Insights For Success

Strategy, Innovation, Leadership and Security

Carbonite

OPSEC : Backup Strategy for the Security Conscious

GeneralEdward Kiledjian

RELATED: The best way to protect your data - images, music, documents

Even with all of the technological advancements we have made, backups are usually overlooked by the "average Joe" until something significant occurs (causing a massive shift in paradigm). 

Why backup

Traditionally we backed up our information in case the physical media we used (hard drive, DVD, ZIP Drive cartridge, Bernoulli Box, etc.) had a catastrophic incident. 

Modern headaches that we add to the justification list now include malware and cryptoware data modification, seizure at a border crossing or shutdown of a cloud service. 

When thinking about backups (as a security conscious individual), you are concerned about:

  • Recovering your files in their original format (not some compressed low-quality version of your precious originals)
  • Ensuring that only YOU can access your backed up information 

Know thyself

Before we can discuss how to protect your information, we need to know what and where that information is

Inventorying your information is not as simple as it first appears... Think of everywhere you have stored digital data. 

  • You have one or more email accounts possibly with various providers (Hotmail, Outlook, GMAIL, Yahoo Mail, your ISP, etc)
  • You could have contact information on Google, iCloud, Samsung Contacts, etc
  • You may have documents in Dropbox, Google Drive, Microsoft OneDrive, various 3rd party apps (diaries, note taking apps, etc)
  • You may have information (sometimes even forgotten) on USB keys, SD cards, CD/DVD disks, etc
  • This blog has information (articles) going back 7+ years

You get the picture. What first seems like a basic easy to answer question could quickly turn into a monstrous inventory activity. 

Once you know what you have, you then need to figure out which of these sources is the "master" copy. It is not uncommon for people to knowingly or unknowingly load duplicate information across multiple different storage mediums. This of the master as the version that you are likely to keep the most up to date. 

As an example, I recently did a photo duplicate cleanup and realized 15% of my total 1.5TB photo storage was duplicate files I had accumulated over the years. 

RELATED: OPSEC - How to securely delete files

It's time to strategize

In a previous article, I talked about the 3-2-1 backup strategy. The exact entry from my previous article was:

This is a simple way to remember the right way to backup and protect your data. 

  • You should always have 3 copies of your important data. This means one primary (aka the one you use on a daily basis) and 2 copies as backups.
  • You should always have your backups on 2 different types of media (one of your backups can be to an external hard disk while the other one should be to another type of media like DVD disk or to an online service).
  • You should always store 1 copy of your data to "somewhere else". This is to ensure recoverability in case your house or business experience a natural disaster. Now in most cases, this can be one of the popular online backup services or it can simply be you manually storing the media in another location like your office, a bank vault or leaving it in a friends house. To be extra careful, it is recommended to built-in some distance between you and the offsite backup in case a natural disaster eats a good part of your city. 

The reason we create the information inventory in the previous step is so that you can also backup your application datasets. As an example, if you use Google contacts, maybe export the file monthly in CSV format and make sure it is backed up (don't rely on the goodwill of the provider since they always cap their liability in the event of a catastrophic incident). If you use a journaling application, maybe export your entries in PDF and back that up. If you have pictures sitting on your smartphone, make sure a copy is taken and added to your backup strategy (Google Photos is good but it stored an "optimized" version which is not original). 

People often forget to back up basic information like their emails. To do this, you may need to install a "fat" email client on your computer and pull all the emails (or copies of them) from your mail provider then backup the local program database. Google isn't going away but there have been countless tales of users "losing" access to their accounts for months because Google made an arbitrary decision. Unless you are running your own infrastructure, assume the provider can stop your service and hijack your data at any time. 

A couple of years ago, I spent weeks scanning all my paper documents so that I could have digital easy to move, easy to backup versions. You will likely have to do the same.

Where to store your backups

Back to my 3-2-1 backup model, you should have 2 copies of the data you physically control and one up in the heavens we call "the cloud".

The size of your backup will dictate what kind of physical media you store it on. When backups were small, many users could get away with storing them on CD/DVD/Tape drives but these aren't practical for most modern users.

Most of you will likely store your local copies on some type of large local storage medium such as a USB key and/or hard-drive. If possible, store your local copies on 2 different mediums (USB key AND hard drive) or Spinning hard drive and SSD drives. 

You need one copy in the cloud. Local copies are great because you can restore access almost instantly, but if a major incident occurs, you may lose both of your physical copies. That is when your backup of last resort comes in (aka cloud backup). Remember to protect your cloud backups. You can do this by pre-encrypting the information before uploading it (which works if your backup is small and you are uploading to a service like Google Drive, Microsoft OneDrive or Dropbox). The other option is to use a backup service that lets you hold on to the encryption/decryption keys like Carbonite and Backblaze.

Make sure your backup provider has version control enabled. This means they store multiple versions of files. This is useful if you are infected with cryptolocker like malware that encrypts your files, you can go back to a version pre-encryption. This is also useful if you delete a file by mistake and want to go back in time and bring it back.

It's a process

Once you figure out what your backup strategy will be, you need to ensure it is "run" regularly. Nothing is worse than having a plan and then losing six months of data because you forgot to backup. Most cloud services offer near-line backups which is a nice set it and forget it model. 

You will have to ensure your local copies are regularly updated also. On my mac, I use the built-in and free RSYNC command in the terminal to synchronize via a scheduled task. There are also a tone of reasonably priced on device backup apps (if you don't want to fiddle with the terminal). These are examples but not endorsements:

Going Paperless Part 5 - Backing up your data

OrganizationEdward Kiledjian
Image by Martinluf under creative commons license

Image by Martinluf under creative commons license

First go here and read my article on the 3-2-1 backup rule.

There are 2 types of backups:

  • Offline backups
  • Online backups
sad_mac_retro_THUMB_clipped_rev_1.png

 

An Offline backup is simple, it is an external hard disk or USB key you use to periodically keep an extra copy of your data. As an example you plug it in once a week to copy the information over then unplug it. The problem with this model is that you may forget to backup your data or the data loss may happen just before you back it up therefore you may lose all the data you created since your last backup.

An Online backup comes in 2 forms:

  • Hot online backup 
  • Cold online backup

For Mac users, a hot online backup is like Time Machine or Dropbox (for everyone). This is a drive that is mapped to your computer where the information stored therein is replicated out to the cloud.

CryptoLocker+Ransomware+demands+$300+to+decrypt+your+files_clipped_rev_1.png

With the recent rash of Cryptolocker, we learned about the risks associated with hot online backups. This is certainly a better option than no backup but Cryptolocker discovered these backups (because they have mapped drives) and proceeded to encrypt your information unless you paid their ransom. 

Cold Online backups are services like (Carbonite, Backblaze or Crashplan) that backup your data using a local agent (and not by mapping a drive letter on your computer). These types of backups provide the benefit of a second or third copy of your data and they protect you from malware like Cryptolocker because these nasties can't directly access your backed up info to harm them. Plus since these backups are automated and near-time after a file is changed or added, there is no risk of forgetting to backup.

My recommendation is to follow the 3-2-1 rule mentioned in my other article. My setting is something like this.

  1. My main data is on my computers SSD.
  2. I replicate that document management structure in Evernote as a second copy
  3. I backup my information to an always connected external hard drive (third copy)
  4. I backup my information to Backblaze (fourth cold online backup)

Cryptolocker  is charging around $300 to recover you files but you could have bought 1 year of online cold backup (from any of the 3 listed above) for about $50 per year. Unfortunately once disaster strikes, your options are more limited and typically everything costs more (paying the ransom, sending your drive to a data recovery lab, etc). So backup first and backup often.

Carbonite makes your most used files available everywhere for free

technologyEdward Kiledjian

Carbonite is the 800lb remote backup gorilla so anytime they release a new product, I take note. We’ll they released something original and interesting I wanted to share with you because I know it will be immediately useful to you!

Carbonite Currents is service powered by apps for Windows, Mac OS X, Android and IOS that tracks all of your recently used documents (the last 30 days) and makes them available to you everywhere on any platform they support. You don’t have to remember to copy it in a special sync folder, upload it to an online locker or email it to yourself.

Anything you open or edit is automatically made available.

Did I mention it is free? Totally free.

The most recently used file moves to the top of the list so finding your latest edits is easy. It even provides an easy way to share your file (for read or edit) with anyone. And to top of this wonderful technological Sunday, it version controls the listed files so you can always get back to an earlier version if you want.

To be clear, this isn’t a dropbox competitor that makes the entire “Dropbox folder” available everywhere through sync but rather a complementary service for dropbox users and non-users alike. There are times when you get home and realize you forgot to copy an important file to dropbox, this is where Currents would shine. Since its automatic, you have nothing extra to do. Just use the file and Current will make it available.

It is still in beta so you may encounter a few bugs but overall the product is well designed, well thought out and easy enough for anyone to use.

How to install Carbonite Currents

Files available everywhere

Easy sharing with Carbonite Currents