Securing and Backing Up Your Data

I'm sure you've had this experience: you flip open your laptop and it doesn't boot up. You drop your phone and it won't turn on.

You pause for a second... "is any of my stuff backed up?"

It wasn't until this happened to me (my hard drive almost fried) that I started taking backups seriously. Security and digital backups are one of those "important not urgent" things it's easy to forget about until it's too late.

Here's my take on how to think about backing up your digital world and making sure others can't get access to it.

Security & Privacy

Assume all of your private information—SSN, address, password, phone, etc—will be public at some point. It's only going to get easier to hack into large systems.

Why? Here's one example.

Each website requires 100s or 1,000s of software packages downloaded from across the internet in order to run. If just one of them gets hacked or has a vulnerability, it's relatively easy for a hacker to scan the internet for all websites using that package and attempt to break-in. This sort of hack happens often. 

Still think I'm crazy? Plug your email into this site.

The good news is, if you setup your digital world correctly you can easily be immune to these hacks:

  1. Make sure any single password isn't that important
  2. Make it challenging or impossible for anyone to login with just a password
  3. Setup automated alerts when someone else is acting on your behalf

Backing up Your Digital World

Thanks to Time Machine and WiFi iPhone backups, it's gotten much easier to backup your data. For most folks, a time machine backup against an external disk is probably enough. 

However, my computer contained everything to run my business for many years so I took my backup game up a notch.

Here's how I think about backups:

  • You should assume something bad is going to happen. Your computer will break, your external hard drives will die, a virus will wipe your disks, or someone will steal your computer. Hopefully, none of these things ever happen, but planning as if they will happen is the safest approach. 
  • The time it would take to recreate a single important file is more costly than ~decade of storage costs. In other words, don't try to save a couple bucks by not backing up your files. 
  • Disk space is cheap. Wether cloud or external drive space, it's worth paying another $100/year to have enough space to never worry or think about losing data.
  • Eliminate a single point of failure. A time machine backup is great, but what if someone comes in to your house and steals your electronics? Or a baby spills water all over your laptop and hard drive? I want my data to be safe if my entire house burns down. 
  • Make it easy and automated. I want to set my backup strategy up once and never think about it again.

My Toolbox

So, how do we get this done? First, here are the tools you'll need:

  • 1Password. This is, by far, the most important part of this toolbox. I've used 1Password for many years and it's awesome. Gets better without fail year. It's a paid product, but it's worth every penny. I store passwords, credit cards, personal data, etc in this. Yes, it's safe to store all of your data in your 1Password vault—lots of articles out there explaining why. 
  • Arq. Backups data on your computer (and other attached devices) to cloud storage. Supports lots of different storage options, including Amazon Drive. It's a paid product, but it's not a subscription service.
  • Amazon Drive. My prime membership has free photo storage, and their storage tiers beyond photos are very cheap ($60/year for 1TB). I don't use it for document storage/sharing, but it's great for backing up data.
  • 1TB external hard drives for my wife and I's computer for Time Machine. Those that don't have an external power source are more convenient. 
  • Google Drive. I use this for any non-media documents. 
  • GitHub. For code. I store all of my projects in ~/Projects.
  • For the technically inclined, documenting your configuration in a dotfiles repo is a great way to backup config or preferences that may be skipped by Arq.

Building Your Backup System

Next, you'll want to setup your backup system:

  1. Setup the Amazon Photos app on your phone. Setup the app to automatically backup all photos and movies. 
  2. Setup WiFi iCloud backups on your phone. Disable photo backups via iCloud to avoid running out of space super quickly. 
  3. Don't try to organize old files, and keep your workspace (i.e. Desktop, Download, Document, etc folders) organized. If you find old files are piling up, group them into a "May 2020 Documents" folder and throw them on an Archive folder on your external hard drive (if you need more space on your primary machine)
  4. Setup DropBox & Google Drive sync apps. If you have multiple Google Drives, use InSync to sync them to different folders.
  5. Setup Time Machine against an external hard drive. 
  6. Setup Arq:
    1. Add your Google Drive & DropBox folders.
    2. Add places you put files outside of cloud storage tools. For me, that's Desktop & Downloads.
    3. I put all of my GitHub code in ~/Projects. This approach works for any non-media "project" files—put them all in a common directly and back the whole thing up.
    4. Add any external drive folders that contain files that aren't on your machine's drive.
    5. Connect to a backup destination. I use Amazon Drive.
    6. Setup a daily automatic backup. 

Here's what my Arq configuration looks like:

 

Some notes & caveats:

  • I don't have any on-disk music or video files. This approach should still work if you have a lot of media, but you'll want to think about what videos & audio you really need to backup to Amazon Drive to limit your backup costs.
  • Keeping an external drive connected to your computer isn't really practical. I haven't connected my external drive to my laptop in a couple months, which isn't great. The easy way around this is buying a drive that connects to the network.

Securing Your Data

Now it's time to secure your data! Here's what to do:

  1. Setup 1Password on your phone and computer. Store every password you ever use here. 1Password will magically identify passwords that are insecure or have been leaked out to hackers. This makes it really easy to incrementally eliminate insecure passwords. 
  2. Use a unique password for every login. Do not use the same password everywhere. 1Password will generate a beautifully random password for you automatically if you install the Chrome/Safari extensions (which you should do)!
  3. Setup Two Factor Authentication (2FA) on all important sites. This includes Google, Amazon, banks, investment accounts, etc. Yes, it takes a couple minutes to setup, but it makes it much more challenging for someone to hack your account.
    1. 1Password can actually be your 2FA device (as opposed to using your phone). If you add a "one time password" field to the 1Password entry, a scanner will pop-up on screen. You can put that scanner over the QR code and boom—your 2FA codes will exist in 1Password. 
  4. Review your Google, GitHub, DropBox, etc account connections each year (don't forget!). It's very easy to grant permissions to a 3rd party app which are larger in scope than you thought when you clicked "ok".
  5. Printout your 1Password password each year and put it somewhere super safe. This protects against 1Password going down, or something else horrible happening to your computer or the internet.

Monitor & Lock Your Credit

It doesn't hurt to lock your credit and setup some simple monitoring. Here are the three credit unions where you'll need to lock your credit:

I've found that CreditKarma is a great service for monitoring your credit score & activity.

As with most of these posts, they are mainly written so I can document and improve my thinking. If you have any critiques or ideas, I'd love to hear them.