They protect you from failure as well as malware.
We tend to think of backing up as being something separate from keeping our computers secure.
Nothing could be further from the truth.
To mis-quote the cereal commercial: backups are an important part of a healthy, secure breakfast.
Become a Patron of Ask Leo! and go ad-free!
Backups ARE Security
Backups can save you from malware as well as hardware failure and user error. When used properly, backups also provide you with a safety net from even the most destructive of malware: ransomware. Backups are an important part of your overall security.
Recovery from failure
Backups are a great way to ensure you’re protected from hardware or software failure or even your own mistakes.
- If your hard disk fails unexpectedly, restore from a backup image.
- If your software corrupts a file, restore it from a backup.
- If you accidentally delete a file, restore the most recent copy from your backup.
Online or offline, the drill is the same: when something goes wrong, rely on your backup to save you (or at least reduce the impact).
But wait, there’s more!
Recovery from malware
Backups — specifically image backups — play a key role in your overall security.
- If malware infects your system, restore from a backup image taken prior to the malicious software’s arrival.
- If malware corrupts a file, restore it from a backup.
- If malware deletes files, restore the most recent copies from your backup.
No protection from malware is ever 100% safe. We’re all at risk. A proper backup dramatically reduces the impact of malware that does make it through.
With a full-image backup, malware becomes an annoyance instead of a disaster.
Recovery from ransomware
Ransomware is just malware.
Everything I’ve listed above about malware applies to ransomware.
- If ransomware infects your system, restore from a backup image taken prior to the malicious software’s arrival.
- If ransomware encrypts files, restore the most recent copies from your backup.
Yes, it is that simple.
And yet…
“But ransomware can encrypt backups!”
That’s no reason not to back up.
People still die wearing seatbelts, but that’s no reason not to buckle up.You’re less likely to die wearing a seatbelt, and you’re less likely to be affected by ransomware if you have good backups.
Here’s why:
- Not all malware is ransomware. Your backup still protects you from those.
- Not all ransomware encrypts backups. Your backup still protects you.
- Many backup tools now take steps to protect your backups from ransomware.
- Backups kept offline are out of the reach of ransomware.
And again, ransomware is just malware. Malware that is not ransomware that deletes backups has been around a long time. Same issue. Same solution.
You’re safer with a backup than without.
“So I’ll disconnect my backup drive when I’m not backing up.”
I recommend you do not disconnect your backup drive.
That’s like saying you’ll only put on your seatbelt when you know you’re going to be in an accident.
You just don’t know.
By keeping your backup drive connected, you can automate the backup process so you don’t have to think about it, much like making your seatbelt an automatic habit when you get into the car.
Having a backup process work without needing your intervention is more important than worrying about the backups themselves being encrypted by ransomware. If you have to initiate a backup to make it happen, it won’t happen.
You will forget.
And you’ll be left without a current backup, even when you need it for reasons other than ransomware.
Do this
Adopt the mindset that your backups are an important part of your security strategy.
That means:
- Automate periodic backups, ideally daily and/or continuously.
- Leave your backup drive connected. If you’re worried about ransomware encrypting your backups, you can take one or both of these steps.
- Use a tool that protects your backups. Macrium Reflect’s Image Guard feature is one example. There are others.
- Periodically copy your backup offline. Yes, this is a manual step that you might forget, but it’s safer to forget this than to forget backing up completely.
- Use online backup services. Many, like Dropbox or OneDrive, have the equivalent of a Recycle Bin as well as additional protections for ransomware.
Above all: back up. Someday, somehow, you’ll be very glad you did.
Now sure how? Start here: How to Back Up Windows 10 (& 11).
Periodically copying your backup to a drive that’s not permanently connected to your computer is having the best of both worlds. The farther away from your computer you keep the copied backup set, the more secure it is. If it’s always plugged in, it’s subject to electrical spikes and malware. If it’s in the same house but not in the same room it’s safer against robbery. If you keep a copy with a friend or relative, you are protected against fire and flood damage to your home.
And as Leo recommends, OneDrive, Dropbox, or other cloud storage are great offsite backups for your data. I moved my Documents, Pictures, Music, and Videos folders into my OneDrive folder. I, generally, only use my system image backup to restore my entire system. I use my cloud storage to restore individual files.
Cloud backup service like Carbonite or Backblaze are great if you don’t know what to backup. If you know your way around your computer, OneDrive or Dropbox gives you more control and can back up things Carbonite or Backblaze might miss, such as your email folders and files saved in non-standard locations. Bur unless you know the location of the folders you want to back up, online backup services might be the more effective solution.
As a Macrium Reflect and Macrium Site Manager user and partner, I endorse your recommendation to use the Macrium Image Guardian feature to protect your backup image from malware. You can use local, network, or cloud targets for your Macrium backup target. For the cloud, I recommend Wasabi and am a Wasabi partner network member. Note you can mount your Macrium image as a disk drive and copy just the files you want from the image back to your local disk storage. I would not consider OneDrive or Dropbox as backup tools, but it could be better than nothing if you are not making a real backup.
Backups are such an important security tool that if I had to choose between having a daily automated backup and an antimalware program installed, I’d choose the backup. Fortunately, I don’t have to choose.
What is your opinion on services such as Carbonite for a back-up service? I realize that Carbonite is only for files, not the programs.
Carbonite was founded by Jeff Flowers and David Friend, who sold that business and started the Wasabi “hot cloud” data storage service, an AWS S3-compatible object store with no data egress fees. The Backblaze founders are still operating their storage business, providing you with the software you need to send your backup to them, like Carbonite. In general, off-site backup storage depends heavily on your internet connection speed which can be an issue depending on how much data you need to restore. That said, off-site storage does fit the 3-2-1 backup principle for storing 1 copy of your data off-site in an encrypted or immutable manner.
I prefer local hard drives as a first defense, but honestly — the best backup is the one you’ll actually use. Carbonite, as I understand it, can be pricey, but it’s got a good reputation.
Twice, I royally messed up files on my computer, and twice, my backups saved the day. All I had to do was copy the backups onto my computer, rather than having to start from scratch and try to re-build my digital life! I keep one hard-drive plugged into my computer, and I backup up the “Documents” file daily. Each week, I back up the rest of my files, and store those hard-drives off-site. Thanks for everything you do, Team Leo!!
Thnx to Leo’s urgings/warnings/beseechings over years, I got aboard Macrium Reflect as a means for periodic image backups plus automatic Backblaze uploads (which saved my bacon when Microsoft “support” wiped out everything). Both are super easy to use. I like easy.
Question: how often do you recommend updating the bootable Macrium Rescue program which resides on a thumb drive, almost 2 yrs old?
@joel albert,
The current version of Macrium Reflect is 8.x. If you created your Macrium Rescue media using the current version, you should be good to go until they move to version 9.x. If you created it using version 7.x (or earlier), you should probably re-create it using the current version so you can recover your images using the version they were created with. I’m no expert on Macrium Reflect, but I update my rescue media when a new version is released in the event anything has changed in how the images are created/restored.
My2Cents,
Ernie
Yes, that’s how it works. In fact, if you no longer have a working rescue disc, you can download it on a different machine and create new rescue media.
keep harping leo :) i was pretty lax about backing up until you convinced me – i now back up my ssd daily with the free macrium reflect differential and weekly with a full backup to a secondary hdd as well as a full backup monthly to my nas with weekly differentials
the real reason i am writing today is the ssd (wd blue 1tb – only a couple years old) was starting to freeze up then failing to reboot until i powered off and waited a few minutes – i replaced it with a samsung 870 evo and, using my macrium backup and rescue media, i was able to restore my system almost immediately and effortlessly
khfonline: I currently use the paid version of Macrium Reflect to do image backups of my Windows 10 system drive C: and my data drive D:, each to a separate portable hard drive. I do the system drive backup both before and after the monthly Windows updates, and do the data drive backup every few days. I do *not* keep the portable hard drives connected to the PC. I also use iDrive online backup to back up my files daily. If I work on a file to which I make extensive edits, I back those up immediately with iDrive. I have iDrive set up to back up once in the early morning—not continuously. If I work on a newsletter over several days, I keep that file in my Dropbox folder so that every time I make a change and save the file, it automatically gets copied to my online Dropbox account. Once I finalize the newsletter, I copy that file to a newsletter folder, back it up with iDrive and delete it from the Dropbox folder a few days later.
So yes, I would use an online backup service if I were you since it does provide another backup that is also offsite and automated.