As someone who has dedicated my career to data protection, few things pain me more than meeting people who have lost precious photos, documents, and other personal files that have meaningful sentimental value. While enterprise-scale backups capture the public attention, individuals continue to suffer catastrophic data loss, when a few basic precautions could have entirely prevented disaster.
Useful Methods for Backing Up Your Data
It has happened to me countless times. Someone who dropped their phone in water, had their laptop stolen, or just had a hard drive or flash drive die ends up losing their super-important term paper, all of their family’s photos or (God forbid) all their records for their personal business. It hurts me deeply when this happens, so I don’t want that to happen to you.
The key here is to take the same backup concepts that we use for businesses small and large and adapt them to backing up personal data, while minimizing cost and maximizing data protection. Today, I’ll outline my 10 commandments of bulletproof personal backup designed to withstand anything that might harm your data, including losing your device, ransomware attacks, dropping it in water, or the usual things we worry about in companies: floods, fires, hardware meltdowns, or even simple human error. Follow them, and you can rest easy knowing your data will stay safe.
The First Commandment: You Shall Have Multiple Copies of Your Data
The foundation of resilience lies in redundancy across different media. This is where we get the all-important concept of the 3-2-1 rule: three copies of your data, on at least two different types of media, one of which should be stored offsite. That’s one copy on the device you’re protecting, one copy on one type of storage media, and another copy on another type of storage media – which is stored somewhere other than where the first copy is stored. (More on that later.)
External hard drives offer abundant, affordable capacity ideal for local backups, but placing your faith solely in a single mechanical device will prove unwise. Portable hard drives do offer a quick easy way to get a backup using whatever native tools the OS offers (e.g. Windows Backup, Time Machine.) But you also need to upload encrypted backups offsite to guard against theft, accidents and natural disasters. I personally use a cloud backup service that backs up my laptop and my iPhone directly to an encrypted copy in the cloud.
The Second Commandment: You Shall Regularly Test Backup Integrity
Backups only provide protection if the process completes successfully without data corruption. Backups often sit there for months or even years before you need them; therefore, I regularly spot check files restored from backup against the original, to enable diagnosis and remediation of issues.
The issues that do arise are usually process-related. I forgot to add a new device to my backup plan, or I forgot to switch the backups from my old phone to my new phone. Testing is really when you want to figure these things out; you don’t want to figure it out when you actually need to restore something.
The Third Commandment: You Shall Store One Copy Offsite
As I mentioned in the 3-2-1 rule above, onsite redundancy cannot aid data recovery if the place where you store your device(s) suffers damage. I advise users to keep at least one recent copy in a safer secondary location, transferring new and modified files as often as possible. Options include storing devices with friends and family, safety deposit boxes, or using business-grade cloud backup services with strong encryption. My preference would definitely be the latter, as it will run all day every day, and doesn’t require me to manually do anything to make it happen. Swapping drives with friends sounds easy enough, but next you know it’s been weeks since you remembered to do it. Murphy’s Law of backups will apply: the backup you forgot to swap will be the one you need the most.
This offsite copy is also going to come in very handy if you suffer a ransomware attack. If it’s truly separate, and doesn’t use the same username and password you use everywhere else, then it’s highly unlikely a bad actor would be able to find that data and delete it. Speaking of which, please don’t use the same password everywhere; that’s what password managers are for.
The Fourth Commandment: You Shall Automate Where Possible
Continuing on the idea mentioned in the previous paragraph, humans readily forget repetitive tasks like manual backup in the rush of daily life. Consequently, errors arise jeopardizing their data. This is why I prefer using commercial backup services, because they offer automatic scheduling, typically running overnight batches capturing new and changed files. Some even offer hourly backups throughout the day. For really critical project data, like business files on an otherwise personal system, you can even configure real-time mirroring to secondary devices.
The Fifth Commandment: You Shall Encrypt Sensitive Information
While access controls provide a degree of security on devices like external hard drives, theft remains a risk without strong encryption safeguarding the actual data. I think about the time that three laptops of mine were stolen in the back of a rental car while having dinner in Houston. There was some really important sensitive data there. That’s why I rely on AES-256 or stronger encryption implemented in backup tools to render sensitive financial documents and personal databases indecipherable without the password.
The Sixth Commandment: You Shall Use Version Tracking
When many people think of backup, they think of having a copy of the work on their hard drive, and that is true; however, just one copy is a very bad thing. If you only maintain a mirror that is a few minutes or hours behind the thing you are backing up, it is possible to make your mistake even worse. If you accidentally delete a major part of your system but don’t notice, you will replicate that mistake onto the backup; this is why you need versions in your backup. Each backup looks like an entire copy of your hard drive from a particular point in time. There are technologies (e.g. incremental backups) that allow it not to take the same amount of space as your original, but it looks like a complete copy of the original. However, right next to it is the previous version of the same backup that looks like a complete copy of your original from an earlier point in time – and so on and so on.
How many versions you keep is really up to how far back you want to be able to fix a mistake. If you have backups from 30 days ago, you can restore a file that you accidentally deleted up to 30 days ago. At minimum I would recommend seven days, but consider at least 30 days. Commercial cloud backup services make this very easy and allow you to keep backups for months. The more versions you store, the longer back you will be able to restore.
The Seventh Commandment: You Shall Log Backup Job Activity
Backup systems operate largely out of sight once configured, until problems arise. However, comprehensive logging provides transparency into success, failure or warning status that may indicate risks invisible without scrutiny. I log backup job runtime, capacity, throughput, errors and content summaries, reviewing logs regularly. This is another reason to use a commercial backup service. It can easily notify you on your desktop if something is going wrong with your backups.
The Eighth Commandment: You Shall Back Up All The Things
Does it have data that matters to you? Then back it up. Yes, that includes your laptop, your smart phone, and even your tablet if it is creating and storing data you care about. Speaking of phones and tablets, iCloud and Google Photos are not backups; they are synchronized copies of what’s on your phone without any version control – so they do not count as backups. And if you enable optimized storage on your phone, iCloud isn’t even a synched copy of what’s on your phone – it’s the only copy of your data period. The more devices you have, the easier it is to justify using a cloud backup service to back them up. But seriously, if a device has data that matters to you, back it up.
The Ninth Commandment: You Shall Use Redundant Technologies
Diversity prevents data loss when issues arise localized to one technology or vintage of devices. For example, you can have a home backup appliance that copies data to the cloud. The backup appliance protects against the failure of any particular hard drive, and the cloud provides both device failure tolerance, as well as using a completely different technology. This keeps you from having a single point of failure.
The Tenth Commandment: You Shall Have an Offline Archive
In addition to regular backups stored on online devices, consider a permanent offline archival. The best device for this today is M-disc. It is an optical DVD-type format that is specifically designed for storing data for decades. Consider making copies of truly irreplaceable data to sets of these discs, and filing them away for safekeeping. This may not be used by you, but may be used by your family once all those cloud accounts and portable hard drives have gone the way of the dodo.
An Eleventh Commandment: Seriously, just look at a cloud backup service
A cloud backup service is the easiest way to honor all of these commandments. It’ll back up all your devices, automatically, and keep many versions of your data offsite, encrypted, and protected from hackers. It’ll let you know if something is going wrong. And regularly testing your backups with restores is super easy. I personally use such a service to back up all my devices, and it costs me next to nothing to use. Please seriously consider such an option.
In my decades safeguarding institutional data, near-disasters proved narrow escapes from data Armageddon without the comprehensive resilience measures I outline here. Adopting even a subset of these backup best practices enormously reduces your risk compared to the average computer user. For your own cherished memories and critical records, there really is very little room for error. Back up accordingly.