Data is the most valuable asset of every company. Yet, according to global statistics, 60% of SMEs that suffer a significant data loss go out of business within six months. Ransomware, hardware failures, human errors, and natural disasters are not remote scenarios: they are real risks that affect companies in Switzerland and around the world every day.

VarGroup offers a Managed Data Protection service that goes beyond simple backup: proactive management of the entire data protection strategy, from daily backup to documented and tested disaster recovery, including active defense against ransomware — all with a fixed monthly fee and guaranteed compliance with the new Swiss Federal Act on Data Protection (nFADP).

• Managed and 24/7 monitored backup (servers, VMs, endpoints, SaaS)
• Disaster Recovery with contractually defined RTO and RPO
• Immutable protection against ransomware (air-gap and immutable backups)
• Periodic and documented restore verification
• Regulatory compliance (Swiss nFADP, GDPR, ISO 27001)
• Monthly reporting on backup status, incidents, and activities performed

The service is modular and scalable: it adapts to the size, complexity, and acceptable risk level of each client company. The scope may include all or part of the following components.

Managed backup of servers and virtual machines

• Daily backup (or more frequent) of physical servers, VMware, Hyper-V, and Nutanix VMs
• Configurable retention policies (daily, weekly, monthly, yearly)
• Application-aware backup for Microsoft Exchange, SQL Server, Active Directory, and SharePoint
• Compression and deduplication to optimize storage space
• 24/7 monitoring with automatic alerts in case of failed jobs or anomalies

Cloud backup and Microsoft 365 protection

Microsoft explicitly states that responsibility for backing up data in Microsoft 365 — email, Teams, SharePoint, OneDrive — lies with the client company, not Microsoft. VarGroup manages the complete backup of Microsoft 365 using certified solutions (Veeam Backup for Microsoft 365), ensuring granular recovery of individual messages, files, or entire mailboxes.

• Backup of Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams
• Granular recovery: individual item, folder, or entire mailbox in just a few minutes
• Configurable retention independently of Microsoft 365 native limits
• Protection against accidental deletion, ransomware, and compromised accounts

Endpoint protection (laptops and desktops)

• Backup of company endpoints with Veeam agent or equivalent solution
• Protection of user data when working remotely and outside the company network
• Fast recovery of a single file or the entire machine in case of failure or loss

Immutable defense against ransomware

Today’s most sophisticated ransomware threats seek out and encrypt backups as well before attacking primary systems. VarGroup implements an immutable backup strategy with air-gap isolation — physical or logical — to ensure that there is always at least one copy of the data that malware cannot reach.

• Immutable backups on dedicated storage with WORM (Write Once Read Many) protection
• Air-gap isolation: offline or off-site copy unreachable from the company network
• 3-2-1-1 strategy: three copies, two different media, one off-site, one offline
• Anomaly detection in the backup process as an early warning of ongoing attacks

Managed Disaster Recovery

Disaster Recovery is not a larger backup: it is a complete recovery strategy that guarantees business operations can resume within contractually defined timeframes (RTO) with the lowest possible data loss (RPO).

• Design and documentation of the Disaster Recovery Plan (DRP)
• Continuous or daily replication to a secondary datacenter or Azure cloud
• Contractually defined RTO and RPO, measured periodically
• Documented DR tests at least every six months
• Guided failover in case of disaster with on-site or remote support from the VarGroup team

Verification, reporting, and compliance

• Monthly or quarterly restore tests with documented outcome reports
• Monitoring dashboard accessible to the client via web portal
• Monthly report on: job status, managed anomalies, capacity used, and activities performed
• Documentation for nFADP, ISO 27001, and GDPR compliance audits
• Retention logs and complete audit trail of all backup and restore operations

The activation of Managed Data Protection follows a structured process that always starts with an analysis of the actual risk, not with a pre-packaged solution.

1. Data Protection Assessment

We analyze the existing IT environment, critical systems, current backup policies, and gaps against best practices and regulatory obligations. We produce a risk map with prioritized vulnerabilities and the estimated cost of a potential incident.

2. Strategy design

Together, we define the protection strategy: which data to protect, how often, with what retention, with which RTO/RPO targets, and with what architecture (on-premises, cloud, hybrid). The plan is jointly approved before implementation.

3. Implementation and configuration

We install and configure the backup solutions, implement retention policies, activate monitoring, and configure alerting. We perform the first full restore test to validate the entire protection chain.

4. Go-live and hypercare

The service is activated with a 2–4 week hypercare period during which the VarGroup team closely monitors backup jobs, verifies notifications, and fine-tunes the configurations based on the real environment.

5. Continuous operational phase

Once fully operational: 24/7 monitoring, periodic restore tests, policy updates in case of infrastructure changes, and monthly reporting. A dedicated Service Delivery Manager acts as the point of contact for escalations and strategic reviews.