Lorenzo Villani

(╯°□°)╯︵ ┻━┻

3-2-1, It's Time to Backup

Nov 4, 2015

November is the right time to define your New Year’s resolutions. There is nothing better than gifting you and your relatives an effective, yet simple, backup strategy. Start now before it’s too late. There’s nothing worse than waking up on the 1st of January and learning with horror that all of your data has vanished into thin air.

The simplest and most effective guideline to keep in mind is the so called “3-2-1 Backup Rule”:

Keeping three copies of a files means keeping them in different places. So, mashing CTRL+C and CTRL+V on your computer keyboard does not count as a backup. Likewise, keeping your files in a secondary drive permanently attached to your computer doesn’t qualify as backup, either. You would still loose it all should someone steal your machine. The file you have on your work computer, however, counts as the first copy. What I call the “master copy”.

But why keep different copies? Why three? The answer to the first question is redundancy: you don’t want a single event to wipe out all of your memories and work files. The answer to the latter is: the more copies you have, the merrier. Three strikes a balance between having too few copies and being hard to manage.

You will also want to keep your backup in two different formats so that you are not subject to weaknesses of either of them. For example, magnetic hard drives, leave your data exposed to EMPs and mechanical deficiencies in the device itself. A good alternative is to leverage the SSD in your computer, a magnetic hard drive and a cloud storage service like Amazon Glacier or Google Nearline.

Last but not least, having one off-site backup will keep you safe in the event your house burns down or gets flooded by an hurricane.

Following the 3-2-1 rule will get you nowhere unless you also implement a good backup strategy. While the backup rule described before easily applies to computers, mobile devices and stuff stored in cloud services is entirely another matter.

There is a widespread misconception that data in the cloud is “safe” and that we don’t need to care for it or back it up explicitly, since the provider will usually have a backup system already in place. While that’s true, it’s designed to protect the provider from catastrophes on its own premises (e.g.: loosing a server, lightning strikes, etc). It won’t protect you from accidentally deleting stuff, loosing access keys or being denied access to the service. Having a safety net in this case especially important with companies like Google that have non-existing customer support.

One way you can balance that is to siphon all cloud data back to your computer so that it gets automatically propagated to all your other backup media. I do that with Gmail, Trello, RunKeeper, etc. I also pull my Mom’s emails and pictures to my computer so that they get backup up daily.

Diagram

The other important thing is that all data is encrypted at rest. All destinations only receive opaque blobs of data that can’t be opened without a decryption key. This makes restores a bit more cumbersome, since they involve a specialized tool that may not be readily available, but it greatly simplifies off-site backups since I can just sync the encrypted data without having to worry about third parties peeking into my data.

Further Reading