratch takes hours.
- Employee workstations — Documents, spreadsheets, presentations on local drives that aren't on the server.
Tier 3: Replaceable Data (Optional)
These can be re-downloaded or regenerated, but backing them up saves time:
- Software installers and packages (can re-download).
- Operating system images (can reinstall, though backups save hours).
- Cache and temporary files (skip entirely — they waste backup space).
How to Audit Your Data (Step by Step)
- Inventory your servers: SSH into each and list key directories:
ls -la /home /var/www /opt /etc. - Ask department heads: "If you lost everything on your computer today, what would you need back within 24 hours?" Their answers define Tier 1.
- Check application data: For web apps, identify the database and uploaded files directories. For Docker, back up volumes with
docker run --rm -v myvolume:/data -v /backup:/backup alpine tar czf /backup/myvolume.tar.gz /data. - Export cloud data: Google Workspace data can be exported via Google Takeout. Microsoft 365 via the Compliance Center's export tools.
- Document your backup scope: Create a spreadsheet listing each data source, its location, its tier, and its backup schedule.
Don't Forget These Easily Overlooked Items
- SSL certificates and private keys — If lost, your website goes down and you must re-issue certificates.
- API keys and credentials — Stored in password managers like Bitwarden or Vault, back up the vault itself.
- DNS zone configurations — If you self-host DNS, losing zone files can take your domain offline.
- Calendar and contacts — Often synced but not backed up separately. Export regularly as .ics/.vcf.
- Database transaction logs — For databases, back up not just the data files but also WAL/binlog files for point-in-time recovery.
Key Takeaways
- Tier your data: critical (must), important (should), replaceable (optional). This saves storage and ensures the right data is protected first.
- Don't forget system configs, certificates, and credentials — they're critical but often overlooked.
- Conduct a data audit with department heads to identify what truly matters.
- Document your backup scope in a spreadsheet — it's your recovery roadmap when things go wrong.
What Data Should You Back Up

Photo by Pixabay on Pexels
Not all data is equal. Backing up everything wastes storage and time; backing up too little risks losing critical information. Let's walk through a systematic approach to identifying what to protect.
Tier 1: Critical Data (Must Back Up)
These are the files and systems your business cannot operate without. Losing them means immediate downtime and potential closure:
- Customer databases — CRM data, customer contact info, order history.
- Financial records — Accounting databases, invoices, tax records, payroll data.
- Business documents — Contracts, legal agreements, employee records, intellectual property.
- Application data — Website content, application databases, configuration files.
- Email and communications — Email archives, chat logs, voicemails (often required for compliance).
Tier 2: Important Data (Should Back Up)
Losing these causes significant disruption but may not halt operations immediately:
- Project files — Source code repositories, design files, marketing materials.
- System configurations — Server configs, network device configs, firewall rules. Recreating these from scratch takes hours.
- Employee workstations — Documents, spreadsheets, presentations on local drives that aren't on the server.
Tier 3: Replaceable Data (Optional)
These can be re-downloaded or regenerated, but backing them up saves time:
- Software installers and packages (can re-download).
- Operating system images (can reinstall, though backups save hours).
- Cache and temporary files (skip entirely — they waste backup space).
How to Audit Your Data (Step by Step)
- Inventory your servers: SSH into each and list key directories:
ls -la /home /var/www /opt /etc. - Ask department heads: "If you lost everything on your computer today, what would you need back within 24 hours?" Their answers define Tier 1.
- Check application data: For web apps, identify the database and uploaded files directories. For Docker, back up volumes with
docker run --rm -v myvolume:/data -v /backup:/backup alpine tar czf /backup/myvolume.tar.gz /data. - Export cloud data: Google Workspace data can be exported via Google Takeout. Microsoft 365 via the Compliance Center's export tools.
- Document your backup scope: Create a spreadsheet listing each data source, its location, its tier, and its backup schedule.
Don't Forget These Easily Overlooked Items
- SSL certificates and private keys — If lost, your website goes down and you must re-issue certificates.
- API keys and credentials — Stored in password managers like Bitwarden or Vault, back up the vault itself.
- DNS zone configurations — If you self-host DNS, losing zone files can take your domain offline.
- Calendar and contacts — Often synced but not backed up separately. Export regularly as .ics/.vcf.
- Database transaction logs — For databases, back up not just the data files but also WAL/binlog files for point-in-time recovery.
Key Takeaways
- Tier your data: critical (must), important (should), replaceable (optional). This saves storage and ensures the right data is protected first.
- Don't forget system configs, certificates, and credentials — they're critical but often overlooked.
- Conduct a data audit with department heads to identify what truly matters.
- Document your backup scope in a spreadsheet — it's your recovery roadmap when things go wrong.
There are no comments for now.