What's your real backup TCO? Most organizations focus on software licenses, hardware, and cloud storage when budgeting for backup infrastructure. But those are just the visible costs. The true backup TCO includes something far more expensive: the humans managing it all.

In this episode, Curtis and Prasanna break down the complete picture of backup costs. They explore why soft costs—the labor, the troubleshooting, the daily monitoring—often exceed what you're paying for technology. With studies showing over half of environments spend more than 10 hours weekly on backup management, those labor dollars add up fast.

The discussion covers cloud storage pitfalls (especially with object lock and retention policies), why automation is your best friend, and whether SaaS-based backup might actually save you money. Curtis shares his infamous 1993 story about losing a production database – the origin story of Mr. Backup himself. If you're looking to get a handle on your backup TCO, this is the episode for you.

Ransomware attacks on backups have reached epidemic levels, with 96% of attacks now targeting backup infrastructure. In this episode of The Backup Wrap-up, Curtis Preston and Prasanna Malaiyandi break down the alarming statistics and explain why cybercriminals have made your recovery systems their primary target.

The math is simple: if attackers destroy your backups, you're far more likely to pay the ransom. And with only 25% of organizations feeling prepared for ransomware attacks on backups, the gap between threat and readiness is massive.

Curtis and Prasanna discuss two studies revealing these numbers, explore why less than 7% of companies recover within a day, and outline practical defenses including true immutability, separate identity management systems, and MFA. If you're not protecting your backup infrastructure from ransomware attacks on backups, you're leaving yourself wide open.

Building a cyber security team isn't optional anymore; it's the difference between recovering from ransomware and going out of business. In this episode, Curtis and Prasanna explain why hardening your backup infrastructure is only half the battle. You need professionals who know how to configure XDR systems without drowning you in false positives, blue teams to defend your environment, and red teams to test whether your defenses actually work. They cover the role of MSSPs, incident response planning, cyber insurance requirements, and why attempting ransomware response on your own is like those old TV warnings: "Don't try this at home." If you've been following their series on backup basics and system hardening, this episode ties it all together with the human element that makes or breaks your recovery plan.

Want to know how to build an resilient backup system that protects from ransomware attacks? In this episode, Curtis and Prasanna go beyond the basics to discuss four critical security features every modern backup system needs. Building on feedback from their previous episode about backup fundamentals, they cover multi-factor authentication (and why SMS doesn't cut it anymore), secure remote access methods, role-based access control, and when to bring in managed security service providers. The hosts explain why the person with full backup system access is literally the most powerful person in your company from a data destruction standpoint. If ransomware is your number one recovery scenario—and it is—then these security hardening techniques aren't optional. They're survival skills for your backup infrastructure.

Every backup system needs certain design elements to actually work when disaster strikes. In this episode of The Backup Wrap-up, W. Curtis Preston (Mr. Backup) and Prasanna Malaiyandi break down the 10 non-negotiable components your backup system must have. They cover the 3-2-1 rule, automated scheduling, recovery testing, defined RTOs and RPOs, backup security, SaaS protection, documentation, retention policies, monitoring, and endpoint backup. If your backup system is missing any of these elements, you're taking risks you can't afford. Curtis and Prasanna share war stories from real disasters and explain why no one cares if you can back up - they only care if you can restore. This fast-paced episode gives you the checklist every IT professional needs to evaluate their current backup approach.

The 3-2-1 rule is dead. Long live 3-2-1-1-0. For decades, the 3-2-1 rule has been the gold standard for backup strategies - three copies of your data, on two different media, with one copy somewhere else. But ransomware killed it. Not because the fundamentals were wrong, but because threat actors learned to target backups specifically. In this episode, Curtis and Prasanna explain why the traditional 3-2-1 rule isn't enough anymore and what the evolution to 3-2-1-1-0 means for your backup strategy. The extra "1" stands for one immutable, air-gapped copy that attackers can't delete or encrypt. The "0" means zero failures - your backups must actually work when you need them. You'll learn why SaaS platforms don't meet the 3-2-1 rule, how to think about immutability in the cloud era, and why this upgrade isn't optional if you want to survive a ransomware attack.

Our interview with Peter Krogh, the one who coined the term:

https://www.backupwrapup.com/peter-krogh-who-coined-the-3-2-1-rule-on-our-podcast/

Want to know how much data you're really willing to lose? We're breaking down recovery point objective RPO - the agreement about how much data loss you can accept, measured in time. Most organizations have RPOs that are pure fantasy, claiming they can only lose an hour of data when they're backing up once a day. Curtis and Prasanna discuss why RPO matters, how ransomware scenarios can force you to accept more data loss than planned, and the difference between your stated RPO and your actual backup frequency. Learn practical strategies for rightsizing your backup schedule, using database transaction logs to minimize data loss, leveraging snapshot-based backup technologies, and protecting your SaaS applications like Microsoft 365 and Salesforce. From incremental backups to continuous data protection, discover how modern backup technology can help you meet your recovery point objective RPO targets without overwhelming your infrastructure.

Most IT teams can't meet their recovery time objective—and they don't even know it. In this episode of The Backup Wrap-up, Curtis and Prasanna explain why your RTO is probably fantasy, who should actually be setting it (hint: not you), and what recovery time actual really means. We cover the critical difference between objectives and reality, why testing is non-negotiable, and how to have honest conversations with business leadership about what's achievable. Learn about DR drills, chaos engineering, tabletop exercises, and why measuring your actual recovery times is the only way to close the gap. Stop feeling like a failure and start building realistic, tested recovery plans that actually work when disaster strikes.