Managed Backups

Your Data. Your Responsibility. Our Protection.

Backup Is Worthless. Recovery Is Everything.

Most Backups Fail Silently. Yours Won't.

What We Do

Ask Niall Technology Services provides managed backup services for small and medium businesses in Dublin. We protect your servers, workstations, Microsoft 365, and Google Workspace data with automated, encrypted, offsite backups — monitored daily and tested regularly to ensure your data can always be restored. Your cloud provider is not responsible for your data. We are.

7,781

DPC breach notifications in Ireland — 2024¹

38%

of ransomware victims paid more because backups failed²

$1.53M

average ransomware recovery cost (excl. ransom)²

24/7

backup job monitoring included as standard

Nobody cares very much about backups — they only care about restoring files.

Why Managed Backup

Three Reasons Your Data Is at Risk Right Now

Most businesses believe their data is protected. Most are wrong. Here's why.

Your Cloud Provider Doesn't Back Up Your Data — You Do

Microsoft and Google operate under a Shared Responsibility Model. They protect their infrastructure. You are responsible for your data — including accidental deletion, ransomware, sync errors, and long-term retention.

Microsoft's own Service Agreement states: "We recommend that you regularly backup Your Content and Data that you store on the Services."

Backups That Aren't Tested Are Just Assumptions

Many businesses discover their backups have been silently failing only when they need to restore. A backup job that reports success is not the same as a backup you can actually recover from.

Sophos (2025): 38% of organisations who paid above the initial ransom demand did so because their backups had failed or were malfunctioning.

Ransomware Targets Backups First

Modern ransomware operators systematically destroy backup infrastructure before triggering encryption. They delete backup agents, compromise admin credentials to access backup consoles, and use sync mechanisms to overwrite clean data with encrypted versions.

Without immutable, air-gapped, or offsite backups managed by a third party, a ransomware attack can leave a business with zero recovery options.

Shared Responsibility

What Your Cloud Provider Covers — and What It Doesn't

Switch between Microsoft 365 and Google Workspace to see exactly where provider responsibility ends and yours begins.

Microsoft 365 Shared Responsibility Model — what Microsoft covers vs. your responsibility
Area	Microsoft's Responsibility	Your Responsibility
Infrastructure	✓ Covered Physical data centre, hardware, power	—
Service Availability	✓ Covered 99.9% SLA, DDoS protection	—
Application	✓ Covered App uptime, updates, patching	—
Data Replication	✓ Covered Geo-redundant replication (for their infrastructure)	—
Identity & Access	✓ Covered Provide MFA, Conditional Access tools	Configure & enforce MFA, manage users, offboard leavers
Data Protection	Recycle Bin (93 days max), Litigation Hold (not a backup tool)	✕ Your responsibility Full backup, point-in-time recovery, long-term retention
Accidental Deletion	✕ Not covered	✕ Your responsibility Must have independent backup
Ransomware / Malicious Deletion	✕ Not covered Encrypted/deleted data is replicated, not restored	✕ Your responsibility Must have immutable offsite backup
Sync Errors	✕ Not covered Corrupted data syncs across all instances	✕ Your responsibility
Compliance / Retention	GDPR certifications, data processor obligations	Data owner obligations — retention policies, GDPR controller duties

Microsoft Service Agreement: "We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services." — Microsoft released its own separate backup solution for M365 data in 2024, further confirming the platform itself does not protect customer data.

Google Workspace Shared Responsibility Model — what Google covers vs. your responsibility
Area	Google's Responsibility	Your Responsibility
Infrastructure	✓ Covered Data centre security, hardware, network	—
Service Availability	✓ Covered Uptime, infrastructure disaster recovery	—
Application	✓ Covered Gmail, Drive, Calendar availability and updates	—
Data Protection	Trash retention (30 days), Google Vault (eDiscovery — not a backup)	✕ Your responsibility Full backup, long-term retention, point-in-time recovery
Identity & Access	✓ Covered Provide 2FA, admin console tools	Configure access controls, manage users, offboard leavers
Accidental Deletion	✕ Not covered	✕ Your responsibility
Ransomware / Malicious Deletion	✕ Not covered	✕ Your responsibility
Compliance / Retention	Data processor, GDPR certifications	Data controller — retention, regulatory compliance

Google Workspace Data Protection Guide: "Data protection is not only the responsibility of the business using Google Workspace services; nor is it only that of Google. Data protection on the cloud is instead a shared responsibility." — Google Workspace has no built-in backup tools. Third-party solutions are required.

Coverage

What We Back Up

Complete coverage across your entire data landscape — from on-site servers to cloud productivity suites.

Servers

Physical and virtual servers backed up automatically with encryption and offsite replication. Full and incremental schedules configured to your RPO requirements.

Workstations

Endpoint backup for desktops and laptops. Critical user data protected even when staff work remotely or off-network.

Microsoft 365

Email, SharePoint, OneDrive, and Teams data backed up independently of Microsoft's platform. Point-in-time recovery available for accidental deletion and ransomware incidents.

Google Workspace

Gmail, Drive, Shared Drives, and Calendar data backed up with independent third-party tools. Restoration available at the item, folder, or account level.

On-Premise Data

File servers, NAS devices, databases, and line-of-business application data. Scheduled backups with offsite copies to protect against local hardware failure or disaster.

Tested Restores

Backup jobs are not just monitored — restores are tested on a scheduled basis. You receive confirmation that your data is genuinely recoverable, not just assumed to be.

Irish Case Study

The HSE Ransomware Attack: What Happens When Backups Fail Under Fire

In May 2021, the Health Service Executive suffered one of the most damaging ransomware attacks in Irish history. The Conti gang exploited a single compromised workstation and spent weeks moving laterally across the network before deploying their payload. Over 80,000 devices were affected and the national healthcare IT infrastructure was effectively shut down for months.

A post-incident review by PwC found that backup and recovery infrastructure was not fit for purpose at the scale required — and that the full restoration process took over four months.

PwC post-incident review (December 2021): Backup and recovery capabilities were identified as a critical gap in the organisation's ability to respond at the speed required.

$600M

Estimated total recovery cost

4+ months

To restore full operations

700 GB

Patient data stolen

$20M

Ransom demanded (not paid)

Other Irish Incidents

Munster Technological University — February 2023. BlackCat/ALPHV ransomware attack shut down IT systems across Cork and Kerry campuses. Student data published online.

Dole Food Company — February 2023. Ransomware attack disrupted North American and European operations. Dole's own SEC filing confirmed "temporary shutdown of production plants."

ION Trading Technologies — February 2023. Ransomware attack on the Dublin-headquartered trading software firm disrupted financial markets across the UK, US, and Europe.

Silent Backup Failure — An Irish MSP Story

Diatec Group, an Irish managed service provider with 90+ customers, replaced their backup solution after discovering their previous tool had been reporting successful backups that had actually failed — silently, over an extended period.

The backups appeared healthy. The data was not there. Diatec moved to MSP360 specifically for verified restore capability.

Source: MSP360 Case Study⁶

Our Process

How It Works

Four steps from initial audit to verified, ongoing protection.

Audit

We map your full data landscape — servers, workstations, cloud services, and databases. We identify what needs protecting, classify data by criticality, and define your Recovery Point Objective (RPO) and Recovery Time Objective (RTO).

Configure

Automated, encrypted, offsite backups configured across all in-scope systems. We apply the 3-2-1 rule — 3 copies, 2 different media types, 1 offsite — with immutable backup options for ransomware resistance.

Monitor

Every backup job is monitored daily. Failures trigger immediate alerts — not end-of-week reports. You are never left with an assumed backup that hasn't actually run.

Test & Restore

Scheduled restore tests confirm that your data is genuinely recoverable. You receive written confirmation of each test. When a real recovery is needed, we execute it — fast.

Who We Support

Sectors We Specialise In

We understand the data protection obligations specific to regulated industries.

Finance & Accountancy

Long-term retention for client records and financial data. Compliance-ready backup policies aligned to Revenue and regulatory obligations. Rapid recovery for month-end and year-end critical periods.

GP Practices & Healthcare

GDPR-compliant backup of patient records and clinical data. Encrypted offsite copies with strict access controls. Backup schedules aligned to HIQA and data protection requirements for healthcare providers.

Growing Businesses

Scalable backup that grows with your business. Whether you're a team of 5 or 50, we build a backup architecture appropriate to your risk profile — without enterprise pricing.

FAQ

Common Questions

Answers to the questions we hear most from Dublin businesses about managed backup.

What is managed backup?

Managed backup is a fully outsourced service where an IT provider handles the configuration, monitoring, and testing of your business backups. Rather than relying on manual processes or hoping your backup software is running correctly, a managed backup service ensures your data is automatically backed up, monitored daily, and restore-tested on a scheduled basis — so you know your data is actually recoverable when you need it.

Does Microsoft 365 back up my data?

No. Microsoft operates under a Shared Responsibility Model. Microsoft is responsible for infrastructure uptime, application availability, and geo-redundant replication of their own systems. You are responsible for protecting your data — including accidental deletion, malicious deletion, ransomware, and long-term retention compliance. Microsoft's own Service Agreement explicitly recommends using a third-party backup solution. Microsoft even released its own separate M365 backup product in 2024, further acknowledging that the core platform does not protect customer data.

Does Google Workspace back up my data?

No. Google Workspace has no built-in backup tool. Google Vault is a compliance and eDiscovery tool — it is not a backup solution. Google's standard trash retention is 30 days. For accidental deletion, ransomware, or any long-term retention requirements, a third-party backup solution is required. Google's own documentation acknowledges shared responsibility for data protection.

What is the 3-2-1 backup rule?

The 3-2-1 rule is the foundational standard for resilient backup: keep 3 copies of your data, on 2 different types of media, with 1 copy stored offsite. This ensures that even if one or two copies are compromised — by hardware failure, ransomware, or a local disaster — you still have a clean, recoverable copy available. We configure all managed backup solutions to meet or exceed this standard.

How often should my business data be backed up?

For most businesses, daily automated backups are the minimum acceptable standard. High-activity environments — such as GP practices, financial services, and businesses processing frequent transactions — may require hourly or near-continuous backups to minimise the Recovery Point Objective (RPO). During your initial audit, we define the appropriate backup frequency based on how much data your business can afford to lose.

What happens if my backups fail and I don't know?

Silent backup failure is one of the most dangerous IT risks a business faces. Many organisations only discover their backups have been failing when they actually need to restore — after a ransomware attack, hardware failure, or accidental deletion. Sophos research shows that 38% of organisations who paid above the initial ransom demand did so because their backups had failed. Managed backup includes daily job monitoring and immediate alerting on failure, so problems are caught and resolved before a crisis occurs.

How quickly can you restore my data after a loss?

Recovery time depends on the scope of the loss and the volume of data involved. We define your Recovery Time Objective (RTO) during the initial audit and configure backup infrastructure to meet it. For most small-to-medium business scenarios — a single mailbox, a file server folder, or a single workstation — we can restore within hours. For larger incidents, we have a tested process. The key difference from unmanaged backup is that when we say we can restore, we've already proven it.

Do you provide managed backup for healthcare and financial services?

Yes. We have specific expertise in backup for GP practices and healthcare providers, and for finance and accountancy firms. We understand the GDPR and sector-specific data retention obligations in both verticals, and we configure backup policies accordingly — including encrypted offsite storage, strict access controls, and retention schedules aligned to regulatory requirements. If you're in a regulated sector and concerned about your current data protection posture, call us for a no-obligation assessment.

Your Data Can't Wait for a Crisis

Get in touch to find out how exposed your business really is — and how quickly we can fix it.

Call Us Now — Free Consultation Tap to reveal number

Sources

Data Protection Commission — Annual Report 2024. dataprotection.ie
Sophos — State of Ransomware 2025. sophos.com
Microsoft Service Agreement — recommendation to back up content and data stored in Microsoft services. Cited inline.
PwC — Post-Incident Review, Health Service Executive, December 2021. Cited inline.
BankInfoSecurity — HSE ransomware attack: $600M cost estimate. Cited inline.
MSP360 — Diatec Group Case Study: Irish MSP turns to MSP360 for reliable Microsoft 365 backups. msp360.com
Google Workspace Data Protection Guide — shared responsibility statement. Cited inline.
National Cyber Security Centre (NCSC) — Backup and recovery guidance. Cited inline.
World Economic Forum / GitProtect — human error as a factor in data loss. Cited inline.