How to backup computer data

At last, perfect replacement for Outlook Express and Windows Live Mail is available, called OE Classic - Click here to download!

At OE Classic we care a great deal to keep our data safe, but we also care to teach you of our best practices so you can learn from us. So with this short introduction, here is how we handle our data backup – an info you can use to do your own data backups.

First of all, we separate our data into critical and non-critical. Critical is something where we would quickly go out of business if it was lost. An example of such a thing is OE Classic source code. This is separated into special folder (with appropriate sub-folders). Everything else is non-critical. If non-critical data is lost, it can be found somewhere, purchased or rebuilt in a short time. These are mostly purchases we did. The separation keeps the amount of critical data to the minimum so it can be distributed easier to more backup locations which plays an important role.

Note that we probably overdo our backups a bit – but – hearing so many horror stories of data loss and companies going out of business as a result of that – we cannot afford to lose data. Better safe than sorry. So here goes.

Critical data backup

Critical data is saved to a few different online cloud backup locations. Locations like – Dropbox, Google Drive, Microsoft OneDrive and Mega. Each of these cloud providers stores data in various data centers, located around the entire planet. This ensures data is located around the world. What we use this for is critical data such as OE Classic source code and other files very difficult to produce. The data is not left in plain-sight, it is always encrypted using heavy encryption and the key-code is always kept in an offline location with backup of the key-code in QR code format and plain-text on paper as well as in our smartphones. The location of all these servers is not always known to us but we do know that they are in various locations within the USA, Europe, New Zealand and Australia.

One of the most important aspects of a good backup is to have it in various locations and cloud made this extremely easy – if disaster happens in one location, it won’t happen in all. When I am talking about a disaster I think of – malware, hard disk failure, system being compromised by malicious attacker, as well as natural catastrophes such as earthquakes, solar flares causing EMP, floods, fires and so on.

As I already mentioned, the data is encrypted with our own strong encryption code. As it used to happen before the data from various cloud providers has been compromised, even if they used encryption. Leaving the data in the open is therefore not a good idea for cloud backup. If cloud storage provider is compromised – our data is safely encrypted and the attacker cannot do a thing with it except look at bunch of useless encrypted code which would take thousands of years to decrypt with the brute-force techniques and the given key-code length.

Local backup

Locally, we store data on backup hard drives. This is for critical and non-critical data. For this we use 2 small and light 2.5″ USB 3.0 hard disks. They are tiny, easy to carry around and thanks to USB 3.0 quick to do a backup. They are also very affordable and if one breaks it can easily be replaced. These two disks are kept at two different locations, one in the office and another away from the office at another location. If earthquake, flood, fire or anything of that kind strikes, at least one local copy should remain safe. Disks are filled and when filled – their location is swapped.

Server data backup

Our servers do automatic backup in a RAID array as well as regular automated backup of user database and we also do occasional update to our local/critical backup of server database. So we safeguard user data too, having in mind the purchase price means investment into our software or services.

DVD backup

Additionally, we keep a copy on DVD disks too, again encrypted for easily discarding the disks later when they are out of date. Optical media can survive EMP blast (coming from a nuclear attack or much more likely – solar flare), even if hard disks would not. And we’re thinking of making or purchasing a cheap Faraday cage to keep our disks safe too. As it appears Faraday cages are quite easy to make, it can be just a simple box wrapped entirely in aluminum foil or a metal cookie jar, as long as the disk is isolated from the conductive material. There are also readily available anti-static bags to purchase. More than good enough for protection purposes. Optionally, it can be grounded (even though there will likely be minimal difference in protection of the disk inside).

Of course, a few of the methods described above are on the paranoid side. But then again, if they are easy or practical to implement – why not – it is usually just a small change of habit.

Now when you’ve learned how we do backups at apply it to your own backups to keep your data safe!

Internet safety and how to protect yourself online – proven and reliable tips

At last, perfect replacement for Outlook Express and Windows Live Mail is available, called OE Classic - Click here to download!

I am quite often asked by individuals or companies how to protect yourself and your computer online – you know, the usual stuff – avoiding viruses, spam and such things. Often, the rationale is – “If I bought the computer and service from my Internet provider – it should all work flawlessly right?”

Well – not quite, the story is a bit more complicated than that. If you are not a car mechanic you don’t service your car – you leave it to professionals. But unfortunately, the perception is not the same with computers – just because you keep them in your bedroom doesn’t mean they are any less complicated to maintain and that you can use them carelessly without knowing what you are doing. You do need to learn to drive your car, don’t you? Well, computers are zillion times more complicated than driving a car but fortunately, there are some simple rules you can apply to make them easier to handle.

As a software publisher, security to our users is of utmost importance – so we have a set of rules you can all use to be safer when connecting to Internet (but also when designing software too). Here they are in arbitrary order and in plain language without too much technobabble.

  1. Use original software – Original software at least gives you a certain level of guarantee that the program hasn’t been tampered with (software developers and virus-makers are both engineers after all) and with pirated software you cannot be that certain. This doesn’t mean original software is any more secure if the authors don’t apply the security measures themselves.
  2. Apply software patches and updates religiously – especially if computer is connected to Internet or if the software is Internet-related. In Microsoft Windows this is called Windows Update and for Microsoft Office it is called Office Update. Many other programs from less known companies also have their own update mechanisms – use them! This also applies to online-software (blog software, forum software and similar). Also to bust one more myth – people often claim that Macintosh is more secure than Windows-based PC. Not really true – in fact, there are security leaks a few months old in OS X and still not taken care of. Similar goes for iOS and sometimes for Linux too. So if you paid it more that doesn’t mean it is automatically more secure. Windows are most popular but for this reason alone their emphasis on security is at higher level. I’m not advertising the use of any of these systems, just pointing the fact that software developers do need to patch their software too as well as their users.
  3. Use latest version of your Internet browser. These days any is really good and a matter of choice – IE 9 is as good as Chrome 17 or Firefox 10 (yes, I know about Safari and Opera too). Yes, there are differences, but they are all very competitive. When using the latest version you make sure you have all the security updates all the time.
  4. Use firewall and anti-virus (anti-spyware) program. Paid or free is a choice of yours but more often, paid has more advantages – and these guys are constantly into security leaks and patches. Use their wisdom. Companies I would recommend are Kaspersky, Norton 2012 products and the one I personally use – NOD32. As for free variants I like Avira – has some quite nice features but AVG or Avast are also quite good (I did not go too much into virus-detection charts as they change all the time). Note that they can’t be used as substitute to Windows Update – you still need to have fully patched operating system. Fortunately, with Windows and antivirus software – update mechanisms are very easy to use and completely automated. Firewalls on the other hand will stop software to send outgoing data unless you permit them to and with most of them you can do this on individual program level.
  5. Quick guide to less reliable software sources – Even though you should install software from reliable sources, sometimes you might need to install something from less known manufacturer. Note that digital signature doesn’t mean software is more secure – Gator Corporation for example had fully legit digital signatures while their software was installing spyware. Good way to install unreliable software is to use Sandboxie. The solution which I use myself is virtualization – a full operating system within isolated environment such as VirtualBox or VMware Workstation. The idea here is to install software in a controlled environment and not onto your main operating system. If the software or manufacturer proves to be reliable one, you can proceed to install it onto your main system, if not, you can easily remove it or restore virtualized operating system image to starting one.
  6. Read those “Do you want to…” dialogs… for God’s sake! Don’t just click “Yes”. I am always amazed how many spyware, toolbars and similar things are installed just because user doesn’t read whatever is offered on the screen. Do not install software if you are tired.
  7. Do not use unsecured or low-security WiFi – There is always someone listening to such connections – this is probably the easiest way to steal passwords. WEP encryption is easily broken, with WPA and WPA2 you are a bit more secure. But it doesn’t hurt to add additional level of security – make sure you always use HTTPS (secure) version of web sites if available (Facebook has it and Google has it and so do many others). Make sure you always use SSL/TLS-encrypted connections (for Email access, for Usenet access, for web access) wherever possible and available.

I tried to minimize this list as much as I could but security issues are not something that should be taken lightly and you should at least do those minimal measures I’ve covered above. Of course, me – as software developer has quite a bunch of others like – checksuming (MD5, SHA1), comparing binaries by content, compiling software in an isolated environment (like virtualized operating system), making a copy of installation file before running it for testing or storing it in non-compatible environment (for example Windows binary hosted for download on Linux host – where it can’t be executed) and much more – but I don’t think these should be presented to average user that just wants to use his computer without having to worry too much – after all, software can be very complex and needs to be as easy for the end user as possible.