They protect you from failure as well as malware.
We tend to think of backing up as separate from keeping our computers secure.
Nothing could be further from the truth.
To misquote the cereal commercial: backups are an important part of a healthy, secure breakfast.
Backups ARE Security
Backups can save you from malware as well as hardware failure and user error. When used properly, backups also provide you with a safety net from the most destructive of malware: ransomware. Backups are an important part of your overall security.
Recovery from failure
Backups are a great way to ensure you’re protected from hardware or software failure, or even your own mistakes.
- If your hard disk fails unexpectedly, you can restore from a backup image.
- If your software corrupts a file, you can restore it from a backup.
- If you accidentally delete a file, you can restore the most recent copy from your backup.
Online or offline, the drill is the same: when something goes wrong, rely on your backup to save you (or at least reduce the impact).
But wait, there’s more!
Help keep it going by becoming a Patron.
Recovery from malware
Backups — specifically image backups — play a key role in your overall security.
- If malware infects your system, you can restore from a backup image taken prior to the malicious software’s arrival.
- If malware corrupts a file, you can restore it from a backup.
- If malware deletes files, you can restore the most recent copies from your backup.
No protection from malware is ever 100% safe. We’re all at risk. A proper backup dramatically reduces the impact of malware that does make it through.
With a full-image backup, malware becomes an annoyance instead of a disaster.
Recovery from ransomware
Ransomware is just malware.
Everything I’ve listed above about malware applies to ransomware.
- If ransomware infects your system, you can restore from a backup image taken prior to the malicious software’s arrival.
- If ransomware encrypts files, you can restore the most recent copies from your backup.
Yes, it is that simple.
And yet…
“But ransomware can encrypt backups!”
People die wearing seatbelts, but that’s no reason not to buckle up. While it is possible for ransomware to encrypt backups, that’s no reason not to back up.
You’re less likely to die wearing a seatbelt, and you’re less likely to be affected by ransomware if you have good backups.
Here’s why.
- Not all malware is ransomware. Your backup still protects you from those.
- Not all ransomware encrypts backups. Your backup still protects you.
- Many backup tools take steps to protect your backups from ransomware.
- Backups kept offline are out of the reach of ransomware.
Again, ransomware is just malware. Malware that is not ransomware that deletes backups has been around for a long time. Same issue. Same solution.
You’re safer with a backup than without.
“So I’ll disconnect my backup drive when I’m not backing up.”
I recommend you do not disconnect your backup drive.
That’s like saying you’ll put on your seatbelt when you know you’re going to be in an accident.
You just don’t know.
By keeping your backup drive connected, you can automate the backup process so you don’t have to think about it, much like making your seatbelt an automatic habit when you get into the car.
Having a backup process work without needing your intervention is more important than worrying about the backups themselves being encrypted by ransomware. If you have to initiate a backup to make it happen, it won’t happen.
You will forget.
And you’ll be left without a current backup, even when you need it for reasons other than ransomware.
Do this
Adopt the mindset that your backups are an important part of your security strategy.
That means:
- Automate periodic backups, ideally daily and/or continuously.
- Leave your backup drive connected. If you’re worried about ransomware encrypting your backups, you can take one or both of these steps.
- Use a tool that protects your backups. Macrium Reflect’s Image Guard feature is one example. There are others.
- Periodically copy your backup offline. Yes, this is a manual step that you might forget, but it’s safer to forget this than to forget backing up completely.
- Use online backup services. Many, like Dropbox or OneDrive, have the equivalent of a Recycle Bin as well as additional protections for ransomware.
Above all: back up. Someday, somehow, you’ll be very glad you did.
Now sure how? Start here: How to Back Up Windows 10 (& 11).
Periodically copying your backup to a drive that’s not permanently connected to your computer is having the best of both worlds. The farther away from your computer you keep the copied backup set, the more secure it is. If it’s always plugged in, it’s subject to electrical spikes and malware. If it’s in the same house but not in the same room it’s safer against robbery. If you keep a copy with a friend or relative, you are protected against fire and flood damage to your home.
And as Leo recommends, OneDrive, Dropbox, or other cloud storage are great offsite backups for your data. I moved my Documents, Pictures, Music, and Videos folders into my OneDrive folder. I, generally, only use my system image backup to restore my entire system. I use my cloud storage to restore individual files.
Cloud backup service like Carbonite or Backblaze are great if you don’t know what to backup. If you know your way around your computer, OneDrive or Dropbox gives you more control and can back up things Carbonite or Backblaze might miss, such as your email folders and files saved in non-standard locations. Bur unless you know the location of the folders you want to back up, online backup services might be the more effective solution.
As a Macrium Reflect and Macrium Site Manager user and partner, I endorse your recommendation to use the Macrium Image Guardian feature to protect your backup image from malware. You can use local, network, or cloud targets for your Macrium backup target. For the cloud, I recommend Wasabi and am a Wasabi partner network member. Note you can mount your Macrium image as a disk drive and copy just the files you want from the image back to your local disk storage. I would not consider OneDrive or Dropbox as backup tools, but it could be better than nothing if you are not making a real backup.
Backups are such an important security tool that if I had to choose between having a daily automated backup and an antimalware program installed, I’d choose the backup. Fortunately, I don’t have to choose.
What is your opinion on services such as Carbonite for a back-up service? I realize that Carbonite is only for files, not the programs.
Carbonite was founded by Jeff Flowers and David Friend, who sold that business and started the Wasabi “hot cloud” data storage service, an AWS S3-compatible object store with no data egress fees. The Backblaze founders are still operating their storage business, providing you with the software you need to send your backup to them, like Carbonite. In general, off-site backup storage depends heavily on your internet connection speed which can be an issue depending on how much data you need to restore. That said, off-site storage does fit the 3-2-1 backup principle for storing 1 copy of your data off-site in an encrypted or immutable manner.
I prefer local hard drives as a first defense, but honestly — the best backup is the one you’ll actually use. Carbonite, as I understand it, can be pricey, but it’s got a good reputation.
Twice, I royally messed up files on my computer, and twice, my backups saved the day. All I had to do was copy the backups onto my computer, rather than having to start from scratch and try to re-build my digital life! I keep one hard-drive plugged into my computer, and I backup up the “Documents” file daily. Each week, I back up the rest of my files, and store those hard-drives off-site. Thanks for everything you do, Team Leo!!
Thnx to Leo’s urgings/warnings/beseechings over years, I got aboard Macrium Reflect as a means for periodic image backups plus automatic Backblaze uploads (which saved my bacon when Microsoft “support” wiped out everything). Both are super easy to use. I like easy.
Question: how often do you recommend updating the bootable Macrium Rescue program which resides on a thumb drive, almost 2 yrs old?
@joel albert,
The current version of Macrium Reflect is 8.x. If you created your Macrium Rescue media using the current version, you should be good to go until they move to version 9.x. If you created it using version 7.x (or earlier), you should probably re-create it using the current version so you can recover your images using the version they were created with. I’m no expert on Macrium Reflect, but I update my rescue media when a new version is released in the event anything has changed in how the images are created/restored.
My2Cents,
Ernie
Yes, that’s how it works. In fact, if you no longer have a working rescue disc, you can download it on a different machine and create new rescue media.
keep harping leo 🙂 i was pretty lax about backing up until you convinced me – i now back up my ssd daily with the free macrium reflect differential and weekly with a full backup to a secondary hdd as well as a full backup monthly to my nas with weekly differentials
the real reason i am writing today is the ssd (wd blue 1tb – only a couple years old) was starting to freeze up then failing to reboot until i powered off and waited a few minutes – i replaced it with a samsung 870 evo and, using my macrium backup and rescue media, i was able to restore my system almost immediately and effortlessly
khfonline: I currently use the paid version of Macrium Reflect to do image backups of my Windows 10 system drive C: and my data drive D:, each to a separate portable hard drive. I do the system drive backup both before and after the monthly Windows updates, and do the data drive backup every few days. I do *not* keep the portable hard drives connected to the PC. I also use iDrive online backup to back up my files daily. If I work on a file to which I make extensive edits, I back those up immediately with iDrive. I have iDrive set up to back up once in the early morning—not continuously. If I work on a newsletter over several days, I keep that file in my Dropbox folder so that every time I make a change and save the file, it automatically gets copied to my online Dropbox account. Once I finalize the newsletter, I copy that file to a newsletter folder, back it up with iDrive and delete it from the Dropbox folder a few days later.
So yes, I would use an online backup service if I were you since it does provide another backup that is also offsite and automated.
Something to keep in mind if you use a cloud service to store backups of your sensitive data (bank, tax, or other private data) is to choose one that’s end-to-end encrypted, or to encrypt the data before sending it to the cloud service. I use Mega, which offers a free tier, to dynamically back up my documents directory, my Calibre database and other sensitive stuff. With Mega you can choose any number of directories (folders) to sync, so you don’t need a dedicated directory to sync with the cloud. Since Mega doesn’t have the key to decrypt my data, even if they’re compromised my data is protected. Additionally Mega’s Trash folder contains versions of changed or deleted files by date/time, so even if malware deletes or encrypts my computer’s files I can revert to a previous version that’s not corrupted.
My OS and user data are snapshotted hourly with separate scheduled backup programs to an external always connected HD, and weekly, manually, to another external HD that’s only connected while the backup is in progress.
Of course since I use Linux, malware infection is much less likely anyway.
Even if a cloud service uses end-to-end encryption, I’d still encrypt my sensitive data. I have to unlock two doors to get into my apartment. Not the best analogy, but I hope you get the idea.
Mark, a better analogy might be putting The Bank of England’s gold vault inside Fort Knox.
I use FreeFileSync to automatically backup to a connected drive daily (@2 am) and weekly to 3 external drives that are Bitlocker encrypted – 2 stored in a drawer and 1 in a fire safe. In addition, I backup to a Bitlocker encrypted drive once a month that is stored in my bank safe deposit box.
That’s good, but if you have a drive failure or malware, you’d have to install Windows and all your programs from scratch and spend hours tweaking the settings. System image backups are essential.
I’ve discussed this topic several times before, but I’ll post my backup regimen (and related thoughts) again, because I consider it/them to be perhaps the most critical steps anyone can take, not only for system security, but for recovering from most disasters, both natural (fire, weather-related, etc.) and technical (drive failure, malware infestation, etc.).
I currently use ‘Macrium Reflect Free’ as my backup solution which can be downloaded from the ‘MajorGeeks’ [https://www.majorgeeks.com/] website, or from the app’s page [https://www.majorgeeks.com/files/details/macrium_reflect_free_edition.html] to get it directly. See their
‘Backup’ section, the ‘Drive Cloning & Imaging’ sub-section for all disk imaging/backup software you can get [https://www.majorgeeks.com/mg/sortdate/drive_cloning_imaging.html], which I may check out further to see if there’s a currently supported free app I may prefer.
Similarly to @Fred St. John, I have a free account 0n Mega [https://mega.nz/] for my offsite storage solution. Their free account provides 20GB space, and all account types provide end-to-end encryption, and they offer their ‘MEGAsync’ desktop app so managing my account features is very easy, and can be accomplished from the comfort of my computer. The encryption key resides on my computer and any files I transfer in either direction (up or down) are encrypted in transit, and stored on Mega in their encrypted format, so they cannot be viewed by anyone other than me (unless someone gets my computer). I’ve used mega.nz for several years now, and other than checking the ‘Rubbish Bin’ (a part of my monthly system maintenance regimen) to remove older, no longer needed files/folders, the service is essentially a set-it-and-forget-it affair (I use their sync feature, not the backup one).
As for my local system backup regimen, I create a weekly backup set (stored on a 2TB external, always connected, USB3 drive), consisting of one full system image (created on the first day of every week), and six differential images (one per day for the remaining six days of the week). I keep four backup sets so I can restore any file, or my entire computer to the state it was in on any of the past twenty-eight days.
By taking these steps, and keeping my computer and all installed software as up-to-date as possible (I now use UniGetUI [https://www.marticliment.com/unigetui/] to automatically backup all my installed software/apps), and I always run Windows Update on every Patch-Tuesday (usually the second Tuesday of each month), combined with a very strong sense of skepticism about anything coming from the Internet, I feel that I’m as protected form any potential mishap that may befall me or my computers.
Ernie
“I now use UniGetUI [https://www.marticliment.com/unigetui/] to automatically backup all my installed software/apps),”
UniGetUI doesn’t back up your installation files. It updates the apps. In fact, it doesn’t even save the installation files, as they are downloaded to a temporary folder.
Sorry Mark, I misspoke. I actually use UniGetUI to update my installed software/apps, but everything on my computer is backed up by Macrium Reflect Free, so hopefully, everything’s still secure …
Ernie