minimum backup rules
if you currently don’t backup your files these rules will avoid file loss from:
- your disk failing
- a house-fire where you lose everything
- theft
if you keep your files only on the cloud then you could lose files to:
- your online backup service “losing” your files
- a sync issue with your cloud service resulting in file loss
to be confident you won’t lose your files you should maintain:
- three total copies of data (your working version and two backups)
- one off-site copy (usually an online backup with a cloud provider)
cryptomator is a foss way to keep your online backups encrypted
with it you can focus on price & speed; not about a backup service’s privacy claims
- the two local copies should be on two different disks
consider doing one of your backups in a ransomware safe way
any backup that is not read-only and is constantly connected is vulnerable
an easy way to guard against this type of attack is to keep a backup on an external drive
- to start, do a weekly incremental backup of your files to the external drive
incremental backups are way shorter; look up how to do them on your operating system
one option on windows is this (be aware it may be phased out; windows sucks)
- next, pick a method to avoid the drive being overwritten along with your main drive
- for the most security (at the cost of being rather inconvenient):
- air-gap the pc while connecting the external drive by:
- before connecting the drive, disable internet on the pc
enable internet again after disconnecting the drive
- keep the drive disconnected except for when doing air-gapped backups
- for more up front cost, but more convenience, use two external drives
alternate them, doing a backup on one every other week and on the other the weeks between
if ransomware encrypts your files during a backup, you only lose an extra week of files
- of course, you can just use the one external drive
if you are sure you can be attentive to not do anything risky while the drive is connected
no downloading new things, clicking sus links, etc.
- finally, there are ways of setting up automatic, ransomware safe backups
these methods usually require some technical skill or a paid service