Having backups is important. In the last post, it was lightly touched upon that having them is a good way to prepare for a ransomware attack. It helps in the recovery process by having the data available.
Preparing against malware isn’t the only reason why you should back things up. Hard drives will fail, natural disasters cause great damage, and people will accidentally delete a file or forget to save something before logging out or shutting down a device. This all leads to the loss of data and stress.
Planning your backups:
Figure out how much space your files take up.
Figure out how often you are going to back up. You should at least have a full backup once a week plus backups that save changes to any files since the full backup. These are called incremental and differential backups.
Find backup media that will give you room to grow as you add more data.
Plan a rotation schedule for your backup media. Have something available to you at your home and something offsite, where if your house were to burn to the ground, you have something current you can access. You can even backup to the cloud if you want. Some of the rotation schemes can be found here, granted these may be overkill for personal use.
Always encrypt your backups. A couple of common algorithms in use are AES and RSA.
Plan for natural disasters. If you know, as an example, that you live in an area that’s prone to flooding, you’ll want your backup storage and computing devices to reside on higher ground and not your basement. You might even want to store your media in water proof containers.
Once you’ve got backups running, at least once a week test to see if you can restore a handful of different file types (docx, pdf, txt, jpg, png, js, py, and so on).
Other things to consider:
Image based backups. If your device bites the dust, or you become infected with malware, image based backups will help save time instead of having to rebuild the operating system from scratch.
With regards to cloud based backup solutions keep in mind you are entrusting your data to a third party.
Make sure that they have encryption at rest and in transit. Find out who owns the encryption keys. The answer to who owns the keys you want to hear from them is “You.”
Have a backup plan if the host goes out of business, their hardware is seized by law enforcement, they experience a denial of service attack (DoS), get hit with ransomware, have rogue admins, or their data centers are damaged from a natural disaster.
What happens if you’re late with a payment?