January 15, 2014 - Data Security
If you haven’t lost data then you will. That’s the nature of digital information. It likes to get corrupted or disappear for seemingly no good reason. Do you have regular backups? Will you be able to recover when that happens to you? Because it will.
Data loss isn’t just a result of accidents. It can be caused by malicious activity as well. I see it all the time in my line of work. Cyber criminals get the giggles when they see how they’ve screwed up your life. It’s what they do.
So lets look at some ways that data loss can occur as a result of malicious activity. Use your imagination here. The crooks do.
Viruses and other devious software like to mess with things. Sometimes this means deleting your files, sometimes it means corrupting them beyond repair.
Some malware likes to target your operating system. That is, in most cases, Windows. Frequently they will corrupt the boot sector or some critical boot files and your computer will no longer start.
When ransomeware gets on your computer, it will encrypt all your files with unbreakable encryption and hold them for ransom. Once you pay the fee, it will (hopefully) decrypt your data and let you have it back. But if you have backups, you can give said malware the finger and laugh as you wipe it from your computer and start over.
Sometimes evil hackers will break into computers and do horrible things. At that point, all of your data is at their mercy to do with as they will.
Is everyone you let into your home trustworthy? What if you come home to find the repairman browsing your files or visiting malicious sites on your computer? Are your coworkers trustworthy?
Laptops, flash drives, phones, and every other type of digital device are stolen all the time. Would you lose your data for good if one of your devices suddenly went missing?
“Cold backup versioning” is just a concatenated term I use to describe two separate backup strategies: cold backups and backup versioning.
A cold backup is a backup that’s not attached to your computer. Think of the thumb drive or external hard drive that you back up your files to. If you were to unplug the drive after you’re finished backing up, that drive becomes a cold backup. The drawback, of course, is the inconvenience of needing to connect the drive every time you back up. Cold backups are good for several reasons:
Backup versioning is the practice of keeping several versions worth of your backed up files. So if you make a change to a file, you keep the old version and the new version. This can lead to having dozens or hundreds of versions of any single file. That can make things a bit difficult to manage if you don’t have a system in place, but the result is well worth it. Backup versioning has several strengths:
So how do we put this stuff into practice? It all seems very inconvenient. Well here are my favorite security-minded strategies that might work for you.
By far the most convenient method, but they do charge a monthly fee. These services monitor your files for changes then back them up to their servers online automatically, so you don’t have to remember.
I only consider this a “warm” backup solution because it’s never technically disconnected from your computer (though you can tell it to be). They do, however, provide protection from power anomalies on your computer and accidental deletions. But they also provide the security of full backup versioning, so if a file does get corrupted by a virus and uploaded to their servers, you can go back to a version before the corruption happened. I recommend one of the following services:
I like these companies because they are among those that provide the option for “Trust No One” (TNO) encryption. That means only you can see your data. Not even the company’s employees can view it. That’s a big plus for privacy. SpiderOak in particular uses TNO by default and you can’t turn it off.
This method creates a local backup (as opposed to offsite) by automatically copying all your files to an external hard drive. Local backups are of course not protected against theft or disaster like they would be with an online service.
For local backups, I would not use a thumb drive. Reasons being: 1) you have more room on a hard drive for backup versioning, and 2) thumb drives tend to get lost and corrupted too easily.
The backup scheme will take some configuration to get set up, but once that’s done, it should be easy as pie. Of course, most backup software costs money but it’s only a one time purchase. The good ones will also give you the ability to encrypt your backups. That is highly recommended so that if the external drive is ever stolen or lost, your data is safe. Try one of these options:
I swear by Acronis’s products. I’ve never tried NovaBACKUP but it seems like a good solution. Both offer the ability to encrypt your backups.
Again, do not use a thumb drive if you can help it. This method requires you to do manually what backup software does automatically. Here is one possible backup scheme:
Do this maybe once a week. After a while you will have several folders with versions that go back as far as you want. I would just go until you’re almost out of hard drive space then start deleting the oldest versions first to make room. By that time you will probably have months or years worth of backups.
This method is easy to manage and simple to perform. The biggest drawback is that the files are not encrypted automatically. If your drive ever gets stolen or lost, your data goes with it. I highly recommend manually encrypting your backup as in step 4 above.
The vast majority of your backups will never be needed. You’ll go for months or years and think, Why am I doing this again? Here are some excuses I hear when people stop their backups. Believe me, I’ve heard them all.
STICK TO YOUR BACKUPS. The one time you might need it in three years will be well worth the inconvenience. If you ever experience catastrophic data loss like I have, you’ll probably get paranoid about it like I am. Please don’t let that happen before you decide to get on the wagon.