You Need a Computer Backup Strategy; Here’s Mine

The cloud was supposed to make it so that you wouldn’t have to keep copies of your stuff, but that’s not a fulfilled promise. The day your computer stops working, is stolen, or just needs to go away for awhile, you’ll appreciate having a good, local, fast backup in your hands. The day you’ve really messed something up and need it like it was yesterday, you’ll be grateful you have periodic snapshots of all you do.

You need to back up your computer.

Types of Backup Solutions

We definitely aren’t hurting for choice in the world of personal computer backup; there are lots of options. They generally fall into three categories:

  1. Local backups involve connecting a hard disk drive to your computer and allowing it to periodically back up the contents of your computer. These are the fastest and most reliable, but they can also be the least convenient.
  2. Network backups are done over your local network, backing up whenever you’re on the same network as your backup disks. These are quite a bit slower than local backups and can suffer from reliability issues as you drop off networks periodically — but they’re pretty convenient.
  3. Cloud backups are done to a data center somewhere out there. No internet connection is as fast as a disk you’ve plugged in, but they’re super convenient, and they have “offsite” built right in.

For local and (probably) network backups, you likely already have the software included with your computer’s operating system. You just need to make an investment in hardware.

Cloud backups will require you to make an ongoing cost investment, either with a dedicated backup service or some sort of build-your-own arrangement. I recommend the former, but shop around — not every service is going to effectively address your specific backup needs.

What’s Your Data Loss Threat Model?

When you’re evaluating your information security needs, you need to consider your threat model — a list of the things that could go wrong, how serious they are, and how likely they are. A good backup strategy can also be a valuable part of your security hygiene position, potentially defending not just against data loss but also against attacks.

Here are some of the threats you should consider:

  • Device loss, including theft, disasters, or just plain misplacing (temporarily or permanently) your computer.
  • Backup loss, where you lose access to your backup; maybe the drive is stolen, destroyed, or fails.
  • Overwritten data, where everything’s working properly, but the data you need was what you had yesterday. Today’s is useless for your purposes.
  • Repair, which can easily reduce your day-to-day effectiveness or take you out of commission entirely until your computer comes back.
  • Data loss, where storage technology (which is definitely not 100% perfect) fails to store your data correctly. There’s a level of this you may not have considered — your backup may fail as well.
  • Functional loss, where your computer simply stops working.
  • Data theft, where a threat actor takes copies of your data for themselves. They could attack your computer — or even your backup itself.

All of these are on my personal radar, though some are more likely to affect me than others. Understanding the threats I face helped me put together my own personal backup plan.

How I Keep My Data Safe

I have two hard disk drives that I use as encrypted Time Machine destinations for my MacBook. They’re both Toshiba Canvio 4 TB; experience has shown me these are reliable in a way I can’t expect from other brands.

Hanging off the dock on my work desk is a USB 3.0 Micro-B plug. Around lunchtime, I eject and disconnect the drive that’s currently connected and swap it for one in my bag.

Time Machine will back up to whatever disk is available. Each disk contains a complete copy of what’s on my computer, plus a number of incremental backups that allow me to backtrack to what my computer looked like at points in the past (in case I need to recover something that’s been overwritten since).

This strategy addresses several threats:

  1. Device loss is covered if I lose my MacBook, as well as functional loss in the event my MacBook breaks. I’ll still have two copies of all my data, or at least one at work (my offsite copy, protecting against backup loss) in the event I take my MacBook and one of my drives home and they’re destroyed in a disaster or lost in a theft.
  2. Overwritten data is covered by the incremental backup strategy that Time Machine takes.
  3. Repair becomes much easier to deal with since Time Machine will not only restore my entire computer from either of my backup drives to my repaired machine, but also can potentially work with a loaner computer as well. (I always erase my machines before sending them in for repair to protect against data theft while they’re being fixed.)
  4. Data theft is also protected against by encrypting both the backup drives and my computer’s internal storage. An adversary would find it difficult to retrieve data from either my computer or my backups, so I feel safe leaving one backup offsite overnight.

There was one threat — one I honestly hadn’t considered — that this plan protected me from as well. I’d used the same Toshiba Canvio 2 TB drives for many years, past their warrantied life. It turned out one was very silently failing, and a small number of the files on it were unreadable. I was able to use the other drive in this case, protecting against backup loss when I needed to restore.

I’m also considering adding a cloud component to my backup strategy, perhaps just for my most critical files. I’d want a service that encrypts in a way that doesn’t let them read my files, with end-to-end encryption. But the urgency there is low. I already have offsite backups, so the need to add a slow cloud component that asks me to pay isn’t terribly attractive.

Trust, but Verify

There’s a ha-ha-only-serious joke in IT which points out that you don’t actually have a backup until you’ve tried to restore from it.

In practice, this is hard to validate. Do you wipe your computer just to try it? What if it fails then? Now you’ve just destroyed your data before any of the other threats you imagined could come to pass.

That said, I do recommend trying to find a non-destructive way to check your backups by restoring them to another computer or something similar. And once you have built some trust there, find a way to validate that your files continue to be backed up intact.

(Regrettably, Time Machine isn’t the greatest at this, and I’ve occasionally run file content compares to check the backups I’ve got against the contents of my computer. I’m somewhat passively looking for a better way to do this.)

The confidence you get from a backup solution you can rely on is worth the time you’ll put into it, especially if you can set it and (mostly) forget it. Bottom line: everyone should have a backup solution. I hope you find one that works for you.