Data Disaster: How a blogger lost everything to thieves

Posted on by Mike Evans

A sad tale from my friend and fellow blogger Tony Cole of  Tony and his wife live in the Philippines but have a family base in Australia. Returning from Brisbane to the Philippines earlier this week he managed to lose his beloved but elderly Sony Reader when he left it in the seat pocket of the first flight. Bad news; but he perked up when he found a new Sony in the airport shop.

Then came disaster. Returning home, they discovered that a very neat and tidy thief had stolen all their computers, backup disks, DVDs and, even, the computer manuals. Nothing remained; and all the family data - everything that wasn't on his trust portable netbook - was gone forever. The wailing and gnashing of teeth was palpable even here in London. 

My first reaction was to suggest he dug up the fireproof safe containing a full backup from the bottom of the garden. He did have an offsite backup, didn't he? Nope, not even a memory stick lodged with a neighbour.

I have Tony's permission to post this salutary story in case it helps someone else. However many backups you make, it's absolutely essential to have up-to-date off-site data. I'm particularly paranoid about this because I am now Mr. Minimalist with every bit of correspondence, data, records, books, music, photographs stored electronically. I cannot begin to imagine what I would feel like in Tony's shoes, so I am fastidious in my precautions.

When looking at your backup strategy you have to consider a number of eventualities. The simplest and most common of these is disk failure. If the storage device in your computer packs up you must have a recent full backup on an external disk. Time Machine is now universal among Mac users, so most people have that to fall back on. But it isn't really sufficient. In addition to Time Machine you need a separate, bootable full backup on an external disk. I use SuperDuper! to synchronise my internal disk every night. Carbon Copy Cloner does a similar job. This portable drive goes with me when I travel (in a separate bag to the computer, of course) so I can keep at least one backup wherever I am. 

I also back up to Drobo disk array which currently contains two 1TB and one 2TB drives. Any one of these drives is redundant. If it fails, the Drobo will simply rearrange the data and ensure that every byte is mirrored.

All this takes care of disk failure. Short of a complete loss all my computers and backup disks, I would be able to recover from any disk disaster. But if the worst happens - as it did to Tony because of theft, but fire is another similar hazard - you need an offsite copy of your data.

I cover this in two ways. I use Dropbox for all my current data. Dropbox keeps a complete copy of your data on all your Macs, plus downloadable links on your iOS devices, and synchronises all your devices any time you change data on any of them. I keep all my databases, spreadsheets and all critical material in the Dropbox folder. You get 2GB of storage with the free account but you can pay for 50GB or 100GB (which is my choice). Thus, if the worst happens, you can recover all your current stuff from the Dropbox cloud. 

This leaves archived material which I store on the Drobo. I back this up to an external drive which I store offsite and update monthly. A friend or neighbour will usually be happy to keep a drive, particularly now they are so small. 

Incidentally, with all these external drives scattered around the place you need to guard against illegal access to your data. The more you store electronically, the more vulnerable you are to identify theft and other fraud if your data gets into the wrong hands. So all my backups are stored in encrypted sparsebundles with strong password protection. I use Knox from Agile Web Solutions (the 1Password people) but there are many other ways of creating and managing sparsebundles.

For the paranoid, many people use whole-disk encryption (WDE) on their laptops and other computers. I've tried the excellent PGP WDE and it works well and completely prevents access to your data on your laptop provided you have a strong enough password. Currently I am not running PGP on my MacBook Air because it doesn't yet support Apple's hibernation mode which is one of the ways the Air can maintain such a long standby batter life. 

This is just my security strategy, but I find it effective. Everyone will have their own ideas on this, but the important thing is to provide full protection against any eventuality. Here are the threats and my suggested solutions:

  1. Corrupted data files: Time Machine, go back to the last uncorrupted version

  2. Disk failure: At least one external backup, synced daily, preferably bootable

  3. Archive data loss: Drobo disk array to mirror data and provide disk redundancy

  4. Fire and theft: Offsite backup, either to the cloud or by leaving a disk with a friend.

  5. Data theft: Encrypted backups, whole-disk encryption on laptops

Your iOS devices remain something of an achilles heel, particularly if you have permanently signed-in connections to Dropbox, Evernote, Good Reader and similar cloud solutions. Even your address book can give away a lot of personal information. So it goes without saying that you should password-protect your iPhone, even though a determined hacker would soon crack a four-digit code.

It's therefore a good idea to make sure Find my Phone....

∞ Permalink