Author Archives: tmcguire47

Co-Founder of The Backup Plan. Backer Upper. All around geek.

Planning and Testing Your Backup Strategy – ComputorEdge Magazine

0
Posted by tmcguire47 on November 17, 2009 – 1:39 pm
Filed under External Articles
Tagged as , , ,

From the ComputorEdge Issue from 11/13/09, Backup Strategies—Don’t Wait for the Bomb!

I wrote another article:

Planning and Testing Your Backup Strategy

Dealing with backups is important, and having a good plan in place, maintaining that plan and periodically testing that plan will help ensure that your backup is solid.

This IS a Drill

Few computer users have to be convinced of the importance of backing up their data, even if vast numbers of people still admit that they don’t. But having a solid backup isn’t as simple as selecting your files and assuming they’ll be there if you need them. A big part of backing up that is not so obvious is testing your backup. To truly test it, you must have a good plan in place in advance.

When I was in second grade, I really looked forward to fire drills, for a number of reasons. I had a crush on a girl who sat on the far side of the room, and if I was very clever about getting in the line out the door, I ended up standing right next to her (smooth!). Another benefit was that if we students played our cards right, we could delay classes by almost a half hour. But while I was busy furthering my own selfish interests, I was missing the real importance of the drills. The fire drills gave the administration the chance to test the routes, gauge the capacity of the hallways, and measure the speed of the evacuation. For the students, the repetition prepared us to automatically know what to do in the event of a real emergency. The testing and the learning were both based on one thing: a plan. Backing up (and successfully restoring from a backup) has a similar requirement. You must have a good plan in place, and you must test the effectiveness of that plan.

Most people do have at least a general plan in place, although it may not be documented. And for most people, that may be enough. But, depending on the type of data you are backing up, it can get more complicated. Some programs save settings in a different location, others have log files, others create libraries to save data, and these files could be in a particular folder or even a different drive. Part of the importance and value of the plan lies in making sure you are familiar with your data, and then documenting it, so you do not have to piece together this info later, after a problem.

After documenting the settings and file locations of your important programs, and their recovery requirements, you can use this as a checklist when setting up your backup, to make sure you have everything important included. After you have configured your backup job, it is valuable to print out the list of files and folders that are backed up, the details of the backup, and include this as an appendix in your plan. When you have the plan nailed down, I’d suggest storing a hard copy someplace safe, and also e-mailing a copy to yourself at an online e-mail account, where you can save it separate from all your other data.

Once the plan is established, most people will happily forget about their backup, assuming it is running and taking care of all their very important information. But how do you know? The good answer is that you don’t, so now you go about testing your backup. The “drill” will cover several important aspects: It will test your backup method (reliability and integrity), it will test your familiarity with the data, and it will test the applications you use. Lastly, it will reinforce the need to keep the plan current.

Method

Pick a random file, any file. Try to restore in whatever software you use to backup. So many folks never do this until they are in a tough spot and are really trying to retrieve a file. That is already a pretty stressful situation, so being familiar with the process, and confident that it works, can really serve to diffuse some of that tension. In my experience, this is often when someone learns some very important limitations or even failings of their backup procedure. For example, one client learned that their inexpensive online backup solution requires 24 hours to generate a restore file and make it available via download. There is nothing wrong with that, if you can wait, but if you were up against a deadline and only discovered that while trying to restore, you can imagine it would be pretty disappointing.

So, knowing that this online provider follows this procedure is important, and there won’t be expectations of something else during crunch time. Another customer thought they were doing solid backups, but in fact, they were never swapping their tapes. So day one got a great backup of the files. And day two overwrote that file backup with the database. And day three zapped that and stored the e-mail. The client didn’t know it, but on any day she would only have been able to restore whatever had been backed up the previous evening. A test would expose this problem, and give you time to resolve it before you need to rely on those backups.

Familiarity

This time, think of a single, important file to restore. Now go to the backup software and try to specifically restore that file. This is good practice; you are learning the software and testing your familiarity with where your files are stored. Again, with many clients, this is when they sheepishly realize that they’ve never actually set the backup to grab a particular folder, instead assuming it was part of the backup job. Better now than later!

Applications

Now, try restoring a file that you may not use directly (a picture or document is pretty normal and would be stored where you might expect it to be, but Outlook uses database files, for example, or your music library might have some hidden files you don’t directly engage). Restore the files, and follow through by opening or using them. Too many backup applications put so much effort on making the backup side super easy, with one click to grab all of Outlook. But not all of them have a one-click restore.

Many will restore the files required, but it is up to you to configure, for example, an Outlook profile so you can even open the file that was restored. A real-life data-loss emergency is not when you want to learn that restoring your e-mail database also requires log files, or that your financial software requires a license file in order to open the restored company file, or that you are not sure where to put the restored files. Becoming more familiar with these scenarios in advance will save you a lot of stress, and possibly even some money (that you might spend on a consultant or recovery specialist), in the event of catastrophic data loss.

Maintenance

The last step is maintenance. Your backups need recurring attention. Contrary to what is sometimes advertised, “set it and forget it” is not a good idea when it comes to disaster recovery or computer security in general. Set a task in your calendar to remind you to do monthly backup drills. Included in the drill should be a task to update your plan. When you visit this plan each month, make a note of new folders or drives you’ve added, or new applications you’ve installed, and add them to the backup if that is appropriate.

Just like any skill, the more frequently you practice, the better you will be at it. Dealing with backups is very important the few times you’ll ever need to do it. Having a good plan in place, maintaining that plan and periodically testing that plan will help ensure that your backup is solid and that you have the skills to make good use of it if the need arises.

Tim McGuire founded The Backup Plan, Inc. in 2005 and writes on a variety of blogs as tmcguire47.

Proactive Protection by Encrypting Your Data – ComputorEdge Magazine

0
Posted by tmcguire47 on October 23, 2009 – 7:01 pm
Filed under External Articles
Tagged as ,

I had the pleasure of writing the lead article for the 10/23 issue of ComputorEdge magazine.  The theme this week is preventing data loss through such options as hard drive scrubbing before a computer is disposed.  My article discusses proactively protecting one’s data by encrypting it.  This helps cover your bases – encrypted data is only good to someone with the key to decrypt it:
———————————————————————————–
Proactive Protection by Encrypting Your Data
“A powerful option for securing your data.”
by Tim McGuire

The other articles in this issue of ComputorEdgefocus on protecting your privacy and important information by wiping the hard drive. But what if a team of highly trained and cleverly named sexy female assassins boards your commuter train one morning and steals your laptop? Or, in a possibly more likely scenario, tired from a long day of work, in a rush to get off the train at the right station, you leave your laptop behind. Whether accidental or malicious, a significant number of laptops are lost or stolen each year. A Ponemon Institute report places the number at more than 10,000 per week in U.S. airports alone. When your computer is gone, how can you possibly feel safe and secure, confident that your personal or company information won’t be misused? One answer is: encryption!

Yes, More Secrets

Evidence suggests that since the invention of writing, most cultures have also invented codes to mask the apparent meaning of some of that writing. Sneaky. Read a Dan Brown novel, and you’ll feel like it happens pretty frequently. In the computer world, this code-making is called encryption, which is basically taking information and using a key and an algorithm, translating it into what seems like garbage, and later the garbage is decrypted using the key and algorithm. The key is like a secret decoder ring, and the algorithm would be the instructions for using the ring.

Most computer users run into encryption every day. Bank Web sites, and most e-commerce sites, for example, will encrypt your transactions before they are transmitted across the open Internet. That way, without the bank’s key, if the information is intercepted, it is not very useful to anyone. Additionally, there are programs and options for encrypting e-mails (so that only someone with a shared key can read the e-mail that is sent), single files, folders, or entire drive volumes. Encrypting an entire volume would provide reasonable insurance that, if your laptop did fall into the “wrong” hands, the data on it would be pretty useless. Without encryption, anyone with a screwdriver or a boot disk can circumvent normal password protection. Encrypting specific folders or files may be more appropriate if there is a very limited amount of confidential information, and it is very well organized.

To Encrypt or Not to Encrypt

There are some drawbacks to encryption. There is a slight performance impact. Instead of simply reading data, your computer is now doing a little extra work of encoding or decoding the info in order to write or read anything on your drive. With modern processors and with a machine oriented toward business activities, this may be less of a concern, but on a gaming rig or a Web server, where speed is very important, it could impede performance.

There is also the factor of complication. If your file system is encrypted, then to access it, you must have the key, which is like a passphrase. If you forget that passphrase, you have no chance of recovering your information. The key could also be a special USB stick. If you lose that device, again, your data is lost. There are other options for the key, as well, including fingerprints, and hopefully those won’t be lost either. If properly configured, some encryption programs have options for “Escrow” keys, which you can store safely and separately, which can either be used to recover or generate a new key. Data recovery can also be more difficult, although with proper backups, this shouldn’t be an issue. Since the data is scrambled before being saved, if your hard drive fails and pieces of the scrambled data are missing, it becomes more difficult to reconstruct. Still, if the information on your computer is confidential, encryption might be a good option despite these obstacles.

How to Encrypt

Most recent releases of major operating systems include options for file, folder, or volume encryption. There are also numerous third-party options, ranging from free, open-source projects, to commercial applications.

Windows BitLocker

The Enterprise and Ultimate versions of Windows Vista and Windows 7, and all versions of Windows Server 2008, have a feature built-in called BitLocker. BitLocker allows the encryption of a full disk volume. If the computer has a Trusted Platform Module (TPM) chip and the right BIOS version, then BitLocker can operate in transparent mode. As long as BitLocker does not detect unregistered changes to the boot process, nothing beyond the user’s password is required to access the system, so it is pretty unobtrusive. If a change is detected, then the user is prompted for their encryption key, which they could have on a USB memory card, or they may have printed it out and filed it away.

There is also a user-authentication mode, in which the user is prompted for a PIN or the USB memory stick right away when the machine is powered on, and before the OS boots. In the case of hardware that does not have TPM, BitLocker can be configured in USB key mode, in which the USB memory stick is required to boot up. There are additional options and key storage methods available when BitLocker is deployed in a domain with Group Policy governing the configuration. In any case, if the hard drive is removed and placed into a different computer, the encrypted volume is useless without the key.

Configuration of BitLocker on an already-in-use computer can be a bit tricky, as a small separate disk volume must be created. However, there is a Windows BitLocker Drive Preparation Toolto help with this. Once complete, to turn on BitLocker click Start/Control Panel/Security, and then click BitLocker Drive Encryption. On the page that comes up, choose Turn on BitLocker, and then you will be prompted to create a passphrase. After completing the rest of the wizard, you will reboot, and your drives will go through the encryption process.

In Windows 7, there is also a BitLocker To Go option, which allows you to encrypt the data on a removable storage device (external hard drive, USB Stick, SD card, etc.). This is a great option for transporting important information. The memory device is readable only when accessed with the correct passphrase.

Microsoft’s site can be a big help. For assistance use the BitLocker setup guide. Microsoft also offers a Secure Online Key Backup, which can cover you in the case of a lost key. Lastly, Microsoft has a repair tool to help recover data from an encrypted volume.

FileVault for the Mac

On the Mac OS X, 10.3 and later, there is a option to encrypt entire home directories using the built-in FileVault. While not full disk encryption, this is a very safe option if you save all of your confidential information within your home folder. Setup is typically Mac-easy. On the Security Control Panel, on the FileVault tab, you must set a master password, and then you can enable FileVault.

Some drawbacks to FileVault are that you must have free space equal to the size of your User folders before it can be enabled. Additionally, there are some concerns about the strength of the cryptography. TimeMachine also functions differently with FileVault enabled. It will back up only after a user has logged out, and it backs up the entire home folder, so individual file recovery becomes difficult. Lastly, because the whole disk is not encrypted, a malicious user could still access the non-user folders of the drive.

TrueCrypt for Linux

Disk encryption options in Linux are related to the particular build in use. Most will come with some encryption options built-in, but the options and implementation can widely vary. TrueCrypt, which I’ll explain in a moment, is an excellent option for Linux.

There are many third-party options for disk encryption. Despite the many commercial options, I would recommend the free, open-source TrueCrypt. It has builds available for Windows (including XP and 2000), Mac OS 10.4 and above, and several flavors of Linux. The options are very robust, ranging from a FileVault-esqe folder or mounted volume (they even have a hidden volume option for the super secretive among you) to an entire disk.

No matter what encryption method you try, one strong suggestion is to back up your data before you implement the encryption. By the very nature of it, encryption scrambles up your data. This does mean, that if something goes wrong during the encryption process, you could lose data. It isn’t likely, but as always, there really isn’t a good reason not to back up first.

Disk encryption is a powerful option for securing your data. If deployed properly, it can protect your information from unapproved access. With the number of computers stolen and lost each year, this can be a very important tool to protect your vital personal or company information.

Tim McGuire founded The Backup Plan, Inc. in 2005 and writes on a variety of blogs as tmcguire47.

Backup Evangelism Conitnues

0
Posted by tmcguire47 on October 15, 2009 – 11:46 am
Filed under External Articles, General
Tagged as , ,

The evangelism continues.  There are quite a few folks writing articles promoting backups, and this is a good thing.  I have a vision of a world in which no data is accidentally lost, and if everyone learns to back up, it may some day be a reality.
Jerry Osteryoung, writing for his blog and a local newspaper, uses personal anecdotes to illustrate the need for backups.  He touches on some important points, including the need for a geographically removed archive in the case of a true disaster (something that is often on the minds of Gulf area residents).
Bill Husted, writing for The Columbus Dispatch, leans on the idea that there is little excuse not to put forth the relatively light effort required to have some form of backup.
Lincoln Spector, for PC World, writes an excellent article about different backup strategies. He covers a lot of ground, and it is a great article.

Keep speadin’ the word!

Free is not a good business model

0
Posted by tmcguire47 on September 4, 2009 – 11:47 am
Filed under External Articles
Tagged as , ,

Consumers, especially internet consumers, like getting stuff for cheap…even for free.  And this is great.  Free offers and free services can be great ways to extend the reach of a brand.  However, sometimes free can be too good to be true.  Sometimes, it can be a signal of a company that is not sure how to run itself, or how to turn a profit.  It can be a sign of leftover dot-com era thinking, which was too often: we’ll be free for a while, sign up millions of users, and then sell out to someone big, and they can figure out how to monetize the user base.  That only worked when the business had a unique or perfectly executed idea.  In many many other cases it failed.  Those millions of users who were happy paying nothing may not be so into the site or service with a fee attached.

Anyway, a while back there was a PC World article by Tom Spring, addressing the issue of data loss related to online backup services going away.  He lists some of the major and not so major players, including AOL with AOL Pictures and XDrive, HP’s Upline, Sony’s Image Station, and Yahoo’s Briefcase.  These offerings have been yanked from the marketplace.  Most of the big companies that pull their service give the users plenty of notice and time to move their files to another location.  Some of the smaller services simply ran out of money and vanished, and their customers’ backups right along with them.

In the article, Kurt Scherf, VP of market research firm Park Associates, says, “Companies without a business model are going to fail.”  I agree with that, and that is what I want to stress.  When selecting a firm to store your precious data, pick one you trust.  Pick one whose business model, pricing, and service make sense.  Pick one who has been doing it a while, or seems like they will be able to stay around.  At The Backup Plan, for example, out business model is not to collect as many free users as possible, or even to target home users and compete with lots of other companues at unrealistically low rates.  We follow a managed service provider model.  We have developed a strong service, at a reasonable and sustainable price.  But rather than market direct to customers, we prefer to resell this service through IT consultancies and shops.  Why?  2 main reasons:
1. Ownership…the customer has a trusted IT partner, and that IT partner leverages our service…we now have 3 parties involved, each of which has an equal stake in making sure the backups are solid and useful.  Each party has a sense of ownership of the process, and I think the result is a much stronger offering than a polished self-service web site
2. Overhead…ours is lower without the need for field agents and a massive first-level-support staff.  By supporting our authorized resellers we can be more efficient, our rates can be a little bit lower.
It may seem that by stacking a middle-man in the model we are creating a more expensive, less efficient model.  I think in this case, it is more efficient to have the trusted IT partner, which already has a relationship with the customer, continue that relationship, learn from our experience, and offer the best service to the customer.  I think it is dishonest for some of the low cost or free services to suggest they offer a realistic backup service, when often their business model is simply unsustainable.

DON’T “set it and forget it”

0
Posted by tmcguire47 on September 1, 2009 – 11:00 am
Filed under Uncategorized
Tagged as ,

Melissa Perenson, with PC World, urges computor users to try “Set it and forget it” backups.  It is mainly an intro to other articles and pointing at some new devices that make backups easy.  I am all about promoting backups, and in fact I am all about making them easy.  However, I would strongly caution against setting it and forgetting it.  When it comes to backups, the easy button is a bit dangerous.  It is a false sense of security blanket.  If your data is important, then backups are actually something you (or someone) needs to pay attention to regularly.  Here are some problems with making backups too easy:
1. Vendors focus on making the backup easy, but how easy is the restore?  Do you even know?  Many reviewers never even test the restore process.  Chances are good you might not find out until you are actually trying the restore, and by then it might be too late.
2. An easy setup might grab far too much data, or it might miss some.  For example, if it grabs your whole drive, you could be backing up unimportant system files, wasting valuable space on your backup media, or worse, paying to store that with an online vendor.  Or, it might miss some, perhaps if you have a folder that isn’t in a standard location, for example.

Those are just a few of the issues.  Real backups take work, and attention, both in the planning stage and in an ongoing maintenance stage.  It can still be easy, but if you want to really feel secure about your data, the setup of the backup should be conscious, not haphazard.