Sunday, January 01, 2017

Software and Tools - Backups

One of the most important things you can do after you secure your device is to make regular backups and just as important is to test your backups.

Why backup?

  • Hard drives fail.  It doesn't matter how new the drive is or even if it is a SSD they will fail sooner or later;
  • You lose your device or it is stolen;
  • You drop your device and now it does not work;
  • When you patch or update your operating system it fails.  It doesn't matter the O/S you are using, I have had failed Linux updates and it required me to rebuild the machine;
  • You migrate to a new device and want all the files on the old machine moved to the new machine;
  • You finger slips and you accidentally delete an important file/directory; 
  • There is a disaster (ie. fire or flood);
  • Your device(s) infected with a virus or a trojan.  Again, it doesn't matter the O/S you are using, there are nasty programs out there that works in Windows, Linux and OS/X.
If one or more of the above happens you will need a backup so that your important documents are available to you when you rebuild the device or copy to a new device.  I have had people come to me with dead and dying devices asking if I can pull off their data and they have not made any backups.  Too often I cannot recover all of their files and important documents, images, videos are lost and they don't have any backups.

Things to think about

How often do you backup? 

  • That all depends on your personal preferences and how many documents you are adding to your device;
  • If you don't create very many then it may be safe to backup infrequently (monthly); 
  • If you create a lot of files (like scanning family photos), then frequent backups (daily) may be a good thing;
  • Once you set a schedule stick to it.  I put up a recurring reminder in Google calendar to remind me of when backups should be run.  Also you can set up a recurring task in Windows and Linux (cron) to run your backup scripts on a set schedule.

How many copies do you want to keep?  

  • Again this is a personal preference, but, multiple full backups is a good thing just in case one fails for some reason; 
  • An option here is a monthly full backup and then weekly backups of new/changed (differential backups) files;
  • Another reason as backups may fail and if you have only one copy then you have nothing to go back to.  I know this happens as decades ago when at work we were doing a DRP (Disaster Recovery Plan) exercise at work and one of the corporate backup tapes failed.  It wasn't a major problem as we did keep multiple backups and restored from an older image;

Off-site location for your backups?  

  • It doesn't matter if you have a good set of backups if you cannot get access to your site;
  • How secure is the off-site.  If you have sensitive information you don't want anyone getting access to the backup;
  • You should also figure out who should have access to your backups and let them know where it is and how they can get access to the backups if required;

Media for backups.  

  • Decades ago floppies were the media, then CDs followed by USB drives;
  • When you backup make sure that the tools, hardware and software is there to allow you to read the backups.  An example of this is some time ago I had to pull off backups from my father-in-law 3.5" floppy drives as he didn't have a floppy drive in his machine.  We were lucky in that I have an external 3.5" USB floppy drive for this and it was set up in Linux.  I also have an external CD drive and a blu-ray drive (call me paranoid) so I can pull files from backups in that format;
  • To the cloud.  Don't depend on that as your main backup as it may not be there when you need it.  I like Google drive for a secondary backup myself and the bonus is that the files I put there are available anywhere I have a web browser (and the firewall allows access).  With the various sites getting hacked I also don't keep files there that are sensitive and when I do put up a file of that nature I use encryption on the file/directory.  I also have a small script using GRIVE in Linux to pull a backup from GOOGLE drive to my machine.

Software and file format for backups.  

  • Over time operating systems do change and the software that did the original backup may not run on your new device and the new devices may not even be able to read your backups;
  • I tend to work with the lowest common denominator for backups that does work across platforms.  I prefer to use "ZIP" files as I know Windows and Linux both can work with that file format.  I assume OS/X will be able to read them too, but, I don't use that operating system so I am not 100% sure;
  • On my Linux machine I am partial to KBACKUP.  It is fairly easy to set up and use and it stores the files in a format that I can open in an Linux distro and Windows;
  • On my Windows box I use a simple XCOPY routine.  It isn't pretty, but, it works and the files are in a format that my Linux machines can read;
  • For my Android devices they get backed up to Google drive;
  • Several times a year I take one of my backups and plug it into a different machine to see if it is readable and I can pull one or more files off the backup.  Make sure what is backed up can be restored!  It is also a quick and easy test to see if your restore steps work and if there is anything else you should be doing when restoring from a backup;

When you restore.

  • If the restore is due to a virus or a trojan I strongly recommend that you don't ever use your backups until you have a clean and patched machine.  If the machine is still infected and the media you are using can be written to you don't want those backup files corrupted;
  • Make a checklist of what you need to do the restore and the steps performed when doing a restore.  This includes steps on how to verify that the restore worked;

My KBACKUP routine

Here are screen shots of my starting KBACKUP, running the backup and when it finishes.
Shortcut in my toolbox

Loading my backup profile

Directory & file list for backup

Backup running

Backup done with filename

No comments: