17.37 – Backups

Another consequence of adopting the mindset that an attack is inevitable is that multiple copies of information should be maintained in case one is breached or locked. This means backups are a must for any computer user.

Whether one is protecting against malware or just ordinary device failure, backups are essential. If the worst happens, one can go to a backup and recover information without having to completely rebuild it.

This suggests that regular and multiple backups are needed. The frequency depends on how much time one is willing to spend bringing things back to normal. If only backing up weekly, this means that the most recent backup will require re-entry of up to a week’s information. Given one’s data and resources, that might be reasonable – or inadequate. Some systems and data stores can get away with more infrequent backups, but others might require daily or even more.

The number of backups to maintain will also vary. Depending on storage capacity there could be dozens, ranging from a day old to a week, a month or more. Although more is often better, it also means extra administration, storage and potential risk if the backups are lost. Most backup programs allow for encryption as a protection against prying eyes, but the overall goal should be to balance usefulness and practicality.

A backup strategy that is often recommended is the 3-2-1 approach. Every form of data should be stored in 3 places – the original and no less than 2 backups. There should be at least 2 different formats, such as a hard drive and the cloud. And a minimum of 1 backup must be offsite. Remember that a backup stored onsite is as much at risk to fire, natural disaster, or theft as the original.

Another essential part of the backup process is restoral tests. A backup is useless if the information cannot be retrieved. There should be regular checks confirming recovery of selected portions of backups, or even the whole collection on occasion. 

There are also a couple of specialized forms of backup which come in handy not just for malware, but for everyday events. One is versioning, where revisions to files are tracked and older versions can be recovered in the case of accidental deletion or changes. Windows calls this File History, and it can be set up on a network-wide or individual system basis. Both are desirable. Microsoft’s OneDrive cloud storage also offers this, as do other cloud platforms. It is highly recommended to turn this on for the protection it provides.

Another backup variant is mirroring. If a network server, for example, is mirrored, it means that a further identical system is concurrently running, and the two machines continuously synchronize with each other. If the main server goes down, the mirror will immediately kick in and users may not even know there has been a problem. A mirror is not a full backup strategy, nor does it immunize one from malware. The mirrored version can be infected just as easily as the primary system. However, mirroring is a desirable extra layer of protection to avoid downtime.

Although useful, versioning and mirroring are not in themselves complete backup solutions. Plenty of thought should be devoted to creating a backup system which is automatic, comprehensive, and effective to avoid loss of data for any reason.

Optional Video: In this Bite-Sized CPD video, we discuss the unique vulnerability of digital information and the consequent importance of computer and device backups.

Backups [7:05 minutes]