Improve your security #10: Make backups

It is said that three things are certain in life: we are born, we pay taxes and we die.

Adding a little bit of IT facts on top of this, I can add a fourth certain thing: hardware fails. It is only a question of when and not if it fails. And when it fails, you want to make sure that you have your data securely stored somewhere where you can always access it without too much hassle.

There are many ways how to secure your data thanks to the cloud services, the affordable prices of hard drives, network attached storage and the existence of  so many free backup solutions.

But, what exactly does ”backup” mean?

Backup, or Backing Up  represents in the IT the process of making a copy of some data with the purpose of being able to restore it in case of data loss (e.g.: this is what is happening when hardware fails).

How can one make a backup of his data?

There is a simple and a complicated answer to this question.

Let’s start with the simple answer and if you feel that this solution doesn’t fit to you, then read the complex answer.

 

Simple backups

The simplest backup possible is a synchronization of your files on an external medium like an USB hard drive, a Network Attached Storage (NAS), an FTP server or in an online service. Synchronization means nothing else than to mirror your files on the external medium.

A synchronization can be performed in real time or on a schedule.

Real time synchronization means that there is a service working in background on your computer and monitors the files which are changed. As soon as it detects that one or more files which it was configured to monitor were changed, it tries to copy them to the external medium (USB, or cloud service). This has the advantage that your backup is always up to date, but it also has sometimes the disadvantage that it slows down your computer if you have configured to backup many folders.

There are many tools that provide a real time synchronization, most of them offering also a basic gratis version. Some examples are Dropbox, Bitcasa, Memopal, CX and others. It is not recommended to have more than one such tool installed and active on your computer because this will seriously slow down your hard drive and the overall performance of your computer.

Scheduled synchronization means that a sync of your files is only performed at specific pre-configured time intervals or events. For example, you could schedule a backup every day at noon while you are in the lunch break. Or, you can schedule a backup when the computer is in idle mode (usually when the screen saver starts).

You can use several gratis tools to perform a scheduled synchronization. A nice synchronization tool comes from Microsoft and it is called SyncToy, but it can only work with folders on local mediums like hard drives or shared network folder (in other words, it supports only Samba). If you are a computer geek, you can also give RSync a try.

 

Complex backups

Simple file synchronization should be enough for most users, but there are cases when you want to backup more data in a secure way. Example of complex backups are incremental backup, differential backup and reverse delta backup.

In the incremental backup you create once a full backup and several snapshots from that point on. If you want to fully restore the backup, you need to restore all incremental backups until the full backup in the exact reverse order.

My favorite tool to create incremental backups is Duplicati because it also allows to encrypt the files before you upload them to the external medium. The great news is that Duplicati comes with support for various mediums like  FTP, Cloudfiles, WebDAV, SSH (SFTP), Amazon S3 and others.

In the differential backup you create a full backup and each time you create a snapshot, all differences between the full backup and the current state are saved. If you want to fully restore the backup, you need to restore only the latest snapshot and the full backup.

In the reverse delta backup, you create a full backup and then several snapshots that contain only the differences from the full backup.

The perfect examples of such tools are the rdiff (the base of CVS) and Apple’s Time Machine.

 

No matter of which method you use, make sure that you respect the golden rule of backup – which I see as common sense:

Don’t keep your backup in the same place with the files that you backed up.

If something bad happens, you will lose both.

 

Want to know more about how you can improve your security? Check the full series here.

Sorin Mustaca

IT Security Expert