The new reality
Running backups is only half the job. The other half is proving they come back.
Everyone trusts the backup is running. But a backup that has never been restored is a promise, not a guarantee: it can be corrupted, incomplete or simply fail to start, and that is almost always discovered on the worst possible day, when the company truly needs it.
A backup that has never been tested is hope, not a plan: you only know if it works on the day you need to restore.
Silent changes in the environment, a disk that filled up or a changed setting can break the backup without anyone noticing for months.
Audits, cyber insurers and large clients increasingly ask for proof that your company can recover, not just that it runs backups.
When was the last time someone actually restored your backup and confirmed the system came back to life?
Want the full picture? Check your ransomware readiness in minutes.
The real problem
The backup that looked up to date, and failed when it mattered
The backup shows as completed in the report every day. But completed is not the same as recoverable. Here is how trust in the backup falls apart exactly when it matters most:
The corrupted backup
On the day of the disaster, the company tries to restore and finds the backup file is corrupted or incomplete. It ran every day, but had never actually been opened.
The change that broke it silently
An update, a full disk or a changed setting makes the backup stop capturing what matters. The report stays green, no one notices, until a restore is needed months later.
The race against the clock
After an attack, every hour of downtime is expensive. Restoring for the first time under pressure, without ever having rehearsed, turns hours into days and multiplies the loss.
The proof you don't have
The cyber insurer, the auditor or a large client ask for evidence that you can recover. You have a backup, but no way to prove it restores.
In all these cases, having a backup was not enough. What gives confidence is proving it: booting the copy, confirming the system starts and keeping the evidence, on a recurring basis, before the disaster arrives. That is exactly what this service does.
The concept
What automated recovery testing is
It is a service that takes the backup you already have of your servers and workstations and, automatically and on a recurring basis, boots a copy of that system in an isolated environment, confirms it actually starts and records the evidence with date and screenshot. Instead of waiting for the day of the disaster to find out whether the backup is any good, you get, on a regular basis, the proof that it restores.
Proof that it comes back, not a promise
The system in the backup is actually booted and verified; you get confirmation that it starts, not just that the backup ran.
Catches the failure before the disaster
If a change in the environment broke the backup, the recurring test catches it early, while there is still time to fix it without loss.
Evidence for audit and insurance
Each test produces a record with date and screenshot, the proof the auditor, the insurer and the client ask for.
The question that matters: are you certain your current backup really restores, or do you only hope so?
What you get
What is included
Continuous validation of your backups, run by Zamak, with the proof ready for the day the audit, the insurer or the disaster asks for it.
What the test does
Each cycle, your backup is booted and verified, without you lifting a finger.
- Boots a copy of the protected system in an isolated environment, separate from production.
- Confirms the system actually starts, with machine-intelligence verification.
- Records the evidence with date and screenshot of each test.
- Repeats automatically and on a recurring schedule, without depending on anyone remembering.
What you receive
More than a backup: the certainty that it comes back.
- Periodic confirmation that your systems truly restore.
- An evidence report ready for audit, cyber insurance and clients.
- Early warning when something breaks the backup, before the disaster.
- Zamak's guidance on what to test and how often.
- All in the same Zamak backup console, alongside your server and workstation backups.
- Support from our team during a real recovery, not just the test.
Tech specs
How the test works, under the hood
For those who want to look under the hood: how the backup is booted, verified and proven, without touching your production.
Real boot, in an isolated environment
The test synthesizes a virtual machine from the backup and boots it in a managed, isolated infrastructure, without touching your production environment.
Machine-intelligence verification
An intelligence layer analyzes the startup screen and confirms the system started correctly, with about 99% accuracy in the verification.
Proof with date and screenshot
Each test keeps the evidence: the date, the result and the image of the system starting, ready to present to whoever asks.
Recurring and automatic
Tests run on a scheduled, automatic basis, so validation happens all the time, not just once at setup.
What can be tested
It applies to full-image backups of servers and workstations, which include the system. Document-only backup, since it does not contain the system, is validated differently; Zamak advises what makes sense in each environment.
Recovery path measured
Because the system is already booted in the test, the recovery path and time stop being an unknown: you know what to expect before the real day.
Tests run on infrastructure certified in SOC 2 Type II, ISO 27001, ISO 9001, HIPAA and PCI-DSS, isolated from your production, with the region set to your data residency requirements.
It is the difference between a backup you hope works and a backup you know works, with the proof in hand.
Take this documentation to present to decision-makers.
Risk and impact
From real risk to business impact
The backup runs every day, but has never been restored.
In the disaster, it turns out it was corrupted or incomplete, with no way back.
How recovery testing responds
The test boots the backup for real and confirms, beforehand, that it restores.
A change in the environment breaks the backup silently.
Months with no valid copy, with no one knowing, until it is needed.
How recovery testing responds
The recurring test catches the failure early, while it can still be fixed.
An attack demands a fast restore, for the first time under pressure.
Hours turn into days, and every hour of downtime multiplies the loss.
How recovery testing responds
The recovery path has already been rehearsed and measured, with no improvising in the moment.
The insurer, the auditor or a client ask for proof of recovery.
Without evidence, the contract stalls, the premium rises or the deal falls through.
How recovery testing responds
A report with date and screenshot, the proof ready to hand over.
Running backups protects the data; testing recovery protects business continuity.
For every role
What changes for each role in your company
The same guarantee, read through the eyes of whoever decides, owns the budget, runs the environment and resells IT.
Owner and founder
Build it, protect it, grow its value.
You stop trusting the continuity of the business to an assumption. Proof that the company recovers protects what you built and weighs in your favor in audits, insurance and when selling or growing the company's value.
Manager and director
Predictable cost. No surprises.
Trade the doubt about whether the backup works for a periodic report that proves it. You answer the board and the insurer with evidence, not hope, for a fixed line in the budget.
IT lead and team
A secure extension of your team.
Zamak is a backline, not a replacement: your team no longer carries the task of validating backup after backup alone, and gains the assurance of knowing recovery is tested, without losing control of the environment.
IT partner and provider
Grow your book without growing your technical team.
Offer your clients proof of recovery as a differentiator, without building a test lab. You keep the relationship and the contract; Zamak runs and documents the validation.
The care a license doesn't include
Why Zamak
Turning on the test is only the start. What brings peace of mind is the service behind it: defining with you what needs testing and how often, reviewing every result, acting when a test flags a failure and, on the day of a real recovery, leading the process alongside you. That is the backline Zamak places next to your team, adding to the work of whoever already runs the environment, never taking their place.
In the end, it is the difference between saying you have a backup and proving your company comes back to life.
15 years serving companies that cannot stop · Microsoft Solutions Partner · Addee (N-able) Elite Group · Great Place to Work.
Tests run on infrastructure certified in SOC 2 Type II, ISO 27001, HIPAA and PCI-DSS.
Still wondering?
Frequently asked questions
See also Check your ransomware readiness · Calculate the cost of an outage
Next steps
Stop hoping. Prove your company comes back.
An untested backup is hope, and hope does not restore a system. The time to prove your company comes back is before the disaster arrives, not during it.
Get started now
Leave your details and a specialist from your country gets back to scope the validation and get you started.
Talk to a specialist
A conversation about your backups and how to prove they restore, with no commitment.
Check your ransomware readiness
Find out in minutes how well your environment would withstand, and recover from, an attack.