One of an organizations most critical assets is their data.  It is like the DNA of the organization, nothing will work very well without it.  With so many ways for an organization to lose its data, you need a well implemented data backup and recovery plan.  If you fail to do this and then lose you data, you may well go out of business and you don’t want that to happen.

The backup plan consists of three phases:

  1. On-Site backups.
  2. Off-Site backups.
  3. Website backups.

However, with some many backup options available, I want to address the overall strategy.

On Site Backups

You need to have an on-site backup. On-site backups can be restored the easiest and you have complete control over them. The purpose of an on-site backup is two-fold.

  1. First it helps you when you accidentally deleted that file you need.  Well if you have an on-site backup, you can just open your backup and restore the file.
  2. The second purpose is for a full restore.  This could happen if a computer crashes, gets a virus, upgrading computers, etc.  You can just restore the entire backup to a new computer and you are set.

So should how the backup process work?  Well, you don’t really want to do this manually because you are likely to miss something (plus that would be a pain).  What you want to do is use some automated backup software.

Any good backup software will help you setup what needs to be backed up. Then it will begin by doing a full backup of everything you told it to backup.  Once that happens the software will detect changes and backup those files. One of the coolest features of this is if you need a copy of a file 3 versions ago, it will likely have it.

Depending upon the size of of your files the initial backup could take days, it really depends on the size of the files you have on your device, and how fast your device is.

One thing you should be aware of is that you should have a backup hard drive that is about 2x the storage space of the device’s hard drive. This is because of the way backups work they have to write a bunch of temporary files but if your backup drive doesn’t have the space it will fail (I speak from experience).

While I’m discussing hard drives, if you have the money, use a Solid State Drive (SSD) vs. a standard hard drive.  A solid state drive is faster and performs better, but they are more expensive.

Off-Site Backups

On-site backups are great for an easy restore but what happens when the backup gets destroyed at the same time as your computers?  If you have a flood, fire, robbery, etc. in your organization, this could happen.  That is why you need an off-site backup and for this, I recommend using the cloud.

Cloud based backup services are great because they don’t rely on you having to do much.  You essentially sign up, configure their software and it runs in the background.  Once it has done the initial full backup, it will backup incremental changes that it detects.

Some services will actually send you a hard drive through the mail to get the initial backup done quicker (vs uploading all your files through the internet, which is much slower).  To upload a large computer’s files to the cloud could take a few weeks, but once that is done it runs the incremental when it detects a change.

Also be aware that some service only do computers while others do computers, phones, tablets, etc.  When you are shopping for a backup service be sure of what type of devices they will actually backup.

Don’t Forget Your Website

One of the key elements for an organization is your website.  Remember, the website is open 24/7/365 never calls in sick, and can make sales for you at 3 AM when you are sleeping.  Make sure that you have a backup of it’s current state and a couple versions back.  Don’t rely on the host’s backup that you can get.  You need a copy as well (just in case).  You should have the content files, code files and database (this is a file called a .sql file). And remember, most websites these days, the lion’s share of the content is in the database.

Why go though this effort?  Because if you have an issue and need to make a change and you already have these, it will go much smoother. For example, if you developer is unexpectedly unavailable and you don’t have the technical knowledge to go retrieve the files from the host, that is a big problem. Part of the deliverable from your developer should be the website files.

I have had the unfortunate situation of helping organizations that have been hacked and didn’t have a recent backup to restore.  Lots of hours were spent re-typing the content from screenshots of the hacked website.

So if you have not yet implemented a backup plan for your organization (or your family) go make an investment in the proper equipment or services today.


Time Machine – part of the Mac OS.  If you own a Mac you have this already.

Windows backup and restore. Part of the Windows OS.  If you have Windows you have this already.

Carbonite – Coud backup service.

Mozy – Cloud backup service.

Please note, these are not affiliate links.  I don’t make any money if you click these links.  They are just services I am aware of.  I personally have used Mac Time Machine and Carbonite and have been pleased with both.



You have a website why not do it yourself? This now famous used by one of the many DIY website companies out there makes it sound so easy and you’ll be able to build in 20 minutes.

Well I have a question of my own.  This is your business, do you want your most visible marketing piece that is available 24/7/365 to be built by an amateur?  If you do go ahead and do it yourself.  But if you want a website that will make your business successful, hire a pro.  In the rest of this article, I explain why.

Because Pros Know What They Are Doing

When you have a business, do you try do put up the building, run wiring, plumbing, etc?  No, probably not.  That is because you know it is not what you know how to do.  Well the same is true of building a website for your business.  Unless you are in the business of building websites, you are an amateur and as an amateur you will miss something that pros won’t, because they’ve done this a ton of times and you haven’t.  Here is a list of things I have actually seen on businesses websites that were clearly done by amateurs using DIY templates:

  1. On a website for a handyman one of the pages where the logo was supposed to go said “your logo here”.  They forgot to add their logo.
  2. I was recently checking out some fitness classes and on one of the pages it had a button that said “Button Text”.  I was curious so I clicked it.  It did nothing.
  3. In that same search for fitness classes on a different site in the footer it said “Copyright 2023, Your name here”.  This was in 2017, I don’t even know how they came up with 2023.  When I do this I add the date dynamically so it gets the year from the server’s clock and is always current.


It takes amateurs 10x Longer Than You Think

I remember a few years back when I was running my own business and I decided to build my own website.  This is before I was a pro developer, I was doing analytics at the time.  I thought it would take me a couple of hours.  Well about 2 days later, I had it finished and it still didn’t look like I had envisioned it in my head.  These days I am still surprised about how long it actually takes to build a website and I build them for a living.

While you are building your own website, all that stuff that you normally do, isn’t getting done.  So remember this quick calculation.  Take about 2 days of your time (let’s say 16 hours) and multiply that by however valuable your time is to you.  Well if you value your time at $100 / hour that website you built would be $1600 and you will probably have missed something and not gotten anything else done for 2 days.  Why not just hire a pro to do it rights for about $4000?  That’s actually, a good deal. Many developers would charge a bunch more.

Amateurs Don’t Do Enough Testing

An amateur will most likely test a website on their preferred browser on their computer.  A pro will test across many platforms and all major browsers.  As an example an amateur might test on Windows version of Chrome.  A pro will test on Internet Explorer, Chrome, Firefox, Safari on Mac and Windows as wall as mobile platforms.  Why do this?  Because different browsers on different platforms render sites differently.  So that site that looked good on Chrome running on Windows might look really bad on Safari on an iPhone.

As an amateur you will miss something that pros won’t, because they’ve done this a ton of times and you haven’t

So if you want your business to actually benefit from a website, do yourself a favor and go hire a pro.  It will save you a bunch of time and headaches (and be a better end product).  These reasons are just the tip of the iceberg.  Pro developers will be highly valuable in other areas I haven’t even touched on like e-commerce, SEO, security and maintenance. Remember, a good pro will make you more than they cost you. So go find a pro you like and start working with them today.


The bad news is that your organization’s website is at risk, because they all are. There are plenty of people out there with devious intentions whose aim is to embarrass you and steal you and your users information.  I have seen many variations of this in my time as a developer, some of them due to my lack of experience at the time.  In this article I will give you an overview of the most common ways you can protect yourself from threats.  I will expand on all of these topics in later posts but I wanted to start with an overview.  So lets begin.

Threat #1: Passwords

You have passwords for your website (if you are using a CMS like WordPress), email accounts, computers, FTP, social media accounts and more.  The easiest way to protect yourself is to have strong passwords.  An example of a weak password is something like: password123.  Now I have not personally seen a password this week, but in my time I have seen passwords almost as week.  What you are aiming for is a strong combination of Uppercase, lowercase, digits and special characters.  The longer the better.  As an example our week password from above, password123 could be made much more secure if it were pa$sWord123.  However, I still wouldn’t use that.  It’s still too obvious.

Threat #2: Insecure Sites

The second threat is an insecure site, specifically yours.  What you need to do is to never enter any sensitive date into a website that is not running on HTTPS with a  valid security certificate.  And by sensitive date I mean passwords, credit card numbers, driver license number, social security number or anything you don’t want to be made public.  Your should be running your site over HTTPS vs HTTP because HTTPS encrypts the data between the client (your device) and the server, which makes it much more difficult to steal.  Fortunety, running over HTTPS is not hard too do and I’ll show you how in a later post.

Threat #3: External Threat

The external threat are those individuals with malicious intent, that intend to cause harm on your website and to your organization.  There are too many varieties of this to mention but the best things I recommend are related to your website setup. The first is to purchase and run anti-malware software on your web host.  This is essentially the hosting equivalent of anti-virus software for your computer.  The second is to run security plugins on your website that are finely tuned to detect threats such a brute force attack.

Threat #4: Internal Threat

The internal threat are those individuals in your organization that can harm your site but do so unintentionally and not out of malicious intent.  Typically these people accidentally break something they should not have been given access to in the first place.  This is an easy one to prevent.  Your administrator should limit user permissions so that users can edit what is necessary for them to perform their role and nothing more.  For example, if someone in your organization is only responsibility is for posting articles they should not have the ability to add and remove plugins, update themes, etc.


WordPress is the most popular CMS in the world.  Approximately 25% of all websites use WordPress.  However, there are two varieties of WordPress.  In this article I explain both and why one of them is far preferential to the other.

Two Versions of WordPress is the first version of WordPress I shall discuss.  Using the .com version of WordPress the WordPress organization takes care of all the hosting and all you have to do is login and create your site.  The result of this will give you a URL that looks like on the other hand is also called self hosted.  Using this type of WordPress you would download the latest version from and install it on your web host, which you choose, using a domain that you own.  Since it is so popular, almost any host offers WordPress hosting.  Using the self hosted version, would give your site a URL such as

Oh and both versions are 100% free to use. So there is no cost to get WordPress (either version).  That is one of the primary versions it is so popular (that and its really good).


My recommendation is to always use the self hosted version.  It will give you the most professional representation for your organization.  Think about it.  What sound more professional or

Also if you use the self hosted version it will scale much better.  For example, suppose your just starting out and you choose the version (  Then you experience some growth.  How long are you going to want your website to be instead of

So do yourself and your organization a favor.  If you are going to use WordPress to build your website, use the self hosted version on your own domain.  And don’t think that hosting is going to break the bank.  You can get some really great hosting packages for little more than a hundred dollars a year.  If this is a concern to you, then you probably can’t afford a website anyhow because you will have many other costs beyond hosting such as development fees, stock photography, email hosting and more.