This paper consists of a brief risk analysis of the cloud computing model, based on research conducted by the National Institute of Standards and Technology (NIST) and the Cloud Security Alliance (CSA), in order to determine best practices in the implementation of backups using Infrastructure-as-a-Service (IaaS). These two institutions were taken as a basis for being a world reference in security and technologies. In order to prepare the current work, the case of Mexpres del Sureste, S.A. de C.V., a transportation company dedicated to the transfer of import and export merchandise, where there is a need to safeguard data in an efficient and secure manner, was taken as a particular case. However, the author considers that it is generically applicable to any organization, regardless of its line of business, size or nature. In summary, this is a reading for the uninitiated in the subject, which lays the foundations for a deep self-taught learning and more complex volumes in the world of cloud computing.