Disaster Recovery

Home backups: a primer for your users

Industry studies indicate that many people are risking data loss by neglecting to back up their files at home. Home machines are being used for more and more tasks, both work-related and purely personal. Here are some home backup tips you should pass along.

Industry studies indicate that many people are risking data loss by neglecting to back up their files at home. Home machines are being used for more and more tasks, both work-related and purely personal. Here are some home back-up tips you should pass along.

-------------------------------------------------------------------------------------------

I was talking with a friend of mine recently, trying to console him through a computing tribulation. A year or so back, he had invested the effort to rip all his DVDs to a large external hard drive. This was so he could play them back through a home theater PC without having to hunt for the original discs or worry about getting them scratched. His problem was that the external drive he was using had failed, and it was the only place that the video files were stored. His original discs were still safe, thankfully, but the time he had spent babysitting all those disc extractions was gone for good.

My friend was most distraught over the fact that he should have known better. There are lots of devices and software on the market to help home users protect their data, but some sources indicate that even though most people know they should back up, many don't bother. A 2006 survey conducted by Maxtor indicated that 46% of respondents do not make backups of their data.

Support pros have so much to worry about at work that it would be nice if we could wash our hands of what our users do at home. More work is being done from off-site, though, and VPNs and Web applications increase the chance that there is business data that has ended up on your users' home computers. Backing up their data at home may not be your direct responsibility, but you can provide a better degree of support by reminding them how they can protect their files. So, ready for copy-pasting or hot-linking, here are home back-up tips you can pass on to your users.

Step One: Just start already!

The current versions of both Apple's MacOS and Microsoft's Windows have decent back-up software built right in. Pair the software you already have with an external USB hard drive and you have a basic back-up system. Remember, buy an external drive bigger than your computer's internal disk (room to grow on, you know).

Single disks can fail.

There are external USB devices on the market now that can contain more than one hard disk. These storage systems can spread your data across all the drives in the device, protecting you in case a single drive should fail. These systems can be more expensive than single drive solutions, but they offer more comprehensive protection. Consider saving up for one of these more robust systems or simply buy a second single-disk back-up device and trade off every so often.

Look for another basket for your eggs.

Backups at home are a good start, but what if you have a fire or a natural disaster, and all your drives are trashed? The next level in back-up safety is storing a copy of your files in another location. If you have two external drives you are using for backup, you can accomplish this by keeping one of the drives elsewhere — at the office, with a friend, or in a safe deposit box. Make sure to bring it home again frequently so the data can be updated. You could also consider commercial back-up services that copy your files to a safe location over the Internet. Carbonite and Mozy are two companies that offer this capability.

Remember, you may have more to protect than your computer.

Now that your PC is safe, think about all the other places you might be storing data. Game consoles, camera memory cards, and digital video tapes all contain information that can be lost when a piece of hardware fails. If it is anything you would miss if it were gone, make a copy!

41 comments
reisen55
reisen55

For home users, the concept of internet backup is acceptable to a degree, but always with attendant internet issues such as data theft and lack of access at critical times. As a consultant, I always make a customer backup for repeat business and keep it on my network, but on a separate SATA drive that is kept on a shelf and rarely used. Best security in the world - keep it turned off. My own storage concept: 2 drives, Operating System and Storage. Storage holds everything, inclusive of apps and inclusive of GHOST image of the upper drive making restoration a snap. And if you want real redundancy, mirror this onto a secondary computer as well. I burn DVDs for long term storage for my business clients and retain in a secure location. I do not do internet backup nor tape backup.

ed.adams
ed.adams

Windows Home Server works outstandingly well for me and the 8 or so computers I have backing up on it, including my music server. The website built into the package has also proved useful in transferring files too large to email to others, as well. It also has the advantages of being automatic, happening every night, being disaster recovery grade, and requiring almost none of my time except for when I need it. When I have needed it it has performed flawlessly.

Michael Kassner
Michael Kassner

One important concept that needs to be mentioned is that the use of external drives allows easy access to the data on the drives. Any external device holding personal or private information should be encrypted.

whutsky
whutsky

I run Vista Home Premium and use Acronis True Image Home Edition to run a full backup to an external SATA drive. Acronis is really powerful and easy to use. It even lets you do incremental and differential backups, compression, image file password protection and a lot more. I highly recommend it.

crodrous
crodrous

At less than $5 per month, there's no reason people shouldn't be backing up remotely. Carbonite and Mozy are two good services, but others are available, too. We've reviewed some of the more popular ones at: http://www.onlinebackupsreview.com/reviews.php

williamjones
williamjones

Like a lot of support pros, I often get asked if I have an "opinion" about what might be wrong with a colleague's home machine. I usually make it a practice in these situations of asking whether the individual has recent backups of their files. My users usually make a practice of hemming, hawing, and admitting they don't. In my most recent blog post, I've tried to distill for other support pros the back up tips my users have found useful. So, do you think your users have solid backups at home? Do you?

Michael Kassner
Michael Kassner

The problem with DVD and HDD backup is that it may not meet certain archival requirements. At least that's what I have run across.

williamjones
williamjones

Home Server is a pretty good product, and offers a great deal of functionality. What happens, though, if you have a fire and your WHS and all your clients get doused with a few hundred gallons of water? Home servers and network storage appliances can make sure that there's a lot of storage space available to home users, but that can mean that there's even more stuff to lose if offsite backups are neglected. Thanks for your story!

williamjones
williamjones

...but I decided to leave it out of my simple backup tips for home users. I think in many cases, encryption is that one extra complication that might put some people off. Backup needs to be made simpler for people, so they'll do it! Once users are a little more savvy and get in the habit of making backups, using a program like TrueCrypt to protect sensitive data is a great next step. Thanks for the feedback!

ebsfrmr
ebsfrmr

Do you have any suggestions on easy/convenient encryption methods for external hard drives? On another note, I am finding Norton 360 to be helpful for backups. It could be an answer for home users, as it uses a green, yellow, red light system informing you if you have been successfully backed up recently...It gets your attention whenever there is a problem with your automatic backups...

ChrisHyche@AlabamaOne.Org
ChrisHyche@AlabamaOne.Org

Many people do not have a fast or unlimited Internet connection. If you are running on dial-up or satellite with a very low down/upload limit(350MB a day) transferring a lot of data to a web server is not an option. Even with a fast connection a large about of data can take a very long time to transfer...

pgit
pgit

Dismal. The ones who do any backing up are the ones who got burned along the way for not having done them before. All of my corporate clients are backed up, almost entirely automated, including an off site push of data over ssh to a remote server I maintain for the purpose. All of those clients also have a designated person who keeps track of the updates, whether they are working, confirming they are getting everything...

stevethehawk
stevethehawk

I put a Iomega 500GB external drive on my Christmas list. Assuming I get it, I'll be backing up often. I've been lucky so far, but I don't want to push it. If the drive works as advertised, I'll likely get another one so as to allow off-site storage.

MGP2
MGP2

...once around Christmas time and once around Easter. Get it? Religiously? I'm here till Thursday. Try the veal. :-)

TonytheTiger
TonytheTiger

with media as cheap as it is now, and the simplicity of doing it. Do I? Yes. Do they? It depends. If they haven't asked me for help fixing their virus/malware/Windows reinstallation problems, usually not, but when I fix it, I set it up and show them how to use it, and they're pretty diligent in my experience.

reisen55
reisen55

In what sense would tape (god forbid) meet requirements. I do not have email issues at this account and also religiously pre-test restoration procedures. I also maintain ghost images of every single system I support (a few of my accounts it is mandatory that I do so) and that includes servers.

wdewey@cityofsalem.net
wdewey@cityofsalem.net

I personally bought a fire resistant filing cabinet. It's not as good as an off site solution, but it is cheaper. Bill

lastchip
lastchip

encryption is essential and more so for home users. How many home users have credit card numbers, bank account access data, passwords and anything else you can't even think of *and* they don't even know about it on their hard drives? Security is now so important, it should be part of all back up strategies for everyone. Whatever their level of expertise. Failing to impress this via educational articles like this is gross negligence. It is not difficult. People simply need to be told why and told how.

Michael Kassner
Michael Kassner

My favorite drive and file encryption application is TrueCrypt. It's an open source application that's free as well, can't beat that. I have been using it for years and have not had a single problem with it. The developers are constantly upgrading it and it just always works. Which is important when it comes to valuable data.

kevans
kevans

good one, sounds like you're ready for some time off.

pdr5407
pdr5407

DVD media is the cheapest option, and the one that I use to backup data on my home computer. I suggest that business users only backup to media at there company, not home.

Michael Kassner
Michael Kassner

Dealing with those kinds of situations forces you to look at everything from a different perspective.

larrybell_2000
larrybell_2000

I would almost question your thoughtfullness to remember to grab your Fire resistant box on the way out of your burning house. However, as a trained professional having dealt with those emergency situations often, it would be FAR more likely for you to do it than Joe Average user. Practicing for emergencies, or dealing with them as part of your job makes taking the proper actions an automatic habit that can save your property, if not your life. That all said, the idea of using a Bank's safety deposit boxes as a cheap alternative to professional Off-site storage companies (like DataSafe) is ideal. A local location that, within normal banking hours, allows for safe, quick retrieval and restoration of backup data when needed.

Michael Kassner
Michael Kassner

There is no such thing as fire resistant. I've seen impressive security vaults survive a fir, but all the contents was a heap of plastic on the floor of each box. I have a fire-resistant box myself, but I make it always available and one of the first things I will grab when I'm getting out of the house. I also have a safety deposit box at my bank where I do a monthly rotation of USB keys and drives.

Michael Kassner
Michael Kassner

Even if it's simple as login passwords. That alone is light years better than having a USB drive that has no protection at all.

Michael Kassner
Michael Kassner

TrueCrypt does require a password. After that it requires user sensibility. Logging in and out will stop the automated process. This is a quote from TruCrypt. Sorry for the length but it explains the process completely: "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc). Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). Files are automatically being decrypted on-the-fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are automatically being encrypted on-the-fly (right before they are written to the disk) in RAM. Note that this does not mean that the whole file that is to be encrypted/decrypted must be stored in RAM before it can be encrypted/decrypted. There are no extra memory (RAM) requirements for TrueCrypt. For an illustration of how this is accomplished, see the following paragraph. Let's suppose that there is an .avi video file stored on a TrueCrypt volume (therefore, the video file is entirely encrypted). The user provides the correct password (and/or keyfile) and mounts (opens) the TrueCrypt volume. When the user double clicks the icon of the video file, the operating system launches the application associated with the file type ? typically a media player. The media player then begins loading a small initial portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically decrypting it (in RAM). The decrypted portion of the video (stored in RAM) is then played by the media player. While this portion is being played, the media player begins loading next small portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) and the process repeats. This process is called on-the-fly encryption/decryption and it works for all file types, not only for video files. Note that TrueCrypt never saves any decrypted data to a disk ? it only stores them temporarily in RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your computer, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted (without proper system shut down), files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile)."

wdewey@cityofsalem.net
wdewey@cityofsalem.net

If the user do not have the data on their PC encrypted then encrypting the backup is a non-issue because a thief will have access to their PC at the same time they have access to the backup (unless it is an off site storage, but how many home users do that??). The only reason to encrypt a backup if it is not secured another way and for most home users there are a lot easier ways to get SSN and credit card numbers than breaking in and stealing their backup. The biggest worry in my opinion for home users are worm and trojans. These can capture info while the computer is on and working which defeats all forms of encryption (if the drive is mounted the worm/trojan can access the data exactly the same way the user can). Bill

larrybell_2000
larrybell_2000

I would like to pose a question or toss out a thought: If TrueCrypt offers on-the-fly encryption, and the process runs in the background so the user doesn't have to think about it, I would think this still doesn't offer a lot of protection. In the case of running encryption on a laptop, and the user doesn't have to do much to activate/deactivate it, then if someone steals the laptop, that "lack of user intervention" doesn't protect him either. The program will STILL be running on the laptop, freely taking and giving all the personal private information to the thief that the encryption was suppose to prevent anyway. And if the burglar breaks into your home to steal your desktop system, same problem. The ONLY place that the encryption would seem to be the most use is if you are creating system backups for off-site. And only if you send just the encrypted DATA off-site. If you send an image of the entire drive (as I usually do for backups), the encryption application (again, requiring little to no user interaction) is there with the data for the thief to use at will. (Yes, I create drive images for my backups with the intention that it would save me time if a major restore is needed. I don't have to find all the application disks and reconfigure everything. After a major crash, how easy is it to get your system back to exactly the way it was before?) Don't get me wrong, I like the idea of encryption software to protect private information. I have used Cryptainer to create encrypted "containers" to protect Tax information. But to open the containers you have to use a password, so a thief couldn't use the information unless s/he knew the password. And you can close those containers to 'lock' them again when you are done. I don't happen to know if they automatically lock if you simply shut down the computer. I use the free version, and the containers are limited to 25 megs or so, but you can create multiple containers. ANd you can send encrypted email with it as well. You can create bigger container in the paid version. I believe in encrypting private information, but it has to be manually started each time it is to be used, or it really doesn't offer the protection people think it would. With little to no user intervention to use it, if your system is stolen, it would be like locking the door to your house when you leave, but leaving the key in the door lock (and I've accidently done THAT too).

lastchip
lastchip

It's too simple. Backups are essential (we seem to both agree thus far). So backup to an encrypted medium and then you have a secure backup; no ifs or buts: job done. Two birds killed with one stone for minimal additional effort, drastically reducing any likelihood of any security repercussions. That's my rationale. You may not agree with it (and that's your prerogative), but it wont change mine.

Ed-M
Ed-M

Sorry - must disagree. We strongly press our users - however new to the process - to never, ever do an unencrypted backup. It cannot come second in an incremental learning process. It would be like saying to someone you're teaching to drive that they can learn all about signaling on the next lesson - all that's needed for now is to learn to get the car moving through traffic. Why? What if they leave a previous, unencrypted backup intact when they start doing encrypted ones? What if a previous unencrypted backup is not fully overwritten by a subsequent one? There are viable scenarios for successful recovery and theft of unencrypted data even if it was deleted. More importantly, it sets the right pattern and habits from the very beginning and actually requires *less* training overall. Our best practices understanding of data management is to teach data security *first* as the backbone for all subsequent data management. After that, and within that context, teach other secondary processes such as backups, etc. On a different note - and yes, I know this adds a layer of complexity and challenge for users - the issue is broader than mere backups. It should be approached with a "data preservation" scheme that includes measures to help mitigate against drive failures in the first place. That includes scheduled use of SpinRite to keep drives healthy and warn against impending degradation or failures. Having a means to counteract the effects of a disease is good, but why not try to prevent the disease in the first place? (Sorry, I like analogies.) As with backups, even this can be a pretty routine, automated process. We don't lower expectations to accommodate reluctant or unskilled users. We work hard at raising their confidence and understanding and putting a healthy fear of potential data theft and misuse up-front effectively motivates them. Ed

Michael Kassner
Michael Kassner

Using on-the-fly encryption means the process is in the background and requires no user intervention. Most people, including myself aren't totally reliable about backing up. So this approach is kind of the best of both worlds. Safe and reliable. One thought: If your backup application is granular enough, just the sensitive data could be sent to encrypted folders.

williamjones
williamjones

Michael is right in his reply saying that TrueCrypt is a great way to handle encryption. I use it. I don't back up my entire drives, though. Why bother when the bulk of my data is stuff that can't compromise my finances of my identity should it be stolen...vacation pictures, mp3s, video files. I use (and backup) a small TrueCrypt image to store my accounting files and truly personal material. That protects the objectively valuable stuff without requiring me to use whole-drive encryption.

Michael Kassner
Michael Kassner

Check out TrueCrypt, it has on-the-fly encryption just for this very purpose. As I said earlier TrueCrypt is quite an amazing program that has all sorts of features.

larrybell_2000
larrybell_2000

When I went through the A+ certification course at a local Community College a few years ago, they were using removable hard drive bays in their tower boxes. I thought that was pretty neat for being able to quickly swap out drives with different OS setups and such. I also thought that would be a pretty good way to keep my system backups (on a removable HDD). I would back up to the drive in the removable tray, then put it in a lockable closet where I kept other computer related stuff I didn't want my son to "borrow". Take the drive out of the closet and slap it in the computer for the backup, then put it away. But I admit that I have gotten out of the habit of putting it in the closet between backup. It is in the computer and on more than not. Kind of defeats the purpose of having a drive for backups that doesn't get as much wear and tear. But I DO make backups before I make some system change that I am afraid might hose my system. I have to much job search stuff on there to lose. My sister-in-law says she has had her computer for SIX YEARS, almost ALWAYS ON, and she has never made a backup. Doesn't even own another drive to back up to!! I have told her she is an accident just waiting to happen. She has told me she would get a drive and wireless router (for daughter's laptop for internet) after the first of the year, so I'm "shopping" for her. I have a wireless G router for her to use, set up with WPA2 security, and I plan on pushing her to get a Netgear SC101 NAS device. Two drive bays that can sit on your wired network to share storage between machines. Mirror with 2 400+ gig drives, and you should be set! If one goes out, you still have the mirror. And yes, I don't use mine for that anymore either. I felt that it didn't make sense to have it always on and not really be using it. But if you set up backups for once a week on say Sunday, and turn the NAS on sometime Saturday, you can turn it off again Monday until the following Sat and still do backups. The NAS doesn't really solve the security issue, unless you can wire it into a locked closet or something. Not really practical, and the SC101 gets pretty warm. Not something you want in a space with limited ventilation. But it COULD be placed somewhere away from the computers so that if the computer were stolen, you still might have the SC101 and the backups. Just my thoughts on the subject.

williamjones
williamjones

where we don't agree is that you seem to see backup and encryption as tactics that can't exist separately. I see them as related but distinct issues within the larger field of data security. Encrypting personal data alone doesn't protect against data loss due to catastrophic hardware failure. Backups don't protect users from other information loss, say due to data theft and social engineering. Separate issues. Lastchip, I don't need you to condescend to me. I know the issues that are at play in information security. I've also already provided my rationale for deciding that encryption can be handled as a separate issue. Have a better one.

lastchip
lastchip

The Internet is no longer a kiddies playground. It's more like a ghetto, where thugs will stick the knife in and twist it at any opportunity. What's that got to do with backup? The Internet is where, (almost without exception these days) theft of data originates, therefore, unencrypted computers, let alone backups are extremely vulnerable. Computers it is fair to say, are vulnerable via remote access of one kind or another and backups via physical removal. If you are taking the trouble to teach people how to backup, why not offer added value and teach them how to do it securely at the same time? It's not as though it's difficult. I've no objection to your articles concept, it's just to me, failure to even mention some sort of secure way to carry that out, is, well, negligent. Surely, the only way this message will get across, is if we, as IT professionals, all sing from the same hymn sheet. I've found as a general rule, if you tell people why they should do something and teach them how, they will respond in a positive way. I'm sorry you don't seem to agree, but totally accept your right to a different stance. As far as you article being irredeemable; no, I don't think that at all. There are aspects of it that are very worthy.

MGP2
MGP2

(Line by Olympia Dukakis in "Steel Magnolias"). Lastchip, considering the percentage of home users who DO backup regularly is miniscule, I'm fairly certain Mr. Jones' focus was on getting people to get in the habit of performing regular backups. Once they're comfortable with that, then they can add in another step. And that's just it. One step at a time. And I believe that's pretty much what he said in his reply to Mr. Kassner. One step at a time....

williamjones
williamjones

Well, if you say so, lastchip. This is a blog, not a textbook. I never claimed that this would be a post that covered all issues concerned in data security. I was just intending to provide a basic intro to home backups that techs could pass on to their users. You're entitled to your opinion that encryption is vital to a home backup solution. I feel it is just outside the scope of a basic intro. Hopefully you're alone in thinking that the post is irredeemable. Thanks for your thoughts.

wdewey@cityofsalem.net
wdewey@cityofsalem.net

True Crypt mounts the encrypted file as a file system so once open it can be easily written to by any standard backup software. Bill

cmaritz
cmaritz

Creating encrypted file containers, encrypting whole drives, traveller mode, and more, make it a winner. And all for the low low price of free.