Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Backups ARE Security

They protect you from failure as well as malware.

Don't overlook backing up as part of your security. When the worst happens, it's your backup that will save you.
An External Disk Drive

We tend to think of backing up as being something separate from keeping our computers secure.

Nothing could be further from the truth.

To mis-quote the cereal commercial: backups are an important part of a healthy, secure breakfast.

Become a Patron of Ask Leo! and go ad-free!


Backups ARE Security

Backups can save you from malware as well as hardware failure and user error. When used properly, backups also provide you with a safety net from even the most destructive of malware: ransomware. Backups are an important part of your overall security.

Recovery from failure

Backups are a great way to ensure you’re protected from hardware or software failure or even your own mistakes.

  • If your hard disk fails unexpectedly, restore from a backup image.
  • If your software corrupts a file, restore it from a backup.
  • If you accidentally delete a file, restore the most recent copy from your backup.

Online or offline, the drill is the same: when something goes wrong, rely on your backup to save you (or at least reduce the impact).

But wait, there’s more!

Recovery from malware

Backups — specifically image backups — play a key role in your overall security.

  • If malware infects your system, restore from a backup image taken prior to the malicious software’s arrival.
  • If malware corrupts a file, restore it from a backup.
  • If malware deletes files, restore the most recent copies from your backup.

No protection from malware is ever 100% safe. We’re all at risk. A proper backup dramatically reduces the impact of malware that does make it through.

With a full-image backup, malware becomes an annoyance instead of a disaster.

Recovery from ransomware

Ransomware is just malware.

Everything I’ve listed above about malware applies to ransomware.

  • If ransomware infects your system, restore from a backup image taken prior to the malicious software’s arrival.
  • If ransomware encrypts files, restore the most recent copies from your backup.

Yes, it is that simple.

And yet…

“But ransomware can encrypt backups!”

That’s no reason not to back up.

People still die wearing seatbelts, but that’s no reason not to buckle up.

You’re less likely to die wearing a seatbelt, and you’re less likely to be affected by ransomware if you have good backups.

Here’s why:

  • Not all malware is ransomware. Your backup still protects you from those.
  • Not all ransomware encrypts backups. Your backup still protects you.
  • Many backup tools now take steps to protect your backups from ransomware.
  • Backups kept offline are out of the reach of ransomware.

And again, ransomware is just malware. Malware that is not ransomware that deletes backups has been around a long time. Same issue. Same solution.

You’re safer with a backup than without.

“So I’ll disconnect my backup drive when I’m not backing up.”

I recommend you do not disconnect your backup drive.

That’s like saying you’ll only put on your seatbelt when you know you’re going to be in an accident.

You just don’t know.

By keeping your backup drive connected, you can automate the backup process so you don’t have to think about it, much like making your seatbelt an automatic habit when you get into the car.

Having a backup process work without needing your intervention is more important than worrying about the backups themselves being encrypted by ransomware. If you have to initiate a backup to make it happen, it won’t happen.

You will forget.

And you’ll be left without a current backup, even when you need it for reasons other than ransomware.

Do this

Adopt the mindset that your backups are an important part of your security strategy.

That means:

  • Automate periodic backups, ideally daily and/or continuously.
  • Leave your backup drive connected. If you’re worried about ransomware encrypting your backups, you can take one or both of these steps.
    • Use a tool that protects your backups. Macrium Reflect’s Image Guard feature is one example. There are others.
    • Periodically copy your backup offline. Yes, this is a manual step that you might forget, but it’s safer to forget this than to forget backing up completely.
  • Use online backup services. Many, like Dropbox or OneDrive, have the equivalent of a Recycle Bin as well as additional protections for ransomware.

Above all: back up. Someday, somehow, you’ll be very glad you did.

Now sure how? Start here: How to Back Up Windows 10 (& 11).

Podcast audio


12 comments on “Backups ARE Security”

  1. Periodically copying your backup to a drive that’s not permanently connected to your computer is having the best of both worlds. The farther away from your computer you keep the copied backup set, the more secure it is. If it’s always plugged in, it’s subject to electrical spikes and malware. If it’s in the same house but not in the same room it’s safer against robbery. If you keep a copy with a friend or relative, you are protected against fire and flood damage to your home.

    And as Leo recommends, OneDrive, Dropbox, or other cloud storage are great offsite backups for your data. I moved my Documents, Pictures, Music, and Videos folders into my OneDrive folder. I, generally, only use my system image backup to restore my entire system. I use my cloud storage to restore individual files.

    Cloud backup service like Carbonite or Backblaze are great if you don’t know what to backup. If you know your way around your computer, OneDrive or Dropbox gives you more control and can back up things Carbonite or Backblaze might miss, such as your email folders and files saved in non-standard locations. Bur unless you know the location of the folders you want to back up, online backup services might be the more effective solution.

  2. As a Macrium Reflect and Macrium Site Manager user and partner, I endorse your recommendation to use the Macrium Image Guardian feature to protect your backup image from malware. You can use local, network, or cloud targets for your Macrium backup target. For the cloud, I recommend Wasabi and am a Wasabi partner network member. Note you can mount your Macrium image as a disk drive and copy just the files you want from the image back to your local disk storage. I would not consider OneDrive or Dropbox as backup tools, but it could be better than nothing if you are not making a real backup.

  3. What is your opinion on services such as Carbonite for a back-up service? I realize that Carbonite is only for files, not the programs.

    • Carbonite was founded by Jeff Flowers and David Friend, who sold that business and started the Wasabi “hot cloud” data storage service, an AWS S3-compatible object store with no data egress fees. The Backblaze founders are still operating their storage business, providing you with the software you need to send your backup to them, like Carbonite. In general, off-site backup storage depends heavily on your internet connection speed which can be an issue depending on how much data you need to restore. That said, off-site storage does fit the 3-2-1 backup principle for storing 1 copy of your data off-site in an encrypted or immutable manner.

    • I prefer local hard drives as a first defense, but honestly — the best backup is the one you’ll actually use. Carbonite, as I understand it, can be pricey, but it’s got a good reputation.

  4. Twice, I royally messed up files on my computer, and twice, my backups saved the day. All I had to do was copy the backups onto my computer, rather than having to start from scratch and try to re-build my digital life! I keep one hard-drive plugged into my computer, and I backup up the “Documents” file daily. Each week, I back up the rest of my files, and store those hard-drives off-site. Thanks for everything you do, Team Leo!!

  5. Thnx to Leo’s urgings/warnings/beseechings over years, I got aboard Macrium Reflect as a means for periodic image backups plus automatic Backblaze uploads (which saved my bacon when Microsoft “support” wiped out everything). Both are super easy to use. I like easy.

    Question: how often do you recommend updating the bootable Macrium Rescue program which resides on a thumb drive, almost 2 yrs old?

  6. @joel albert,

    The current version of Macrium Reflect is 8.x. If you created your Macrium Rescue media using the current version, you should be good to go until they move to version 9.x. If you created it using version 7.x (or earlier), you should probably re-create it using the current version so you can recover your images using the version they were created with. I’m no expert on Macrium Reflect, but I update my rescue media when a new version is released in the event anything has changed in how the images are created/restored.



  7. keep harping leo :) i was pretty lax about backing up until you convinced me – i now back up my ssd daily with the free macrium reflect differential and weekly with a full backup to a secondary hdd as well as a full backup monthly to my nas with weekly differentials

    the real reason i am writing today is the ssd (wd blue 1tb – only a couple years old) was starting to freeze up then failing to reboot until i powered off and waited a few minutes – i replaced it with a samsung 870 evo and, using my macrium backup and rescue media, i was able to restore my system almost immediately and effortlessly

  8. khfonline: I currently use the paid version of Macrium Reflect to do image backups of my Windows 10 system drive C: and my data drive D:, each to a separate portable hard drive. I do the system drive backup both before and after the monthly Windows updates, and do the data drive backup every few days. I do *not* keep the portable hard drives connected to the PC. I also use iDrive online backup to back up my files daily. If I work on a file to which I make extensive edits, I back those up immediately with iDrive. I have iDrive set up to back up once in the early morning—not continuously. If I work on a newsletter over several days, I keep that file in my Dropbox folder so that every time I make a change and save the file, it automatically gets copied to my online Dropbox account. Once I finalize the newsletter, I copy that file to a newsletter folder, back it up with iDrive and delete it from the Dropbox folder a few days later.

    So yes, I would use an online backup service if I were you since it does provide another backup that is also offsite and automated.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.