Workflow Templates for Data Backup: Data Backup and Recovery Checklist

Backup Strategy & Scope

Inventory transaction files and CRM data

List every system that holds client or transaction data: Dotloop or SkySlope transaction folders, the team CRM (Follow Up Boss, kvCORE, BoomTown), shared Drive or OneDrive, accounting (Brokermint, QuickBooks), and broker email. Don't forget agent-owned data on team CRMs — per the agent agreement, the brokerage owns those leads.

Set RPO and RTO targets per system

Recovery Point Objective (how much data you can afford to lose) and Recovery Time Objective (how fast you must be back up) drive everything else. Trust account records and active transaction files usually need RPO under 24 hours; marketing assets can tolerate more.

Confirm state retention windows for transaction files

State commission rules dictate how long the brokerage must retain transaction files and trust-account records — commonly 3 to 7 years from closing depending on the state (CA 3 years, FL 5 years, TX 4 years). Backup retention has to meet or exceed the longest applicable window.

Storage & Offsite Protection

Configure the 3-2-1 backup architecture

Three copies of the data, on two different media, with one offsite. For a small brokerage this typically means production SaaS + a cloud backup vendor (Backblaze, Datto, Spanning) + a periodic local export to an encrypted external drive held by the broker.

Verify offsite replication for trust-account records

Earnest money ledgers and reconciliations are the highest-risk records in the brokerage — state commission auditors will ask for them on demand. Confirm the offsite copy is current and that the broker (not just the bookkeeper) has access credentials.

Test restore from cold storage

Pull a single closed transaction folder from the cold/offsite copy and verify every required document opens cleanly: signed listing or buyer agreement, agency disclosure, seller's property disclosure, lead-based paint (if pre-1978), settlement statement.

Backup Execution & Monitoring

Automate nightly backup of transaction-management files

Most transaction-management platforms (Dotloop, SkySlope, Brokermint) don't include long-term export by default. Use the platform API or a vendor like Spanning to pull a nightly snapshot to your cloud backup target.

Schedule CRM exports from Follow Up Boss or kvCORE

Schedule a recurring export of contacts, notes, and pipeline stages — at minimum weekly. If an agent departs and the brokerage owns the leads, the export is your evidence of the data state at separation.

Review backup job results

Open the backup vendor dashboard and confirm every scheduled job for the past week ran to completion. Silent failures are the most dangerous mode — a job that ran but skipped a folder.

Open a ticket for the failed backup jobs

Document which job failed, the error, and the affected systems. Re-run the job manually and confirm completion before closing the ticket. If a transaction-file system is the source, notify the TC so they can flag any in-flight deals.

Recovery Planning & Testing

Document the recovery runbook for each system

Per system: where the backup lives, who has restore credentials, the step-by-step restore procedure, and the expected RTO. Keep one printed copy outside the cloud — if email and Drive are down, the runbook on Drive is useless.

Assign incident-response roles to broker and IT

Decision-maker (broker-in-charge), executor (IT or vendor), client communicator (TC or office manager), and legal contact for breach notification. Wire-fraud incidents in particular need the broker on the call within minutes.

Run a tabletop recovery drill

Pick a realistic scenario — ransomware on the office file server the week before three closings — and walk through the runbook end to end. Time how long each restore actually takes and compare to your RTO.

Capture lessons learned from the drill

Write up the gaps that surfaced — missing credentials, slow restore, undocumented dependencies — and assign each one an owner with a fix-by date. Re-test the gap before the next quarterly drill.

Security & Compliance

Encrypt backups with AES-256 at rest

Confirm the cloud backup vendor encrypts at rest with AES-256 and that the brokerage holds (or escrows) the keys. For local external drives held by the broker, use BitLocker or FileVault and store the recovery key separately.

Verify NPI and trust-account data handling

Backups capture buyer SSNs, bank routing numbers, and wire instructions — nonpublic personal information under GLBA and state privacy laws. Confirm access logs exist, retention matches the state commission rule, and the vendor's BAA or DPA is current.

Review MFA on backup admin accounts

Anyone with restore privileges can also exfiltrate. Require MFA, review the admin list against the current roster, and remove departed agents or staff. Wire-fraud cases often start with a compromised admin account, not the client.

Review & Audit

Audit backup completeness against retention list

Sample five closed transactions from the prior quarter and confirm the full file is present in backup: agency disclosure, signed agreements, EMD receipt and trust-ledger entry, inspection records, settlement statement. State auditors sample the same way.

Document gaps found during the audit

For each missing or incomplete file, note the transaction, the missing item, the responsible agent, and the remediation step. Recurring gaps from one agent or one platform point to a process fix, not a one-time correction.

Update the backup policy

Refresh the policy whenever the brokerage changes CRM, transaction-management platform, or accounting system — a common gotcha after a kvCORE / BoldTrail migration. Distribute the updated policy to every agent and have the broker-in-charge sign and date.