15 Jan, 2014 No Comments Bobby Data Security

If you haven’t lost data then you will. That’s the nature of digital information. It likes to get corrupted or disappear for seemingly no good reason. Do you have regular backups? Will you be able to recover when that happens to you? Because it will.

Backing Up as a Security Strategy

Data loss isn’t just a result of accidents. It can be caused by malicious activity as well. I see it all the time in my line of work. Cyber criminals get the giggles when they see how they’ve screwed up your life. It’s what they do.

So lets look at some ways that data loss can occur as a result of malicious activity. Use your imagination here. The crooks do.

1. Data corruption by malware

Viruses and other devious software like to mess with things. Sometimes this means deleting your files, sometimes it means corrupting them beyond repair.

2. Operating system corruption by malware

Some malware likes to target your operating system. That is, in most cases, Windows. Frequently they will corrupt the boot sector or some critical boot files and your computer will no longer start.

3. Ransomware infections

When ransomware gets on your computer, it will take your files hostage, sometimes with unbreakable encryption. Once you pay the ransom fee, it will (hopefully) give your data back. But if you have backups, you haven’t lost anything and the ransomeware has no power over you.

4. Remote intruder access

Sometimes evil hackers will break into computers and do horrible things. At that point, all of your data is at their mercy to do with as they will.

5. Physical intruder access

Is everyone you let into your home trustworthy? What if you come home to find the repairman browsing your files or visiting malicious sites on your computer? Are your coworkers trustworthy?

6. Device theft

Laptops, flash drives, phones, and every other type of digital device are stolen all the time. Would you lose your data for good if one of your devices suddenly went missing?

What is Cold Backup Versioning?

“Cold backup versioning” is just a mashed up term I use to describe two separate backup strategies: cold backups and backup versioning. Both methods should be included in your backup scheme.

Cold backups

A cold backup is a backup that’s not attached to your computer. If you backup to a thumb drive or external hard drive and then unplug it, that drive becomes a cold backup. The drawback, of course, is the inconvenience of needing to connect the drive every time you back up. Cold backups are good for several reasons:

  1. Viruses and intruders can’t get to them
  2. Immunity to power surges or other electrical anomalies
  3. Prevention of accidental deletions or overwrites

Backup versioning

Backup versioning is the practice of keeping several versions worth of your backed up files. So if you make a change to a file, you keep the old version and the new version. This can lead to having dozens or hundreds of versions of any single file. That can make things a bit difficult to manage if you don’t have a system in place, but the result is well worth it. Backup versioning has several strengths:

  1. If you unknowingly backed up an infected file, you can go back to an earlier version
  2. The ability to restore an older version if you backed up an accidental change
  3. The ability to see a file’s history

Methods for Cold Backup Versioning

So how do we put this stuff into practice? Here are my favorite security-minded strategies that might work for you.

Method 1 – Online Backup Service

By far the most convenient method. These services monitor your files for changes then back them up to their servers online automatically, so you don’t have to remember.

This isn’t technically a “cold” backup because it’s always connected by default. But it does have some of the same features, like protection from power anomalies. And they all typically provide backup versioning, keeping a history of changes to your files. The following services are good ones, though I recommend SpiderOak the most. Check out why it’s my favorite.

Method 2 – Auto Backup to External Hard Drive

Also called local backups. Keep in mind these backups will not be protected form theft or disaster. Only offsite backups (like the online services above) can do that.

Tips:

  • For local backups I only recommend Acronis. I’ve used it for years and swear by it.
  • Encrypt the backups in case of theft or loss (Acronis lets you do this)
  • Do not use a thumb drive. They tend to get lost and corrupted too easily, and hard drives have more room for backup versioning.
  • Set it to at least once a week, but some software (like Acronis) will let you keep up-to-the-minute backups too.
  • Unplug the external hard drive between each backup if you’re not keeping a continuous backup. This prevents viruses and power surges from getting to it.

Method 3 – Manual Backup to External Hard Drive

Again, do not use a thumb drive if you can help it. Doing manual backups requires you to do what backup software does automatically. Here is one possible method:

  1. Plug in the external hard drive
  2. Create a folder on it with today’s date
  3. Copy all of your personal files into the folder
  4. Unplug the hard drive’s USB and power connectors

Tips for manual backups:

  • Use AxCrypt to encrypt your backups in case of theft or loss
  • If you get to the end of your hard drive’s space, start deleting the oldest backups as you need room
  • Do it at least weekly, longer only if you don’t change your files every week

Now Stick To Your Backups

The vast majority of your backups will never be needed. You’ll go for months or years and think, Why am I doing this again? Here are some excuses I hear when people stop their backups. Believe me, I’ve heard them all.

  • I’ve never lost anything important
  • This is tedious, I’ll change it to monthly instead of weekly
  • I need my external hard drive for something else for a while
  • My external hard drive died
  • I use a Mac so I’m safe… Yes, I’ve actually heard this one

STICK TO YOUR BACKUPS. The one time you might need it in three years will be well worth the inconvenience. If you ever experience catastrophic data loss like I have, you’ll probably get paranoid about it like I am. Please don’t let that happen before you decide to get on the wagon.