How to Automatically Back Up
a Windows PC the Right Way

What "automatic backup" actually means on Windows

Most people think of a backup as something they do when they remember to do it. That approach fails in practice, because the moment a drive fails or ransomware hits is rarely the moment you last copied your files.

A true automatic backup runs on a schedule without you initiating it. You configure it once, and from that point forward the software captures new and changed files at a set interval, whether you are at your desk or not. This is sometimes called a set-and-forget backup.

Why does this matter? Because human memory is unreliable under normal conditions, and completely absent under stress. Disk failures, accidental deletions, and ransomware infections do not announce themselves in advance. CISA and the FTC both note that small businesses that experience data loss without a working backup rarely recover fully. The same is true for individuals who keep irreplaceable documents, photos, or financial records on a single machine.

• Scheduled, not manual. The backup runs at a defined interval (hourly, daily, or continuous) without requiring you to open any application.
• Version history. Multiple snapshots are kept so you can recover a file from before it was corrupted, encrypted, or deleted, not just the most recent copy.
• Off-site copy. At least one copy of your data lives somewhere other than the machine itself, so a physical event (theft, fire, flood) does not destroy your only backup.
• Monitoring and alerts. You get notified if a backup fails, so you are not discovering a weeks-old gap in coverage after a loss event.
• Restore testing. A backup that has never been tested is a backup you cannot rely on. Restoring a file or folder on a schedule confirms the data is actually recoverable.

The rest of this page covers how built-in Windows tools measure against these criteria, and what a complete standard looks like.

What the built-in Windows tools do and do not cover

Windows ships with several tools that address parts of the backup problem. Understanding what each one actually does prevents a common mistake: assuming you are protected when you are not.

• File History. File History, available in Windows 10 and Windows 11 via Settings > Update & Security > Backup, copies files from your libraries (Documents, Pictures, Music, Videos, Desktop) to a connected drive or network location at regular intervals. It keeps version history, which means you can go back to earlier versions of a file. This is genuinely useful. The important limitations: File History backs up to a local or network target by default. If you use an external drive and that drive is not connected when a backup should run, the backup is skipped. If your home or office experiences a fire, theft, or flood, both your PC and the connected backup drive may be lost together. File History also does not alert you when it fails, so a missed target can go unnoticed for weeks.
• Backup and Restore (Windows 7). Still present in Windows 10 and Windows 11 under Control Panel, Backup and Restore creates a full system image as well as scheduled file backups. It is sometimes called the legacy tool because Microsoft carried it forward without significant updates. Like File History, its default target is a local drive or network share. System images are large and can be impractical to manage on an external drive without a rotation discipline. Again, no off-site copy is created by default, and no external monitoring confirms that scheduled runs completed successfully.
• OneDrive known-folder backup (sync). Windows 10 and Windows 11 include OneDrive integration that can redirect your Desktop, Documents, and Pictures folders to sync automatically to Microsoft's cloud. This is convenient and provides redundancy against a single-device failure. However, sync is not the same thing as backup. When you delete a file, it is deleted from the cloud copy too. When ransomware encrypts your files, the encrypted versions sync to the cloud, overwriting the good copies. OneDrive does retain a version history and a recycle bin that can help in some scenarios, but its primary design is synchronization across devices, not durable backup with version retention and restore testing. For a fuller explanation of the difference, see our page on cloud sync vs. backup.

The shared gap across all three tools: none of them, by default, provides an off-site copy you control, failure alerting, or a structured restore-testing practice. For many individuals and virtually all small businesses, those gaps represent meaningful exposure.

A backup standard for a Windows PC

The following checklist is grounded in guidance published by CISA (the Cybersecurity and Infrastructure Security Agency) through its StopRansomware initiative and in FTC small-business cybersecurity recommendations. These sources are publicly available and updated regularly.

• Follow the 3-2-1 rule. Keep at least three copies of your data: two on different local media (such as your PC and an external drive) and one off-site copy stored separately from your physical location. CISA explicitly recommends the 3-2-1 approach as baseline protection against ransomware and physical disasters.
• Include an offline or air-gapped copy. CISA's #StopRansomware guidance specifically calls for at least one backup copy that is not connected to the internet or your network during normal operation. Ransomware can traverse network shares and connected drives. An offline copy limits the blast radius.
• Retain version history long enough to detect delayed infections. Ransomware and data corruption are often discovered days or weeks after they first occur. A version history of 30 days or more increases the likelihood that you can recover a clean copy. A backup that keeps only the most recent snapshot may already contain encrypted or corrupted files by the time you realize something is wrong.
• Encrypt data in transit and at rest. Any data leaving your PC or stored on an external target should be encrypted. This protects against unauthorized access if a drive is stolen, a cloud account is compromised, or a network connection is intercepted.
• Enable monitoring and failure alerts. You should not have to log in and check a backup dashboard to know whether last night's backup ran. Configure your backup solution to send an alert if a scheduled backup fails or if no backup has completed within a defined window.
• Test restores on a regular schedule. A backup that has never been tested is an untested assumption. Restore at least one folder or file set on a regular basis, quarterly at a minimum, to confirm the data is intact and the process is understood before you need it under pressure.
• Name a recovery owner. For small businesses especially, someone specific should be responsible for verifying that backups are running, reviewing alerts, and initiating a restore if needed. An unnamed responsibility is frequently an unexercised one.

For a focused checklist aimed at small businesses with multiple machines or employees, see our small-business backup checklist. If you want to understand how well your current setup would hold up against a ransomware event specifically, the ransomware restore readiness guide walks through the questions worth asking before an incident, not after.