A backup is not judged when it runs, but when you restore. We apply the 3-2-1 rule — three copies of your data, on two different media, one of them off site — to the servers, workstations and Microsoft 365 data of companies in Paris and Île-de-France. Retention matched to your obligations, immutable copies and documented restore tests complete the setup.
The jobs run, the indicators are green, and nobody has ever restored anything. On the day of the disaster, you discover missing data, a corrupted copy or a restore that takes days. An untested backup is nothing more than an assumption.
02
Every copy in the same place
A drive plugged into the server, a NAS (network-attached storage) on the same premises: a fire, a theft, water damage or ransomware takes out production and backup at the same time. The off-site copy and immutability exist precisely for this scenario.
03
Microsoft 365 assumed to be backed up
Recycle bins and native retention protect against recent accidental deletion, not against a compromised account, malicious encryption or long-term retention needs. Without a copy independent of the tenant, the company’s email and documents rest on an incomplete safety net.
What we cover
The scope of the service.
01 / SERVERS & WORKSTATIONS
Server and workstation backup
Protection for the data carried by your infrastructure: physical or virtualised servers, business applications and workstations holding local data.
Windows and Linux servers, physical or virtual
Hyper-V, VMware or Proxmox virtual machines
Business applications and databases
Workstations holding local data
Image backup to rebuild a complete server
02 / MICROSOFT 365
Microsoft 365 tenant backup
A copy of your cloud data independent of the tenant, with its own retention: email, files and collaboration spaces.
Mailboxes and calendars
OneDrive files
SharePoint sites and Teams spaces
Granular restore: a message, a file, a site
Retention independent of the native recycle bins
03 / OFF-SITE & IMMUTABILITY
Off-site copies and immutability
The 3-2-1 architecture separates the copies, designed to limit the risk that a single event — disaster, theft, encryption — compromises them all.
Local copy for fast restores
Externalised off-site copy
Immutable copies: cannot be altered or deleted for the defined period
Encryption of backed-up data
Segregated access to the backups
04 / RETENTION & TESTS
Retention, monitoring and restore tests
A backup has to be operated: a retention policy matched to your obligations, monitoring of the jobs and documented trial restores.
Retention policy matched to your record-keeping obligations
Job monitoring and failure handling
Scheduled, documented restore tests
Data loss (RPO) and recovery time (RTO) objectives formalised in the contract
Reporting at regular check-ins
How we proceed
From scoping to follow-up.
The exact scope, deliverables and timelines are formalised in the proposal, before any commitment.
1
Data audit
Inventory of servers, virtual machines, workstations and Microsoft 365 data; identification of critical data, volumes and retention needs.
2
Backup plan design
A 3-2-1 architecture matched to your context: media, off-site copy, immutability, retention and recovery objectives, presented with their costs so you can arbitrate.
3
Implementation
Deployment of the solution, first full backup, set-up of the externalised copy and verification that the agreed scope is covered.
4
Initial restore test
A documented trial restore — a file, a virtual machine, a mailbox — before the service goes into production: proof comes before trust.
5
Operations and control
Monitoring of the jobs, handling of failures, periodic tests at the frequency set in your contract and a review of the policy at regular check-ins.
Frequently asked questions — cybersecurity
The answers describe how the service works. Quantified commitments are formalised in your contract.
It consists of keeping three copies of your data — production plus two backups — on two different types of media, with one copy off site. This separation covers the scenarios that take out production and backup at the same time: a disaster on the premises, theft, storage hardware failure or ransomware. It is the foundation of the setup we deploy, complemented — depending on criticality — by an immutable copy.
Through regular, documented restore tests: actually restoring a file, a virtual machine or a mailbox, then checking the integrity of the result. Checking the logs is not enough — a “successful” job can produce an unusable copy. The frequency of these tests, along with the data loss (RPO) and recovery time (RTO) objectives, is formalised in your service contract.
Not in the sense of a business backup: the shared-responsibility model makes Microsoft responsible for the availability of the platform, and the company for the protection of its data over time. The native mechanisms — recycle bins, default retention — target recent accidental deletion, not a compromised account, malicious encryption or long-term retention needs. A backup independent of the tenant, with its own retention, closes that gap.
It is a copy that can be neither modified nor deleted for a defined period, even with administrator rights. Ransomware attacks often try to encrypt or erase the backups before hitting production, precisely to prevent restoration. The immutable copy is designed to remain usable in that scenario; its immutability period is defined with you during scoping.
The volume of data to protect, the number of servers, virtual machines, workstations and Microsoft 365 accounts, the retention periods, the presence of an off-site copy and immutable copies, and the frequency of restore tests. Reliable pricing requires a prior audit of the actual volumes; it is then formalised in the specific terms of your contract.
The timeframe depends on the scenario — restoring a file or a mailbox is nothing like rebuilding a complete server — as well as on the volumes and the copy used, local or off-site. The recovery time (RTO) and maximum data loss (RPO) objectives are formalised in the specific terms of your service contract: we do not publish timeframes that are not contractual.
Yes. The initial audit assesses the setup in place: the scope actually covered, retention, the existence of an off-site copy and the results of the latest restore tests. What works is kept and documented; what presents a risk is the subject of a reasoned recommendation, with a planned migration if necessary.
Your data and its backups belong to you. The contract sets out the terms of reversibility: hand-back of the data in usable formats, the fate of the copies after the contract ends and support for the incoming provider. These conditions are formalised before the engagement starts, not at the moment of exit.
It contributes to it without being sufficient on its own: backup is part of the technical measures expected for the availability of data and the ability to restore it. Retention periods and the location of the copies are defined during scoping to fit the applicable obligations, in particular retention duration requirements. The legal qualification of your compliance remains something to validate with your counsel or your data protection officer (DPO).