Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why Is “Back Up First” Your Recommendation for Everything?

You want a safety net.

Back Up!

Nothing protects you and your data like a complete, recent backup, even when it might not be obvious. That's why I harp on it so much.
Question: In your response to the Spectre and Meltdown vulnerabilities, the first thing you recommended was to back up. Why? How does that relate to anything? How does backing up help protect me from malware and vulnerabilities?

I harp on backing up a lot, I know. But it’s on purpose.

As I’ve said elsewhere, nothing protects you and your data like a complete, recent backup.

Become a Patron of Ask Leo! and go ad-free!


Why Back Up First?

A complete system image backup taken prior to a change, update, or malware’s arrival represents a safety net. If anything goes wrong, restoring that backup returns your computer to the state it was in prior to whatever it was that happened.

The backup I’m talking about

I want to be clear that the kind of backup I advocate is a complete system image backup. That’s a backup of your entire hard disk, including your operating system, installed programs, any hidden partitions, and your data.

Other types of backups are certainly better than nothing, and it’s incredibly important to back up at least your data, but for the kinds of issues we’re about to consider, it’s a system image backup that will save your bacon.

Vulnerabilities make you vulnerable

Once vulnerabilities are discovered in software, if malware gets on your machine, it now has a known way to exploit that vulnerability and wreak havoc.

Depending on the specifics, you may or may not be able to remove the malware through traditional means — for example, by using an anti-malware tool. Even then, once your security software says the malicious software has been removed, there’s still no way to know with 100% accuracy it’s correct. Malware’s #1 job is to hide, and there’s really no way to know your security software saw through all possible deceptions.

Short of reinstalling your system from scratch, restoring from an image backup taken prior to malware’s arrival is the only way to know for sure the malware has been removed.

So, whenever I hear the phrase new vulnerability discovered, I immediately think “Back up!” — and use that as an opportunity to remind everyone of what I’ve just described.

Read-only vulnerabilities are gateways to more

Here’s one way a backup can rescue you.

Some vulnerabilities only enable reading of protected memory areas. All they do is read data, so they can’t damage anything, and you won’t lose any data — right?

Consider the following scenario:

  • Malware infects your machine.
  • That malware uses some vulnerability to read otherwise protected operating system internal memory.
  • What that malware finds is information that allows it to request and be granted administrative privileges on your computer.1
  • With administrative privileges, the malware can read, write, encrypt, delete, or destroy whatever it has a mind to.

The vulnerabilities don’t directly harm you; they enable the malware’s ability to harm you.

Again, a backup protects you from the majority of that harm.

Updates can cause problems

Another scenario in which backup will save your bacon can occur around Microsoft updates. What’s frustrating to everyone involved is that Microsoft’s track record of providing stable updates is sometimes questionable. A few users find themselves in this unenviable situation:

  1. It’s important you take all updates to protect yourself from malware that might exploit the vulnerabilities.
  2. The update you take might “brick” your machine.

Point #2 should never happen — and it doesn’t happen often — but it can.

A complete system image backup taken prior to the update will protect you from the update if the update goes bad. If you find your machine unresponsive after the update, you can restore the backup image and wait for the update to be … updated … so it’s no longer problematic.

Yes, absolutely, it’s extremely frustrating if this happens to you. But it’s important not to let the fear of updates prevent you from updating. A complete system image backup is your fear-reducing safety net.

It can’t get any worse than this

An image backup represents a snapshot of your entire computer at a point in time — a snapshot you can revert to should anything untoward happen.

When you can always revert to that snapshot of your machine, no matter what happens from that point forward, it can’t get any worse. If it does, you revert.

That’s why any time I’m faced with risk, I back up. Be it installing major updates, performing clean-up and/or repair operations, replacing or upgrading hardware, or just making changes to the work you keep on your machine, a backup is your safety net.

Do this

Back up.

Back up often.

Sooner or later, you’ll be very, very glad you did.

And it’ll always be part of my response. :-)

Also, part of my response? Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio


Footnotes & References

1: While the operating system wouldn’t keep the administrator password lying around in easy-to-read plain text, we can probably assume that malware poking around in the operating system’s protected memory could find something it could use to this end.

20 comments on “Why Is “Back Up First” Your Recommendation for Everything?”

  1. Just to add a little information, I recently went to the paid version of Macrium Reflect (Version 7). I’d been using the free version for a while, but wanted to take advantage of the flexibility of the paid. Macrium has a feature called Image Guard that protects the backup files. You can’t even remove a backup file from the drive without using the program. For example, opening the backup drive in File Explorer and trying to delete the file. Image Guard won’t allow any changes to the backups without turning it off first. For those concerned about their backup drives getting infected, it may be worth their while to check it out.

  2. Because you have mentioned image backups many times I have done this for all my laptops and desktop. It takes time to do and lots of space on an external hard drive. But to me it seems like “insurance” in case anything goes wrong. However, I have no idea how to call up the image backup if anything should go wrong. If I have a non-functional laptop hooked up to the external hard drive, will the laptop be able to find the image backup and everything will happen automatically?


    • If you’re using reputable drive imaging software (e.g. Macrium, Acronis, EaseUS), they should prompt you to create restore media. If not, you can do this from an option on the main menu bar. It creates a bootable CD/DVD or USB thumb drive. When the need comes to restore a backup, you insert the boot disc/drive, restart your machine and booth from that device, then follow the instructions to locate and restore a backup. That’s it.

      Very important: Once you create a boot disc, TEST IT! Insert the disc, reboot your machine, and make sure you can boot from the device. You may need to modify your computer’s BIOS settings and tell it to boot from a disc or USB drive before the primary hard drive. Don’t wait until disaster happens to test your boot disc. Once the restore disc has loaded, you can exit out, remove the disc, and boot Windows as usual.

  3. Leo, you are spot on!! Just keep pounding on their heads about backing up and maybe a few of them will see the light and do it. i am an old fart and have been backing up for years…yep, Macrium. i do a weekly backup and it takes about 6-10 minutes. i keep three and delete the oldest. i keep them on an external drive thats not hooked up….so easy. then also make images before i try some program or update…has saved my butt many a time. i am forever doing something silly and then having to restore the computer while i make a cup of coffee. Keep up the good advice…we all need it more and more. thanks. Clas

  4. I completely agree with doing a complete backup frequently. I use 3 hard drives but I rotate the drives when I backup.
    After the backup, the backup drive is disconnected for security. Do not leave the backup drives connected.
    Macrium is the best to use for backup, it does a great job and easy to use.

  5. One issue that I have with backing up that hasn’t been covered is multiple drives. My computer has several drives in it.
    Drive C – SSD: Main drive running Windows 10 Home and some programs that are required to be installed on Windows drive.
    Drive D – SSD: With most programs installed
    Drive E – HDD: Document Libraries
    Drive F – HDD: with games

    Setting these up for auto don’t always work. For example I have Norton set to backup My Documents. It doesen’t recognize Documents is on “E”. It backup up from “C” drive which doesn’t have anything. I use Paragon for imaging “C” but freezing the system to do “D at the same time has been a problem.
    This may be a good subject to cover Leo.

    • To back up a non system drive, it’s only necessary to copy the contents of that drive to another drive. It would be nice if your backup program did that automatically and normally it should, but if it doesn’t, just copy the contents.

      I’ve created a batch file to do that. Here’s an example. You can substitute the appropriate drive letters and specify folders to back up if you choose.

      Create the file in Notepad and save it as a .cmd file, something like backupd.cmd

      robocopy d: g:\backup /e
      [or to specify a folder robocopy d:\”my pictures” g:\backup /e (quotes are only necessary if the folder or file name has spaces)]
      echo Backup Complete

      You can even have the task scheduler run it for you automatically.

  6. I do understand Leo why you devote so many words to the importance of backing up, and for years I have followed your advice and taken regular image backups. However I don’t agree that they are the final answer. As you mentioned, malware can hide itself on your machine. I believe it can remain hidden for a long time unseen by your anti-virus program, before emerging to do its nasty business. So your backup might not be malware-free.
    For that reason I make separate copies of all my docs, photos, music etc. on offline USB drives. I realise even that is not absolutely secure, but it seems to me the best we can do. Do you think I’m wasting my time?

    • Nope. Overkill — if, even, it’s that — is much safer than not backing up enough. (My experience is that malware rarely remains hidden for long, but I understand wanting to feel safe.)

      • Everything you have that you want long term should have off line, archived resources behind it. Period. I go over those and weed out dead links and things that no longer work or pertain to anything, however, being a packrat I will find things that persist over years, there is just that much STUFF.

        I used to have files going back to the mid 1990s by the score but of course many of mu favorite programs and links simply do not work without older OS versions or some websites are truly gone and no longer even archived.

        I suppose this is because I started burning CDs as soon as I could get a CD-R drive and I also made music and mp3 discs early on for my records and tapes. Now I need to backup my external storage drives!


  7. I use Macrium Reflect (paid) to image my laptop. I have both dropbox and overdrive. I assume that in the event that a full restore is necessary I would restore everything but the data in dropbox and overdrive and then let them restore the files to my laptop. Is this correct?

  8. Fortunately I’ve not suffered a malware attack. But the Macrium image was extremely handy when I upgraded my SSDs to higher capacity drives. Wasn’t too hard to figure out and saved hours, likely days, not just restoring the data but all the software and their configurations. And a note to those who swap back-up drives … I keep mine in a safe in a steel building far away from the main house, where do you keep yours?

    • In a locker at work. I also have all of my personal files in a OneDrive folder so this also creates copies on 3 computers. That cloud storage is my data lifeline. My off-site hard drive storage isn’t rotated as often as it should be.

  9. Last month when Microsoft put out it’s Tuesday updates, I did not get the update icon in my taskbar.
    Think this was strange I tried running Windows Update and got an error. It would not update. Something had trashed Windows Update.
    I routinely do an Image backup after each Windows update, so I just copied my data to my external disk drive. Then reinstalled the last Image backup. Then copied back my data. And in just over and hour I had my computer restored and was able to run Windows Update successfully.
    Leo’s mantra of Backup/Backup/Backup really hits home when something goes wrong.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.