I'm self-employed, mostly working at home on my PC, and I back stuff up on a NAS, a SSD and a cloud account. The NAS has a password for access, the cloud account likewise, and so on.
But it's belatedly occurred to me I should have more secure backups - rather than just saving stuff unencrypted to each place, I should probably be encrypting things to back up.
Question is, as a non-IT person, what's that process look like? Is it just a case of choosing a decent backup program and using its inbuilt encryption capabilities? And if so, which are worth looking at?
Is it just a case of choosing a decent backup program and using its inbuilt encryption capabilities? And if so, which are worth looking at?
Yes, it’s that simple.
Backblaze or iDrive.
Don’t half-arse it with OneDrive, Google, or iCloud. They’re not backup services. If you delete something off your machine, it’ll delete it from them too. Using them alongside a proper backup solution is fine for convenience though.
we use Backblaze. Out of interest, why do you feel your local backups need to be encrypted? Unless you sub-contract to GCHQ 😂 Gut feeling is, for a non-IT person, this has the potential to do way more harm than good!!
Don’t half-arse it with OneDrive, Google, or iCloud. They’re not backup services. If you delete something off your machine, it’ll delete it from them too.
There's a more nuanced reality to this, for OneDrive at least.
OneDrive does version history and point in time restores too. So even if you delete lots of stuff (or have a cyberware attack that encrypts your data), you should be able to restore to a point in time (and it gives a good summary of changes since those restore points). It also has sensible basic Recycle bin settings on the OneDrive itself, so generally by going into the online version you can retrieve "accidental deletion" stuff even without restoring the OneDrive.
Depending on what you do, what platform you're on (Windows, clearly for OneDrive) then that may be "Good Enough"
Cloud backup? Already been said - Backblaze
backup plan - https://www.backblaze.com/blog/the-3-2-1-backup-strategy/
So many folks think storing stuff on an external drive is a backup. You’re ahead of them 🙂
Depending on what you do, what platform you’re on (Windows, clearly for OneDrive) then that may be “Good Enough”
Sorry, forgot to say :
Other than that, if you need something more, Backblaze is probably the answer.
I've just extricated myself from OneDrive, after finding it had moved all my files out of my c drive. Probably my own fault for not understanding what it does, but it wasn't quite the simple backup option I thought it was. Nearly started crying when I opened ableton and none of the folders I've pointed it towards had anything in them 😂
To be honest, the fact it does stuff to my files without explicitly telling me was enough to put me right off. I will look at the suggestions above, I want to get on top of backing things up safely.
What are you backing up and why? This will dictate your storage policies. It may also be mandated by GRC (governance, risk management and compliance). Eg, are you affected by DPA (GDPR)? If so you have a responsibility to secure any personal data you hold.
As a bare minimum, for anything critical I'd want a warm and a cold backup. Warm meaning you can get at it quickly from multiple sources - so, your cloud storage perhaps - and cold meaning completely airgapped so your NAS or SSD if you unplug it afterwards. Ransomware now is specifically targeting backups ahead of local files so by the time you know you're infected your backups were long since knackered.
I’ve just extricated myself from OneDrive, after finding it had moved all my files out of my c drive. Probably my own fault for not understanding what it does, but it wasn’t quite the simple backup option I thought it was.
It's a different way of thinking.
If you're using OneDrive - I do - then your local (C: drive) copies are just that, cached copies which are synchronised or downloaded on demand. It's not a backup in the traditional sense of copying everything onto tape at the end of the day or what have you, rather it's a rolling system which tracks changes. You know the whole "Word crashed and I forgot to save so I lost a day's work" gripe? Gone, saving is immediate. Need a copy of a file from how it was last Wednesday? Sorted. Out and about and need to reference something you wrote yesterday? Pull it up on your phone.
OneDrive, OneNote and Google Calendar genuinely revolutionised my life. I'd be absolutely bollocksed without them. I'd have to try and remember how pens work.
Thanks guys, appreciate the input.
I don't do owt with PII, so GDPR is fortunately not a key consideration. But client confidential information is more of a concern; a particular client wants me to sign a standard agreement with them, which they've clearly written for enterprise-size vendors, talking about usage access control, data security testing etc etc.
It just got me thinking that I could be more secure, as I'm sure files on my NAS and SSD backups can be accessed easily if someone laid their hands on them. And misplacing a laptop while travelling is always a worry too!
OneDrive is a bit of a pig to use tbh, between the capacity limits and its default setting of removing files from your local drive to have them in the cloud - but it is integrated into Windows. I find it useful as a live-ish version of my files, with NAS and SSD backups being more comprehensive backups of versions etc.
OneDrive is a bit of a pig to use tbh, between the capacity limits
What are your capacity requirements? Basic business subscription for Onedrive is 5 dollars per month for 1TB, it isn't too bad.
We have two Syntology NAS (newish one and old one). Lots of customer and commercial data on there. We do encrypt as it's a zero hassle option on the newer NAS in terms of performance/config.
We back up between the NAS's every night for around 15% of the data. This being the stuff that changes. We do quarterly for stuff that doesn't change much but is v. important. There's not enough space on second NAS to do a full backup so we're exposed there.
We take a copy of that 15% onto a external HD every two weeks just via USB in to front of the NAS. We keep 3 versions of that.
When we (Finally) get fibre this year, we'll use either backblaze or the Syntology one. Prob blackblaze as I'd like some vendor redundancy.
Not a big company but we do have clients with draconian T&Cs, and I used to do this sort of stuff for a job and I've lost data because I was lazy and thought copies and backups were the same thing more than once!
Oh and the external drive lives in my garden office so if the house burns down we still have our most important data. Some may call it paranoid, I call it prepared 🙂
