Backups and distributed data

Two rules. (1) Every piece of data you own should have at least one backup, whether you think you need it or not. (2) Every piece of data that you own on a machine that you do not control should be stored encrypted; otherwise you do not own it…

Remember, it's not just the irretrievable data that will be a problem when you lose data. It's also the time lost restoring state that you can recover.

Just read an article about someone who kept their email on a popular webmail site. Their email disappeared without notice, and without being recoverable. 300MB of email.

Of course, that could be the best thing that happened to them. After all, webmail is not normally stored encrypted, or if it is site software has the key. Even if you think you have nothing private, in a large email archive there will be things you wouldn't want published.

Backups are the most important to encrypt of all. Here in Portland we recently had a medical IT worker leave unencrypted backups being transported off-site in their car, from whence it was stolen.

I needed a file off my home desktop box the other day, but couldn't get in because its net interface was down. Fortunately, the file was sitting right there on the backup drive on my gateway machine. Unencrypted, too.

Care is golden, folks. Be careful out there. (B)