As a designer of cloud-based software as a service (SaaS) solutions, you are responsible for ensuring the security and resilience of your offerings. Recently, your organization has become increasingly concerned about the threat of ransomware attacks. In alignment with Microsoft Security Best Practices, you have been tasked with recommending a recovery solution to protect the organization. The objective is to ensure that the organization has a viable alternative to paying the ransom in the event of an attack. What should you recommend doing first?