In the digital age, safeguarding data has become very important. Whether it’s cherished memories, important documents, or sensitive information, losing data can be a major problem for both personal reasons (e.g., irreplaceable family photos) as well as business reasons (e.g., customer data, data breach).
There are two popular ways to backup your files. One, backing up your files to your own hard drives, and two, backing up your files to a remote location (e.g., cloud storage). Which of these two are best for your needs you ask?
In this blog post, I’ll explain the and pros and cons of these two approaches (self-hosted vs. cloud storage) and help you make an informed decision.
Using your own hard drives for storing your backups provides complete control and customization at the cost of time to setup and manage. Here’s a breakdown of the pros and cons:
- Total Control: When you store your own backups, you have complete control over the storage environment. You decide the hardware specifications, security measures, and software configurations for your backups.
- Privacy and Security: Storing backups on your own gives you more control over data privacy and security. You can implement encryption, compression, backup automation (your own automation or paid software) and anything else you may need.
- Cost Efficiency: Over the long term, self-hosted backups are almost always more cost-effective, especially if you have a large amount of data to back up. If you require more than 1TB of disk space, rolling your own backups is going to be less costly in the long run.
- Technical Expertise: Setting up and maintaining a proper self-hosted backup environment requires technical knowledge. You’ll want to have a separate computer dedicated to hosting your backups. This will entail needing to manage software updates, security patches, and troubleshoot any issues that arise (e.g., failed backup hard drives; trust me, this will eventually happen in the long-term).
- Resource Management: You’re responsible for managing the backup server’s resources. This can become complex as your backup needs grow. You will need to have some kind of alert letting you know if a hard drive is near full, so you can plan accordingly.
- Physical Security: Hosting your own backups ultimately means you are responsible for the physical security of your backups. If anyone can just walk up and steal a backup hard drive, you have greater problems to worry about.
Cloud Storage: Convenience and Accessibility
Cloud storage services like Google Drive and Microsoft OneDrive offer convenience and ease of use at the expense of flexibility and control. Here’s a look at the pros and cons of cloud storage:
- Simplicity: Cloud storage services are user-friendly and require no technical expertise to get started. Most tasks, such as uploading, organizing, and sharing files, are straightforward.
- Accessibility: Your backups are accessible from any device with an internet connection. This accessibility proves invaluable, especially in situations where you need to retrieve data urgently.
- Automated Services: Many cloud storage platforms offer automated backups, ensuring that your data is continuously and seamlessly protected without manual intervention.
- Cost Scaling: While cloud storage is convenient, costs can increase as your storage needs grow. Monthly subscription fees can add up, making it potentially more expensive over time.
- Dependency: Relying on a third-party service means entrusting your data security and availability to that provider. This can raise concerns about data breaches and service outages. (Encrypting your data on your computer before uploading to the cloud storage is highly recommended.)
- Limited Customization: Cloud storage services provide a proprietary environment, potentially limiting your ability to customize the storage infrastructure according to your specific requirements.
The decision to self-host or use cloud storage for your backups ultimately depends on your individual needs and priorities. If you value control, customization, and have the technical know-how, a self-hosted backup environment might be the right fit. On the other hand, if convenience, accessibility, and automated services are crucial, cloud storage could be more suitable.
In some cases, a hybrid approach might be the optimal solution, combining the control of self-hosted backups with the convenience of cloud storage for redundant backups. Whichever way you choose, remember that the key to effective backup strategies is consistency, security, and regular testing of backups.
Personally, the hybrid approach is my favorite method, since I can quickly restore from my backup, since I have it local, but I have the reassurance that if my local backup gets destroyed (natural disaster, drive failure, etc.), I have (encrypted) copies of my data in cloud storage just in case.
Also, as I previously mentioned, please keep in mind to always (where possible), encrypt your data before uploading your data to the cloud. Otherwise, you risk someone at one of the cloud storage’s data centers snooping through your files.
Posted in Cloud, Computers, Internet and Servers, Security, Software, Tips & Tutorials
For the last few years, cloud storage has become popular as a means to backup an individual’s / business’ files, important documents, photos, digital rolodexes (e.g., people’s names, numbers, email addresses, passwords), projects, etc.
Unfortunately, the masses assume their files are secure just because “a large corporation is running the cloud service” or even because “nothing yet has happened to my files”. There are steps you must take to protect your data, and not just relying upon the cloud service to do this for you.
- You must make sure the password to your cloud storage is a good one. Having a bad password that is easily guessed does you no good.
- It is good practice to use a password manager (preferably offline) and generate passwords with a combination of lowercase, uppercase, numbers, and symbols.
- Some people will combine words together for their password. This is not as secure as the above method, but is better than nothing.
- Never write down your password. That is a good way to get it stolen.
- Enable 2-step authentication (if available) for logging into your cloud storage account.
- This is a very good method to stop most hackers dead in their tracks. Most will not have access to your phone or email to receive the 2-step authentication request, so they will not be able to gain unauthorized access to your account.
- Always encrypt your files before uploading them to your cloud storage.
- Several file compression software can encrypt files for you. You just need to provide a password.
- 7-Zip can create encrypted / compressed archives using the AES-256 algorithm (symmetric encryption; this means you use the same password to both encrypt and decrypt the archive).
- It can even encrypt the file names inside the archive too, so no one can try to guess what is in the archive by just looking at the file names, even if they cannot access the data.
- I know cloud storage companies claim to encrypt your files. The problem? They have the encryption keys, so they can decrypt your files whenever and snoop.
- Even if the storage service does not have a secret policy to snoop through their customers’ files, rogue employees could still do it without the management’s knowledge.
- Imagine if someone uploaded a text file with their bank information on it (never do that!), and it was not encrypted before being uploaded to the cloud storage? A disaster waiting to happen.
- Always have at least two backups of your information. Never rely upon just one cloud storage company to backup all your data.
- If you must, you may buy a hard drive to backup your data to once a week (or whatever works for you), and place it somewhere for safe keeping (basically, cold storage).
Posted in Cloud, Computers, Internet and Servers, Security, Tips & Tutorials
If you have a personal or small business website that you wish to secure via an SSL/TLS certificate, you can use Let’s Encrypt to do it for free.
It used to be when you needed web encryption for your website, you had to go to a certificate authority and pay for one. What is worse, the certificate would have to be renewed every so often. It depended upon how many years you paid for in advance.
If you opted not to renew your certificate, your web visitors would see a scary message telling them “Your connection to the website is not secure!”.
Technically the “your connection is not secure” message is incorrect. An expired certificate can still secure your connection to a server, assuming you have not enabled HSTS for your domain. It’s only that the web browser – and other software – will no longer “trust” the certificate because it has expired.
Some services give their users a user-friendly option to setup a Let’s Encrypt certificate for their website. However, for people like me with custom setups, we must use other less user-friendly solutions.
If you are interested, here is the “Getting Started” link: https://letsencrypt.org/getting-started/
Posted in Computers, Internet and Servers, Security, Software