Three strategies for better backups
Data Protection
To protect your data, you need to do more than schedule regular backups. Here are three often overlooked strategies that can help make your backups more accessible, secure, and reliable.
From rsync and rsnapshot to Bacula and Déjà Dup, Linux has no shortage of backup applications. You can even find basic suggestions for a backup strategy such as Ubuntu’s, which include such basics as storing at least one backup off-site. However, these suggestions are usually incomplete and occasionally misleading. As my own backup strategies have evolved, I have found three strategic considerations that are often neglected but can greatly affect a backup’s accessibility, security, and reliability.
Choose an Appropriate Filesystem
Most external drives come with NTFS or exFAT filesystems, so the users of recent Linux distributions can use them out of the box. However, thanks to parted and its desktop counterparts, reformatting an external drive takes only a few minutes, and users have no shortage of filesystems to choose from (Figure 1).
For reliability, the standard ext4 filesystem is hard to beat, but for a backup accessible to others, you might want to choose another one unless you have a Linux technician within reach. FAT32 will work, but it is slow and inefficient by modern standards. NTFS, of course, is a Windows standard and has the advantage of Linux-like features like permissions, journalling, and encryption – although if accessibility is a priority, encryption is probably not the best choice. ExFAT is open standard and fast, and a backup using it should be accessible from most operating systems, but it has no built-in security. Which you prefer depends on your priorities. However, if you use multiple drives for backups, you might consider using more than one to spread the odds.
Encrypt and Split Backups
While cloud storage is popular, it depends on faith. Users are rarely in the position to evaluate cloud services and can only assume that the providers store data securely and privately. In some cases, that faith is justified, but in 2022, the Thales Cloud Security Report, found that 45 percent of businesses have experienced a cloud-based data breach or failed an audit in the past 12 months – an increase of 5 percent over 2021.
Short of avoiding cloud services or setting up a private, self-hosted server like those offered by Nextcloud, you can solve this problem by using the security principle known as least authority, which means that service providers should be given the least control possible over their customers’ data. This goal is accomplished at a minimum by storing only encrypted files in the cloud. Better still, Tahoe-LAFS (Least Authority File Store) divides uploads into pieces and defines how many pieces must be present to recover them. The pieces can reside on multiple servers and external drives, making a security breach almost impossible. For added security, Tahoe-LAFS can also administer the pieces anonymously using Tor. Like any software, Tahoe-LAFS has vulnerabilities and bugs, and it can't prevent the hardware that is storing your data from being stolen. All the same, Tahoe-LAFS offers the highest security in the cloud that is currently available.
Invest in Military-Grade External Drives
Hardware manufacturers usually display the cheapest external drives prominently. On Amazon, for instance, several pages of results pass by before quality drives are listed – which means that many buyers make a decision before they even reach these drives. If you are looking for reliable backups, these cheap drives (Figure 2) are a problem, because, at best, they are only slightly more reliable than flash drives, with neither being designed for long-term storage. The cases are thin plastic, and the USB port is exposed. As long as you do not move a cheap drive, it might remain workable. However, if you drop it or even move it carelessly, the drive can become disconnected from the case. Often, transferring the drive to another case can restore functionality, but some manufacturers such as Seagate sometimes use a proprietary connection to the case; once the connection is shaken loose, the drive becomes a permanent brick. As a result, you can quickly discover that what you thought was a reliable backup is itself unrecoverable without an expensive trip to a data recovery expert.
The difference between a cheap drive and military-grade external hard drive is like the difference between a phone without a case and one with one – only more so. A military-grade drive (Figure 3) is obvious immediately by its extra padding and sealed USB port, as well as its extra weight, which can be twice as heavy as a cheap drive. A military-grade drive looks like a bulky mutant. More importantly, its military-grade designation means that it can take far more rough handling than a cheap drive. Specifically, the drive has been tested and meets the MIL-STD-810G standard or – better still – the more recent and thorough MIL-STD-810H standard. To meet either standard, a drive must pass over 29 physical tests, including:
- Low pressure
- High temperature
- Low temperature
- Temperature shock
- Fluid contamination
- Solar radiation
- Rain
- Humidity
- Fungus
- Salt fog
- Sand and dust
- Explosive atmosphere
- Immersion
- Acceleration
- Vibration
- Acoustic noise
- Shock
- Pyroshock
- Acidic atmosphere
- Gunfire shock
- Temperature, humidity, vibration, and altitude
- Icing/freezing rain
- Ballistic shock
- Vibro-acoustic/temperature
- Freeze/thaw
- Time waveform replication
- Rail impact
- Multi-exciter
- Mechanical vibrations of shipboard equipment
Some drives are advertised as military grade without external testing, which may be acceptable. However, before relying on these drives, you should research the drive on Consumer Reports, any in-house documentation, and the Trusted Review site, which lists certified hardware. You may also be able to transfer a cheap drive to a more protective case and use a protective storage bag. However, drives that pass testing are the most reliable, such as those made by ADATA, LaCie, and Transcend. Typically, military-grade drives will cost $30-50 more per terabyte than the cheaper ones, but if your backups matter to you, the difference is a small price to pay.
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.