Every few years, I have posted blog articles about backups and how important they are. Today it is time for another article on this topic as times have changed and you might not be as safe as you thought you were. I know this as a good friend of mine has just suffered the scenario I am about to discuss first hand ….
By now you should know some of the basics of a good backup regime. Below is my personal list of guidelines:
- Backup up anything you are not willing to lose. Programs can be replaced, data can’t.
- Backup often so your latest data is safe. How many hours/days can you lose?
- Backup to a separate physical drive. Don’t trust a single drive not to fail.
- Backup to multiple drives and cycle through them, so you have a history.
- Take at least one backup drive offsite, in case of disaster.
- Verify backups, especially if using media like tapes or optical discs (CD/DVD).
- If you find a problem, don’t backup. You might overwrite good data with bad.
Now, I will have to add some of new guidelines:
- Do not have all backup drives connected and available to any single machine.
- Backups to cloud storage (OneDrive, DropBox, etc.) can be a good idea.
- Using automatic synchronisation of your data to cloud storage can be a good idea.
- However, don’t rely only a cloud storage backup as your only backup.
The scenario that my friend recently faced was this. Her personal computer was set up to synchronise her personal documents with a cloud storage provider. So all her documents and photos were saved into the cloud. Sounds great. If the computer is stolen, or there is a fire or if the hard drive fails, the data is safely stored in the cloud and can be recovered.
Having the automatic synchronisation enabled means that you never have to remember to update changed or new documents and photos to the cloud, it just happens for you. This is wonderful …. until …. nasty people out there created crypto viruses.
Crypto viruses such as CryptoLocker and CryptoWall are ransomware which once on your computer will encrypt your personal data (on local, external and network drives). Then they will ask for money (usually in Bitcoins) to decrypt your files. Usually, there is a deadline as well, after which the private key used to encrypt the files will be destroyed.
Even though, it is possible to remove the virus itself, the encrypted files usually cannot be recovered. Paying the money has no guarantee that you will get your files back and only encourages these sorts of viruses.
So you may ask “What’s the problem, the data was safely backed up in the cloud?”
The answer is yes, it was backed up and due to the automatic synchronisation, all the updated and now encrypted files happily updated over the originals and made them inaccessible.
Moral of the story: Don’t rely on synchronised cloud storage as your ONLY backup.
Previous articles on backing up your data:
- Welcome to 2009 & Backups
- Public Service Announcement: Don’t Trust Hard Drives
- Backup regimes and synchronizing folders across your network
Hope this helps you avoid disasters
This article was originally posted on http://www.winthropdc.com/blog.