Always Have a Plan B

  • Published
  • By Andrew G. Cosner, AFDW/A6 Cybersecurity Lead
  • Air Force District of Washington

  There’s a saying among cyber professionals: “People generally tend to put a good backup plan in place the day after they’ve lost all their data.” Unfortunately, what used to be a minor inconvenience can now lead to the serious loss of time, money, and energy trying to recoup critical information. In some instances, failure to keep accurate backups can even lead to criminal or civil charges. It has never been easier to keep an up-to-date archive, yet research shows that more than 30% of smartphone users have never backed up their data, even once. So why should you care, and what can you do about it?

  The first question is easy to answer: you should care because it affects you. Think about all the photos that have never been printed, and only exist in digital form. Think of all the documents you’ve stored. Think of every email you’ve ever sent or received. Now imagine them all gone. There are any number of reasons why they could be gone. Perhaps you’ve been the victim of a ransomware attack, where all of your data is encrypted and held hostage until you agree to pay the attacker for their return. Or maybe there was a fire, taking your home and everything in it. Perhaps it’s as simple as a surge in power at exactly the wrong moment, corrupting the discount hard drive the manufacturer installed to save some bucks. The bottom line is your memories, your documents, and your correspondence could be gone without a trace tomorrow, and you’d never see it coming. A good backup plan would have you up and running again in minutes, hours, or days depending on the size of the recovery. Without it, you’re starting over.

  The good news is that a personal backup plan doesn’t have to be expensive or complicated to be effective. You just have to remember a few simple tips:

1. Any plan is better than no plan at all. You can start small by simply copying your most important documents, pictures, or other files onto a removeable hard drive or flash drive. Flash drives are small and cheap, but also easy to lose and don’t store a lot of data. Removeable hard drives are more expensive, but may last longer and have the capacity to store a lot more.

2. Don’t store your backup in the same location as your computer. It won’t do you any good if your backup is stolen or lost in the same way as your original. If someone is going to steal your computer, they will likely steal anything small and handy around the computer as well. Increase your redundancy by keeping your backup at a friend or relative’s house.

3. Use backup software to encrypt your archive. The downside of keeping your critical data on a removeable drive and separated from your main computer is that you run the risk of someone else getting ahold of it. You can mitigate this risk by encrypting your data with a password that will be easy for you to remember, but hard for others to guess. All major backup solutions offer encryption standard, and if you are copying files manually, you can use BitLocker to set a password for the entire drive.

4. If all of the above seems intimidating, then outsource your solution. There are several reputable and economic companies that will, for a small fee, automatically backup your identified critical data into a secure cloud environment. While this may sound scary, it’s important to note that not even the employees of these companies can access your data without your password. These are professionals with a proven track record of protecting people’s privacy, as well as their peace of mind.

  There are no perfect solutions. No one can guarantee the absolute safety and security of the data you hold precious. The risk of loss will always exist in some form. But you can mitigate that risk down to insignificant levels by investing just a small amount of time, energy, or money. I once lost every picture I had taken on a three-week long adventure through a foreign country to which I’ll likely never return. That will never happen to me again. What will you have to lose before you take action?