Data protection expertise you can trust.
In-depth guides on POPIA compliance, ransomware recovery, Microsoft 365 backup, and enterprise data resilience — written by our team for South African organisations.
What Microsoft 365 Doesn't Back Up — And What You Stand to Lose
Microsoft 365 is not a backup solution. Here's exactly what falls through the gaps — accidental deletion, ransomware, admin errors, and licence removal — and what South African organisations need to do about it.
What Is POPIA and Does It Apply to My Business?
POPIA is South Africa's data privacy law — and it applies to almost every business that processes personal information. Here's what it requires, who it covers, and what the penalties look like.
POPIA Compliance: The Complete Guide for South African SMEs
Everything a South African business needs to know about POPIA compliance — what it requires, the eight conditions, common gaps, and practical steps to get your organisation in order.
POPIA Information Officer: Duties, Liability, and How to Appoint One
Every organisation that processes personal information must appoint an Information Officer. Here's what the role requires, what the liability looks like, and the steps to formalise your appointment correctly.
POPIA Data Breach Notification: A Step-by-Step Guide
POPIA Section 22 requires notification to the Information Regulator and affected data subjects within a reasonable time. Here's exactly what that process looks like and how to be ready before an incident occurs.
POPIA Compliance for Financial Services: FSCA, FAIS, and the Data Protection Overlap
Financial services organisations face the tightest data compliance requirements in South Africa. Here's how POPIA intersects with your existing FSCA and FAIS obligations — and where the gaps are.
POPIA and Cloud Storage: What South African Businesses Must Know
Using cloud storage or cloud backup to process personal information triggers specific POPIA obligations. Here's what the Act requires, what to check in your provider agreements, and how to stay compliant.
Do I Need a POPIA Compliance Consultant?
Not every South African business needs external POPIA help — but many do and don't know it. Here's an honest guide to when you can handle compliance yourself and when expert support is worth the cost.
The 3-2-1-1-0 Backup Rule: Why the Original Rule Isn't Enough Anymore
The classic 3-2-1 backup rule was written before ransomware could encrypt your backup target. Here's the updated 3-2-1-1-0 rule, what each digit means, and how to implement it in a modern enterprise.
Cloud Backup for South African Businesses: A Complete Guide
Cloud backup protects your business data off-site and off-network — but not all solutions are equal. Here's everything SA businesses need to know before choosing a cloud backup provider.
How to Back Up Microsoft 365 for Your Business
Microsoft 365 doesn't back up your data automatically. Here's a plain-English guide to your options — from native retention policies to third-party backup — and which approach actually works.
On-Premise vs Cloud Backup: Which Is Right for Your Business?
On-premise backup is fast and familiar. Cloud backup is resilient and off-site. Most South African businesses need both. Here's how to decide what mix is right for your environment.
Endpoint Backup vs Antivirus: Why Your Business Needs Both
Antivirus protects against threats. Endpoint backup recovers from them. They are not alternatives — they serve completely different functions. Here's why your business needs both.
How to Back Up Salesforce Data: A Business Guide
Salesforce does not back up your data the way most businesses assume. Here's what Salesforce retains, the common data loss scenarios it cannot recover from, and how to protect your CRM properly.
Salesforce Data Loss: 5 Scenarios Nobody Talks About
Salesforce doesn't guarantee data recovery. Here are five ways organisations lose CRM data permanently — and what a proper backup strategy looks like for the world's most critical sales platform.
Cloud Backup Pricing in South Africa: What to Expect
Cloud backup pricing in South Africa varies widely depending on what you're protecting and how. Here's a plain-English breakdown of pricing models, typical costs, and hidden fees to watch for.
What Is Ransomware? A Plain-English Guide for Business
Ransomware locks your business data and demands payment to restore it. Here's what it is, how attacks unfold, and what South African businesses can do to protect themselves.
How Does Ransomware Spread? 6 Common Entry Points
Ransomware doesn't appear from nowhere. It enters through specific, predictable weaknesses in your business. Here are the six most common entry points — and what to do about each one.
How Much Does a Ransomware Attack Cost SA Businesses?
The ransom is only the beginning. Here's the full cost of a ransomware attack for a South African business — downtime, recovery, regulatory fines, and reputational damage included.
Immutable Backup: What It Is and Why Your Current Backup Isn't Enough
Traditional backups can be deleted by ransomware. Immutable backups cannot. Here's the technical difference, and why the distinction matters when an attack is already in progress.
Ransomware vs Backup: Why Most Backups Fail After an Attack
Having backup software doesn't mean you can recover from ransomware. Here's exactly how ransomware defeats standard backup — and what your backup needs to survive an attack.
Should You Pay a Ransomware Ransom? The Honest Answer
When ransomware hits, the pressure to pay is enormous. Here's an honest look at what paying actually gets you, the legal considerations in South Africa, and the cases where it may be your only option.
Ransomware Recovery Without Paying the Ransom
Most businesses that pay a ransomware ransom didn't have to. Here's what recovery without payment actually looks like — the three scenarios, what each requires, and how long each takes.
Ransomware Attack: What to Do in the First 24 Hours
The decisions you make in the first 24 hours after a ransomware attack determine how bad the outcome is. Here's a step-by-step response guide for South African businesses.
How to Build a Ransomware Response Plan for Your Business
A ransomware response plan tells your team exactly what to do when an attack hits — before panic sets in. Here's how to build one that actually works for a South African SME.
RTO vs RPO: A Plain-Language Guide for Executives
Recovery Time Objective and Recovery Point Objective are the two numbers that define your organisation's true tolerance for downtime. Most executives don't know theirs. Here's how to find out.
How to Build a Business Continuity Plan for South African Organisations
A business continuity plan that sits in a drawer is not a plan. Here's a practical framework — from risk identification to test schedules — tailored to the South African regulatory and infrastructure context.
What Is IBM Guardium and Which Organisations Actually Need It?
IBM Guardium provides real-time database activity monitoring, sensitive data discovery, and compliance reporting. Here's who needs it, what it does, and how it compares to native database auditing.
Post-Quantum Cryptography: What Executives Need to Know Before 2030
Quantum computers will eventually break RSA and ECC encryption. The window to prepare is now, not when it happens. Here's a plain-language guide to the threat, the NIST standards, and the steps your organisation should take today.