Backups: Head in the Sand
For two decades, I’ve head my head in the sand when it comes to the topic of backups. My strategy has been:
- Put lots of essential, irreplaceable work-related design files on PC
- Every 2-3 years, copy some files to an external hard disk, if I feel like it
- Put the external disk away in a closet, then forget where it is
Somehow I’ve escaped any major disasters due to accidental file deletion, disk failures, theft, or fire. It took some recent news stories about the CryptoWall 4.0 ransomware to finally motivate me to action. If you’re not familiar with CryptoWall, this thing is nasty. It encrypts everything on your PC, including external drives and mapped networked drives, such as those you might use to store backups. The only recourse is to restore from offsite backups that CryptoWall didn’t hit, or pay the ransom to unlock your data. While the current version of CryptoWall only affects Windows systems, the same techniques could appear on Macs and Linux desktop or server systems.
Like most of you, my household contains piles of computing devices of various types. There’s a Windows PC, two Mac laptops, a Mac Mini (used for media streaming), a Chromebook, and several assorted tablets and smartphones. Then there’s the BMOW web site to consider, as well as another web site I also administer. Below I describe the backup solution I chose for each device, the cost, and possible alternatives.
Chromebook, Media Streaming Computer, Tablets, Phones
Backup Solution: None
Cost: 0
Some devices store little or no data locally, and don’t really need to be backed up. I might lose some photos if the hardware were destroyed, but that’s about all. I’m comfortable with none of this being backed up.
Mac Laptops
Backup Solution: Time Machine
Cost: 0*
I elected to use Apple’s built-in backup software, Time Machine. It’s blissfully simple to set up and use, and it runs automatically once it’s configured. It maintains as many older versions of your files as it can fit on your backup disk, removing older versions once the backup disk becomes full.
My cost for the Time Machine setup was zero, because I already had the necessary hardware on hand. My router has a USB port where a disk can be attached, turning it into a network-accessable drive. And I just happened to have a moderate-sized USB disk sitting unused, which fit the requirements perfectly. Otherwise I might have paid $50 to $200 for a suitable disk and something to attach it to.
The main drawback of this Time Machine setup is that it relies on networked attached storage, located at the same premises as the computers themselves. While there’s currently no Mac version of CryptoWall or anything similar, someday there might be, and it’s likely it would hit the Time Machine backups too on the networked disk. And if my house burns down, the backups will be lost along with the Macs. Both of those worries could be addressed by backing up the backups to cloud storage, but I’m not going there just yet for these machines.
Windows PC
Backup Solution: External Disk and CrashPlan Cloud Backup
Cost: $61 + $60/year
The Windows PC contains the data I’d be most upset to lose. That includes all of my electronics and software projects, including the design files and firmware for Floppy Emu and the BMOW 1 Computer. That PC also holds thousands of personal photos and videos going back 15 years, and plenty of other irreplaceable data.
To safeguard this data, I’ve chosen a hybrid setup that includes both a local disk and cloud backup. The hardware’s been purchased, but nothing is yet configured – that’s on my to-do list for this week. The local disk is there because it’s fast and cheap: $61 for a 1.5 terabyte USB 3.0 drive. If I ever need to do a complete restore, it should only take hours, compared to the days or weeks it might require to restore hundreds of gigabytes of data from a cloud service. CrashPlan‘s cloud backup is there as a second line of defense, in case something like CryptoWall also hits the backup drive, or theft or fire destroy everything local. Maybe I’m overly paranoid, but I’m more comfortable with that extra level of protection on the Windows PC.
CrashPlan costs $60/year for one computer, with unlimited backup space. I specifically chose it over other options because it’s one of the few cloud backup services that will also do local backups through the same interface that’s used to manage cloud backups. Configuring two separate backup systems for local and cloud backups would be a pain.
To be honest, I don’t love this solution. All of the cloud backup services have a sort of seedy used car salesman feel about them. If you believe the reviews, customer service is often horrible, and you’re constantly confronted by upsell efforts to a more expensive service tier.
Since I’m not about to physically rotate backup disks to a bank vault somewhere, the main alternative is other cloud storage services that aren’t specifically marketed as backup solutions. For small backups, something like Dropbox or Google Drive might be enough. For more typically sized backups, especially for ones storing many past file versions instead of only a single snapshot, something like Amazon S3 storage makes more sense. But what tools would I use to transfer the backups to S3 in a completely automated way, and how much would it cost?
S3’s “infrequent access” storage is just 1.25 cents per gigabyte per month, (plus 1 cent per gigabyte when retrieving data, something that should rarely or never happen for backups). That makes it cheaper than CrashPlan for up to 400 GB of backup storage, and more expensive beyond 400 GB. My Windows PC backups, including all past versions of files, will probably be a few hundred GB, so from a price standpoint it’s a toss-up. But considering the ease of using CrashPlan’s service vs backing up to S3, CrashPlan is the clear winner. If I had multiple PCs needing backup to the cloud, or other special requirements, then S3 backup storage might make more sense.
BMOW and Other Web Sites
Backup Solution: UpdraftPlus Backup/Restore and Dreamhost DreamObjects
Cost: $70 + $4/year
I expected backing up my web sites to be easy: shouldn’t the hosting provider already take care of this? As it turns out, mine does, but not in a way that’s really acceptable. There are three automated backup snapshots, with imprecise times of 1-2 hours, 1-2 days, and 1-2 weeks. The site’s files and database are also backed up independently, with no guarantee that the separate file and data backups will be from the same moment in time. While this backup system might be enough to recover from a disaster, it could easily be insufficient, especially if a restore is needed that’s older than two weeks.
I was a little surprised to learn that there aren’t any simple backup solutions for web servers, similar to the options available for workstation PCs and Macs. The closest thing is a backup plugin for WordPress, one of the most popular web publishing packages, and the one I use for my sites. I chose the feature-rich UpdraftPlus Backup/Restore, which is the most popular of the WordPress backup plugins. It seems to work well enough, but something about a backup solution that’s implemented as a WordPress plugin just feels wrong:
- Not every server hosts a web site
- Not every web site runs WordPress
- A WordPress backup plugin makes special assumptions about the files and data it’s backing up
- Most WordPress backup plugins only backup the WP files and data, and ignore other files/data
It was that last bullet point that bit me. On both of the web sites that I maintain, there are large numbers of important files located outside the WordPress directory, in the site’s main root directory. One of the sites also has a second database that’s completely independent of the WordPress database. The free versions of the more popular WordPress backup plugins can’t handle these, which would leave me with an incomplete backup. I ended up paying $70 for the premium version of UpdraftPlus, solely for its ability to also backup non-WordPress files and databases. While I don’t mind paying money for good software, this didn’t seem like the cost matched the complexity of the feature I needed, and only confirmed my feeling that a WordPress plugin isn’t a great framework for a backup tool.
Just as with backing up a desktop machine, the server backup files need to be stored somewhere else. While in theory I could store the backups on the server itself, that wouldn’t protect against a disaster that nuked the whole server, and it’s also a violation of my web host’s “unlimited” hosting policy. I chose to store the web site backups to DreamObjects, a cloud storage service that directly competes with Amazon’s S3 and uses the same API. I chose DreamObjects because it’s provided by the same company that does my hosting, so there was nothing extra to sign up for. UpdraftPlus has built-in support for storing backups with DreamObjects, and the integration was easy. As it turned out, DreamObjects will be slightly more expensive than S3 for my level of data storage. But since the total cost will be about $4/year, I’m not going to lose sleep over a few pennies.
The main alternative to a WordPress plugin backup system is a shell script, executed regularly as a cron job on the server. I probably should have investigated that further, but I invented my own cloud of FUD to convince myself it wasn’t worth it. It might not be too difficult to run tar and mysqldump, and transfer the resulting backups to DreamObjects, but building a more robust backup system would take time. A good system would also need to prune old backups, handle errors gracefully, chunk large uploads, generate reports, and address encryption needs. Maybe I’ve overestimated the level of work it would require, but it sounds like just the sort of dull but important stuff that I would neglect.
Your Backup Story
What’s been your experience with backup systems? Has your head been in the sand, like mine? Instead of finishing with a backup horror story, I’ll leave this success story from Slashdot here instead:
I support a medium business. Cryptowall 2.0 found its way onto a key system and spread through mapped drives to the fileserver. The panic was epic. Boss near tears.
I nuked the compromised systems and restored from backups. No big deal. The unenlightened around me had pretty much given up hope and I was hailed as a hero the next day.
Got a fat bonus and some OT.
10/10 would restore from backups again.
11 Comments so far
Leave a reply. For customer support issues, please use the Customer Support link instead of writing comments.
For server backups solutions like dirvish or rsnapshot are a good start. They also ddo there job on desktop machines.
I’ve been a happy CrashPlan user for years now, and I’ve never had them try to upsell or pull any tricks – they seem pretty content with a steady yearly income. They have a great $0 option too as you can use CrashPlan to back up to friends and family. In my case I have an old workstation in my office that has a few hundred gigs it isn’t using, providing offsite backup for my photo library and a few other essential things.
Amazon has free S3 command line tools, for what it’s worth. You could just have a cron job do an ‘aws s3 sync’ every so often or something.
I’ve got a three-tier backup solution– Each family Mac uses Portable Home Directories derived from an Xserve located in my folks’ basement. Every Sunday night, the Xserve backs up these home directories to a sparse disk located on a nearby NAS, and the NAS in turn is running the CrashPlan client which uploads to their servers as necessary. Haven’t had any significant data loss in over a decade using this plan. No solution for my Windows PC yet (I’m the only one in the family who uses Windows) but there should be a solution for integrating Windows with Open Directory. I haven’t had time to investigate that yet though.
I’m using a setup inspired by https://www.jwz.org/doc/backups.html . I have rsnapshot writing to an external hard drive over USB. I keep another identical drive in a drawer at work, and I swap the two periodically. Something cloudy like CrashPlan or Backupsy is on the TODO list 🙂
Crashplan has been good for me; once I got it set up, it pretty much runs on its own. The downside is that seeding the initial backup to the cloud takes weeks of uploading.
I had a hard disk crater unexpectedly this summer, and getting back to good was pretty simple; re-install the client and start pulling the data back down. Luckily, it was only a subset of my whole backup so it was fairly quick.
I use SyncToy to copy my laptop data onto the desktop, so it gets backed up as well.
I’m another happy Crashplan user. My local backup saved hundreds of GB of photos and media from my own stupidity and the versioned backups have been handy to identify some issues in a database file. Their backups sets are a great feature to prioritize different sets of data so you know your important files are getting regular backups while hundreds of GB of media slowly upload over your slow DSL.
My server backup is a bit of a mess right now, which I’m working on fixing.
I can’t recommend BackBlaze enough. Unlimited backup for $5/month, plus they open source their storage infrastructure (https://www.backblaze.com/blog/cloud-storage-hardware/) and release quarterly hard disk health reports (https://www.backblaze.com/blog/hard-drive-reliability-q3-2015/)
I realize this makes little to no sense, but I keep my ‘backups’ on
1] 16GB flash drive that is never plugged in
2] an old IDE hard drive out of my Powerbook
3] On my Powerbook itself
This only really works because nearly all of my hardware is older than I am, and running obsolete operating systems that nobody writes viruses for anymore anyway. If anyone were to attack with a virus, it probably wouldn’t work on my machines, and if it did, then I have nothing terribly important stored on them anyway.
Well I had Cryptowall/Cryptolocker or whatever variants there are now, hit a Windows WAMP system. I was running an older version of WAMP/Apache, and the bastards exploited it and installed Cryptolocker. That was fun.
But as far as backups, I have a Data/Archive drive in my PC that is TC Ciphered. I only mount it when I need it. I also use freefilesync to mirror this drive to an external, as well as mirror my main OS/Programs drive to the external. The external then gets tucked away until the next monthly backup requirement is delt with.
So. Sorta… in the sand.
Oh and as far as “web/cloud” backup solutions, thats great and all, But I dont want my entire life of computing history on my archive disks sitting in the cloud for every tom dick and harry to see, So a huge no for me.
At the most, I do have a 2nd external HDD that I leave at work until its time to backup the backup here at home.