[ Question ]

How does your data backup solution setup work?

by ChristianKl1 min read6th Sep 202113 comments

12

Software ToolsPractical
Personal Blog

I'm currently not happy with how I'm backing up my data. I feel like doing proper databackup is a bit like flossing every day. It's clearly the "right thing to do" but thinking of it feels like a shore that I don't want to deal with. Does anybody have a personal databackup strategy that they are happy with and would recommend?

Criteria I'm thinking about are:

  1. Data privacy: Data is encrypted in a trustworthy manner so that think parties can't access it. Hopefully, changes in law can't break that trust because it's backed up by software.
  2. Reasonable price for maybe 1 Terrabyte of data.
  3. If my house floods and everything gets destroyed my data is healthy.
  4. If a ransom ware program encrypts all my data I can still access it.
  5. The neurons that are required to remember a specific password die
New Answer
Ask Related Question
New Comment

6 Answers

The key is to set things up once so as to hardly need to think about them again.

My iMac automatically backs up to a Time Capsule every hour. I hardly notice this happening (but I do know that it is happening).

Every ten days it reminds me to backup to an external HD that I keep hidden the rest of the time. When it does that I go get the HD, plug it in, and start the backup.

Finally, I have a contract with an online backup provider. This backup also happens automatically. I forget how often, but I get regular reports that it does.

All of these backups are encrypted. All of my computing devices need a password (or thumbprint, or face id) to log in.

I have only once needed to restore a whole machine from backup (which worked). I have more often had reason to go delving into the Time Machine backups to retrieve old versions of current files.

I have various other computing devices with their own backup provisions. In some cases that is none, by choice, because they are not places where "work" happens, i.e. places where I create things that I don't want to risk losing. My PC, for example, only exists to be able to run VR applications. Pretty much everything on my iPhone exists in the iCloud and therefore on my iMac also.

To address your criteria:

  1. All backups are encrypted.

  2. The only thing that requires an ongoing subscription is the online backup provider, for which I pay $60/year. My backup with them is currently just under 2TB.

  3. I've never had a flood come into the house, but all my computer stuff is upstairs anyway. If my house burned down and all that is in it, I'd be reliant on the online provider to get stuff back.

  4. As the Time Capsule is always on and always connected, I guess ransomware would get at that too, but the external drive and the online backups would presumably escape.

  5. I don't have a solution to this. There are two passwords that I must not ever forget. One is the password to my iMac, and the other is the password to an encrypted file on the iMac (and backed up to a USB stick) containing all my other passwords. I use both of these daily, which keeps them in my memory, but I know that any password I don't use for a few months is likely to drop out. Writing them down is vulnerable to forgetting where I wrote them, and to the house burning down, and to theft.

The solution to forgetting passwords is to have multiple alternative passphrases that unlock the same critical thing.

2Viliam11dMaybe these is a more convenient way to implement this, but a primitive solution is to use a password manager, create multiple files containing the same master password, each of those files encrypted by one of the alternative passwords.
1GWS10dSafety deposit boxes are one solution to this problem: write the password down on a piece of paper and pass the job of identity verification off to the bank. This solution can also serve as an alternative to backing things up online: keep one external drive in the bank and one at home, swapping them with enough regularity that you avoid total losses. This approach does have some downsides: -Relies on your bank’s identity verification methods. -Not accessible remotely (this is the primary reason it is safe). -Requires you to physically go to a bank to make use of it (can be a large enough trivial inconvenience to prevent regularly swapping the external drives) It also has pros: -Can set up access for next of kin without giving them current access. -Immune to the sorts of attacks that scale. -Gives you physical access to something that won’t burn down in a house fire.

I wrote down my master password in multiple public places. No one can connect them to me but I can retrieve them when I want.  (If I was targeted by a sophisticated enough adversary they could've been tailing me when I went to write/hide them.)

1sudoLife8dIs is passwordy-looking enough that somebody might want to search it through published leaks? In either case, you should check it on haveibeenpwned.com, though I suspect you do that already.

Two distinct pieces of advice:
1) Buy a NAS (I use Synology, my understanding is that they're all somewhat comparable).  Backup from your local devices to that is pretty trivial, and different for different OSs.  I put "important" stuff on a shared folder that gets backed up to cloud (Syno supports many different destinations) weekly, and I back up everything to an external HDD every few weeks.  

Hyperbackup (Synology's backup app) does client-side encryption using certificates or long-ish passphrases, so not accessible to the cloud host or anyone who steals my backup drive.  Option to encrypt the NAS volumes so they require passphrase or cert on reboot, but I haven't bothered.  It also does versioned file-level backups by default, so I can go back to older versions even if a corrupted/destroyed file has been backed up more recently.  

I think that covers 1-4 of your criteria.

2) For #5, use a password manager.  I use PasswordSafe, but there are a number of more modern ones that are probably more complete and just as crypotgraphically secure.  20-character truly random strings, different for each site/use/destination, with you only memorizing a single long passphrase.  I actually have two safes - one that has my commonly-used PWs that I cloud-sync to all my devices, and one that I only sync at home and never gets to a 3p storage mechanism (except as part of an encrypted backup).  So I guess that's two passphrases to memorize.  I do also have a bank safe-deposit box for some documents, and keep a sealed envelope containing these and a few other passphrases written on it there, so my wife or heirs can get access if I'm incapacitated.

I'm currently using Duplicacy to automatically back up to the 1TB of OneDrive storage that comes along with my Microsoft 365 subscription, to my Google Drive, and to my NAS.

  1. The data is encrypted...but of course I'm depending upon the backup software developer to have done this correctly.  I would be happier if the backup software I was using was audited by security professionals.
  2. Duplicacy can back up to many cloud providers, so you have to pick the one that works best for you.  I'd have the Microsoft 365 subscription regardless.  
  3. Yep.
  4. Duplicacy can roll back to many earlier states...it's up to you to tell it how often to keep snapshots.
  5. This is going to be a problem no matter what.  As I mentioned in another comment I've written down my password in many places so hopefully if I've forgotten my password I can at least remember one of those places.

I just backup to an external drive once per week, rotating between two drives stored in different parts of the house (one in a box within a bug-out bag). Once per couple of months I rotate one of the drives off site. I've tested and documented the restore procedures, test the integrity of the backups as part of the automated process, which also reports on the health statistics of the drives.

I can afford to lose up to a week's worth of updates at any given time, and expect to at some point. For especially valuable things I sometimes do a midweek backup. The worst-case scenario would be having my house completely destroyed without any chance to even grab the bug-out bag, during the same period as the off-site drive failing without notice. This combination is possible, but seems unlikely.

You can keep copies of passwords in the same locations as you keep cash, important documents, and other valuables. Don't have just one copy, don't keep them in the same place. You can obscure passwords in many different ways: just look at how many documents, receipts, cards, and similar have meaningless identifiers on them.

Total cost: About $600 over the past fifteen years for drives, some hours to refine the backup configuration, about 5 minutes per week of attention, and occasional updates when I rearrange my home network significantly.

wrote a bit about how i do it here: https://w.hutson.gy/projects/home-backups-using-restic

I'm in the process of building my own backup solution.

What I have now are three encrypted external hard drives where I put all the passwords, writing, tax documents, photos, videos, and anything that I want to hold onto. Every three months or so, I will use rsync to update the backups and md5sum to check their integrity. I also have three pen drives that contain my passwords, gpg and ssh keys, and the most important documents. These I backup whenever there's been a few changes to these files and I keep one on my desk, one in my backback, and one in my car.

This setup gives me some reasonable protection from hardware failure. The pen drives also give me a little bit of safety from keeping some data offsite.

All of this is driven using LUKS encryption, rsync, and md5sum because I don't want to worry about tools/formats becoming abandonware and I also want to avoid coding custom solutions as much as possible.

Going forward, I want to:

  1. Automate the manual bits, so I can run these backups at least once a month. More often for the pen drives. It would be great if I could just plug these into a hub and run a script that would copy all the right files to the right places and run some integrity checks.
  2. Look into an offsite solution. I looks like it's possible to get a VPS for <$60/year, which I could use as an offsite, encrypted hard drive essentially. I could then use this as a "hot" backup, updating it even every few days, and use the physical backups and "cooler" backups, which I backup once a month.
2 comments, sorted by Highlighting new comments since Today at 11:53 AM

The computer security expert Thomas Ptacek recommends against online backups.

I think main threat from uploading your backups in his opinion is government-level actors.

Apparently it is difficult to encrypt data such that the big governments cannot eventually break the encryption, and backup services are attractive targets for the big governments.

It's quite feasible to encrypt things with strong passphrases and key stretching that would likely take post-singularity tech to break (just use SRS to memorize the passphrases). You mostly risk it becoming slightly more likely that you'll be ordered to decrypt. If your personal systems that see the passphrases or decrypted data are compromised, then local backups are there too, so also having them in the cloud is not much worse.