Backup plan help...oh please...oh please


#1

I’m just gonna throw this right out here…I’m loving this place, and the help everyone shares. It’s a cool nerd haven, especially for a newby…!!

And that flattery means that, yes, I have a stumper (at least for me).

My wife and I now find ourselves both working from home (yeah!). We both have different businesses. We are both concerned about a solid backup system, for our computers.

We have between us:

  • 1 macbook pro (mine)
  • 1 macbook air (hers)
  • 2 iphones (one each)
  • Ipad (mine)

Right now for back up we are:

  • Both computers backing up to a 3T time capsule.
  • We use Photos and Apple Music
  • Each computer has 2 external hard drives that we use Time Machine to a back up to, and then each week the external hard drive is rotated with it’s sibling that we keep in our car glove compartment (for off site storage)

As I read more about backup plans I hear more about Backblaze and CarbonCopyCloner and SuperDuper…and my eyes glass over and head hits the desk

Am I doing enough for a reasonable and prudent back up? Should I do an online backup plan also?

Guidance for a noob in the world of backup plans would be appreciated…

  • Mike

#2

I think if you add Backblaze, you’d be all set.
If you imagine a natural disaster, it is conceivable that your car (presumably in the garage or driveway) could be damaged, as well as your home office.
Backblaze just works, and you don’t have to think about it.

Edit: i’m assuming your phones are backed up to iCloud, or your computers.


#3

I would definitely add an online backup plan for sure. At a minimum start with the folders on each computer that have the essential files (documents/home folder/Dropbox folder). You won’t be using online for recovering the OS, it should be just for the important files unless bandwidth/money/time are not an issue. Look for online backup providers that do versioning also. That could help prevent unintended changes from propagating into the online space and ruining all of your backups.

Personally I’ve used Arq on my Macs uploading to Backblaze B2 (S3-like target) in addition to local Time Machine backups to my Synology NAS (then the NAS also parks it’s data on Backblaze B2 AND Amazon Glacier – belt & suspenders).

As for IOS, I rely on iCloud mostly, but don’t put anything important locally on any devices. Also periodically plug in and backup to a computer to get those files onto another machine (then up to the cloud).

And lastly, put all of the online storage account information, login, pass-phrases, encryption keys, into 1Password so if “the worst” happens, you can eventually recover all of the data to another machine.

-Mike S.


#4

Thanks greatly…when you say “versioning” is that where just a new version of a file is backed up? And the other files stay put, until they might be changed?

If so, does Backblaze do that?


#5

Thinking about this in terms of all the different backup options can be lead to glazed eyes and headdesk. Instead, I think it’s useful to think about backup in terms of “What kind of threat am I trying to mitigate?” Once you know the problem(s) you’re trying to prevent, then choosing backup strategies that address those problems is a lot more straightforward.

I wrote about the threats that I’m trying to address with my backup strategy a while back:


#6

That’s a great article. Well done, and thanks for sharing. It confirmed some of my thoughts, especially about getting BackBlaze.


#7

Thanks JohnAlt, and yep, they are backed up. I appreciate that reminder to do plug them into computer frequently


#8

Yes, each version of a file is backed up, so if something/someone changes it, it will back it up AND keep the original file. Backblaze will do that. And Arq to Backblaze B2.

-Mike


#9

I would be wary of keeping the hard drive in the glove box of your car. The extreme temperatures a car can encounter make it a less-than-ideal location for electronics. You can probably do well for years but if you are in a situation where you are accessing that drive you really don’t want it to fail.


#10

I would add two things to your current strategy. First is a better off-site location. Backblaze or similar is a good choice. Second is a clone of each machine using Carbon Copy Cloner or SuperDuper. Much faster restore in the event of a major failure. In addition you can plug it into your wife’s computer and boot from it to get in an emergency get important work done mode


#11

Ah, thanks. I had not even thought of that.


#12

So, suggesting that the backup to the external be a clone? Or, is the clone an additional backup?


#13

I would think the 3-2-1 rule is a good fit.

3: have at least 3 copies of your data
2: on 2 different storage types
1: at least one of which is off-site

So looking at your setup you’re getting there.

a couple of possible improvements:

  • I wouldn’t keep a harddrive in the glove compartment as your off-site backup. Temperature & humidity differences will eventually break it.
  • Off-site backup can be anything, a NAS backup to a friend, a backup provider online. Just as long as it is FAR away from your home. in regards to the car thing again: if the car is in the driveway when your house is on fire… I think the backup is going to be in trouble…

one remark regarding backblaze (@JohnAtl)

I consider them an insecure backup option.
The do encrypt your backup, and you have the key.
BUT: if you want to restore the data you have to send them your key zo they can decrypt it.
By definition that is an insecure backup.
But hey, if you feel it’s worth it, their service is cheap and fast.


#14

This is true if you want them to ship a physical drive (a great service I hope I never need) with your backup data to you. If you’re downloading backups over the internet, your backup remains encrypted on their end.


#15

@JohnAtl That is not entirely true.

from the backaze support forums:

However, if you lose a file, you have to sign into the Backblaze website and provide your passphrase which is ONLY STORED IN RAM for a few seconds and your file is decrypted. Yes, you are now in a “vulnerable state” until you download then “delete” the restore at which point you are back to a secure state.

And actually if you send a hd, they could just dump your encrypted data on, as you have the key you vould just decrypt it at home, so why do it this way?

So all encryption/decryption is done server side, which is absolutely insecure. And that is NOT only on full hd restore.


#16

Thanks for the correction, but also, not entirely true :slightly_smiling_face:
Encryption happens locally, before files are transferred. That’s why you would need to supply a key to retrieve a file.
https://www.backblaze.com/backup-encryption.html

Anywho, I keep sensitive files in an encrypted disk image, so it works well for me and the other people storing 100 Petabytes of data there.


#17

A clone as an additional backup. I always do one before major OS upgrades. Disk drives are cheap so good to have multiples.

The old adage for backups is 3-2-1. Three different backups, using two different methods, where one is off site. I have multiple time machine backups to different drives and a Synology, 2 CCC copies on different drives, and CrashPlan for off site. Finally I have a copy of my most critical files on a thumb drive on my keychain.


#18

I would add an online. iCloud is inexpensive. If you travel any and you don’t have access to your external drive this is a lifesaver


#19

One potential trap with iCloud, Dropbox, etc. is they are copies, and not backups. If you delete a file locally, that deletion is propagated to the server. Unless you subscribe to or are provided with a history feature, you may be out of luck. Out of luck after 30 days, etc.


#20

Good first line of defense.

Neither of these is a backup. A backup is a separate copy on a different physical device.

The Time Capsule is already a TimeMachine backup. You should have different types of backup. If you use CarbonCopyCloner or SuperDuper to create these backups it would be much better and either is quite easy to do, IMHO easier than temporarily connecting a drive for TimeMachine and fussing around with TimeMachine configuration. In any case, your car really isn’t “offsite”. Use a safe deposit box or the house of a trustworthy friend or relative isn’t in the same neighborhood.

You should have a third backup plan to be extra secure, such as a cloud service.

You can back up the iPhones and iPad to the Macs, and the Mac backups will take care of them.