logo

Practical Computing Advice and Tutorials

Tue: 23 Jul 2019


Site Content

Programming
&
Development


Technical Knowhow


Command Line Interface


Security

Data Backup

Data back-ups are easy to do and in many cases are apart of cloud based automatic systems. Just as with cloud based password managers, cloud based data back-ups can be insecure in so much as, if you can 'recover' a forgotten password, the chances are that the service provider will have access to any data that you store with it, encrypted or not, so the only way that you can guarantee that your data can't be accessed by anyone else is to secure it before you store it.

A Back-up Tool

Although there are many solutions one can use, I'd like to recommend DSynchronize by Dimitrios Coutsoumbas (A.K.A Dimio). I'm using v2.30.7, but there's an updated version on this web site:
http://dimio.altervista.org/eng/dsynchronize/dsynchronize.html

The reason I recommend DSynchronize is because I can't recommend stuff that I've not used, and this is a brilliant app. I'm not keen on the newer version, which is why I'm still on v2.30.7, but the newer version may offer even better options, of which there are many. It's a MS Windows app and I can't see anything that suggests he'll be developing this for other platforms, but support Dimio (he's got a few other things on his site that may be of interest) by dropping him a few bucks for his work.

For an inexpensive on-site storage solution, you could follow my Raspberry Pi Project and then use DSynchronize to perform automatic back-ups at a time when your computer is going to be idle, as DSynchronize has built-in timer functions for just that kind of scenario. DSynchronize can be set to report its activity to a log file, which is well worth doing for unattended back-ups; just remember to check the log.


Data Encryption

The tool that I'd recommend you use to encrypt your data before you send it to a cloud based service is TrueCrypt. Steve Gibson (of https://grc.com) hosts a repository from where you can get the final release (v7.1a) of this very good and secure encryption tool. There you'll find all the information you could ever need about this tool, including a 150 page PDF User Guide. I'm sure you'll be able to find TrueCrypt elsewhere, but I would not recommend that you get it from anywhere other than the GRC site. That said, I note that S.G has a link to this site [http://andryou.com/truecrypt/index.php], the details of which you'll find on the GRC site.

Note: Do not use any version other than 7.1a.

If you're not prepared to take the responsibility of encrypting your data with the knowledge of, if you forget your password, you've lost your data, then don't use it; simply back-up your unencrypted data to a service provider and run the risk of it being compromised.

So, for the 'adults' among us, there are a few ways with which TrueCrypt can be used and it's all detailed in the User Manual, but for encrypting your files before sending them off-site and out of your control, the Encrypted File Container is possibly the best option. This will create a blob of data that can only be recovered by using the key that you generate; as I've said, lose the key, lose the data!

The Password Safe app that I've mentioned on this site (see: passwords) is perfect for keeping such a valuable key as this, safe, and once you've encrypted your documents and data, you can safely use whatever service provider you choose, safe in the knowledge that nobody will be able to get at it without first getting your key.

Remember, you don't have to use an on-line service, you could simply burn your encrypted data to a DVD and entrust a family member or a good friend with the DVD, or an External Drive of some kind. It matters not, just so long as it's not in the same location as your computer, the idea being that, if you have a real disaster and lose your computer system, you know that you've a recoverable back-up. Of course, you'll have to manage things yourself, but that's the trade off between convenience and security.

To perform a self-encrypted back-up of your data, may require you to do a little reorganisation and think about the data that you want to have encrypted: you possibly don't need to have all of your documents encrypted.

With TrueCrypt it's easy to create an encrypted container which can be mounted as, and used as a regular storage device. You can then simply keep all of your sensitive data in that encrypted container and work with the files directly from the container, the files being encrypted and decrypted on-the-fly. Working in this way ensures that your data will only ever be in the clear while it's being worked on; the container can be stored together with all your other documents and backed-up along with them. You'll have to remember to un-mount any TrueCrypt Drives before you perform a back-up, because the container file is 'locked' while it's mounted, so the back-up of the container file will fail if it's still mounted.

If you don't have an off-site back-up, then you're only ever going to be safe from a system failure, but it's better than having no back-up at all.