Threat Level: yellow Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Tip of the Day - Backup and Backup Management for Home or Small Business Users

Published: 2006-08-12
Last Updated: 2006-08-13 04:04:43 UTC
by Koon Yaw Tan (Version: 1)
0 comment(s)
As home or small business users, do you back up your data regularly? If no, why not? Too troublesome? No idea how to do it? Or simply what is backup?

To back up data is simply making additional copy of the data which may be restored if the originals are damaged or lost.

Why do you need to back up your data?
This is important as data will be lost if your hard disk crashes. Consider yourself lucky if you have not experienced this before. Even if the hard disk is not crashed, data could still be lost due to loss/theft of laptop or data corruption (accidentally or cause by malware or ransomware).

Here we are not covering how to manage backup for large enterprise because it can get quite complex, so we will just focus on home and small business users.

There are basically three types of backup:
* Full backup: All data is backed up.
* Differential backup: back up the files that have been modified since the last full backup.
* Incremental backup: back up all the files that have changed since the last full or incremental backup.

What to backup?
Of course is your data, especially those that you created/authored. For applications, you can still install them back, but you will be freaky frustrated if you lost your own documents. If you have no backup storage issue, you can backup everything. But important is to ensure your own data is back up first.
 
One point that you need to consider is the protection of the media that contains your backup data. If the backup data is sensitive, you may want to consider encrypt them. Otherwise, ensure you have a good physical protection for your backup media.

How to back up?
For windows users, the easiest is to just copy out your data to another physical media. A neat way to do this is to create one folder that stores all your data. You then just need to copy out the whole folder as your backup. Windows also comes with a Backup tool which you can consider:

Start > All Programs > Accessories > System Tools > Backup

For Unix, you can consider using tar, dump or dd as your backup means. Each has its pros and cons. If you just want to back up your data, one simple way is to use tar to copy your data out. For example,

cd to your mydata directory (assuming mydata directory contains your data)
tar -cf mydata.tar mydata

Where to back up?
Note that the backup data must be on a different physical media. If you have two drives (C: and D:) but both are on the same physical disk (in simple word, you have only one hard disk), back up (or copy) your data from one drive (say C: Drive) to another drive (say D: drive) is not considered as backup, since all your data will still be lost if your single hard disk crashed.

The backup media could be:
* Another separate hard disk (but beware this hard disk could be crashed too)
* CD-R, CD-RW
* DVD-R, DVD-RW
* Magnetic tape (more for small business than home users)

For small business users, you may want to consider offsite storage for your backup media. This is particular important as part of your disaster recovery plan.

How frequent should you backup your data?
It depends. If your data changes frequently, you should consider weekly backup (or even daily backup). Otherwise, monthly backup is a good start.

Backup data is useless if you don't know or can't restore them. Recovery is as important as back up. You should test out and verify that you are able to restore your backup data on a regular basis.

Lastly don't forget to document on what, how and where you backup your data. It is useless if you forget how and where you have stored your data and not able to retrieve your data when you need them most.

Besides achieving the purpose of availability (of your data), backup data could also be used as a form of regaining/checking the integrity of your data.

Earlier, one of our readers (James) has sent us his tip on backup to address the integrity of the systems/data:

I had a network environment that challenged just about any tools by the sheer number of web servers, domains, subnets and administrative passwords.  Not all systems had anti-virus, and the ones that did have it could not always communicate back to let us know what it found.

But one thing we did have was a common backup architecture to make sure no data was ever lost.  This turned into an excellent way to perform analysis for artifact files across the environment by searching the index files for files that are known artifacts of compromises.  We were also able to use it to check that system installations met build standards regarding directory structures.

Many companies have full system backup capabilities long before they have full systems management capabilities through agent-based management and/or AV.  The back up system index files are a resource in understanding the systems on the network.

If you have any additional tips on this topic that you like to share, please send them to us.

Update: Tips from our readers.

Note: Usual disclaimers apply.

1) Cobian Backup for Windows
Further to the advice on backups for home users/small businesses, I can recommend a Windows "beggarware" (make a donation if you like it to encourage further development) utility called Cobian Backup that knocks spots off Microsoft's Backup.  It is simple to configure automatic, regular full, incremental or differential backups on a single machine, plus it works over the network i.e. each of the machines on the office LAN can backup to a single machine, and from there I can backup to separate media (USB hard drives, USB memory sticks, CDs and/or DVDs in my case).  See www.cobian.se for info.

2) Rsync for Unix (from our reader Ned)
In addition to the unix backup options you mention, I'm a huge fan of rsync for incremental backups. Despite being primarily designed to sync remote directories on the net, it also works great for syncing directories on the local machine or remote clients if their directories are mounted. For example, even Windows clients may be smb mounted on a *nix server and incrementaly backed up in this manner, and the whole process automated in a cron job.

Keywords: ToD
0 comment(s)
Diary Archives