The all required backup process

Security And Privacy for All

The backup process is probably one if not the most fundamental aspect of personal IT or personal information security – at the same time one of the most neglected aspects for both techs and non-techs.

Before even starting, one should identify the information assets that need to be backed up. After this, one should also see the situation from the usability perspective.

  • how am I going to back things up ?
  • how often ? when ?
  • how will i restore them ?
  • do i need to access them on a different device ?

As part of the backup process, I can also get a view of my info assets on regular intervals and remove them from locations no longer necesarry.  ‘Relieving my main working PC from having to store certain files is also a big plus. This is mostly from a security perspective and not a storage space issue.

If i’m not going to use them or if i’m going to use them rarely, why even keep them on the PC, risking unauthorized disclosure if my PC gets compromised ?

My requirements :

  • encrypted ( either in an encrypted container or having the content encrypted )
  • accessible cross platform
  • incremental
  • easy to do
  • must maintain a backup of the backup in an offsite location

Software

A small piece of software that is not maintained anymore did the trick for me – that is  Create Synchronicity

create-syncronicty-6-1

The attractive parts about is that it is :

  • lightweight
  • portable – not needing installed, but running it from the HDD
  • remembers configurations – you can setup configuration profiles for the files you want to back up, being able to specify the type (mirror, incremental) and source/destination

The bad part is that its not maintained anymore but it’s not necessary needed.

Duplicati Is a great piece of software, especially useful for backing up to the cloud. Encryption is supported. It’s also portable.

For encryption I went for the cross-platform industry standard VeraCrypt.

Backup location

Different type of data can be backed up differently, but for the sake of simplicity I opted for the following :

  • personal / sensitive files – on an encrypted external hdd
  • all other – on an external hdd and on cloud storage

This could, of course, have been much easier, like automatic and encrypted backup of all your files to the cloud – but not all people trust all of their documents in the cloud.

For the sake of accessibility from multiple platforms and fast maneuvering I went for a dual-partitioned encrypted external HDD and portable software.

  • 1 small partition – to store portable software, like VeraCrypt and Create Synchronicity
  • 1 big partition – to store the backup encrypted with VeraCrypt

The bad part is that in case of loss or theft, the small partition is accessible and the attacker will find out about :

  • file paths – from Create Synchronicity config files
  • the encryption software – VeraCrypt

But should still not be that big of an issue, given a strong password for encryption (and possibly a key file).

HDDs can still fail, thus creating a risk for your backed up information. To cover this, I’m taking a backup of the backup to an offsite location at regular intervals.

Automation is wonderful in general but not fully possible given my requirements. To cover for this, I have a monthly reminder in my calendar about going through the backup.

References

  • http://synchronicity.sourceforge.net/
  • https://github.com/createsoftware/Create-Synchronicity