A modern household backup strategy
The gold standard in (memorable) backup strategies is the 3–2–1 rule. Three copies of the data, on two different kinds of media, with one copy offsite. This is a powerful rule because of the kinds of protection it provides when followed:
- Primary data gets corrupted? You’ve got a backup you can restore from.
- Primary media stops working? You’ve got a copy on another kind of media.
- Disaster strikes your primary site? You’ve got a copy at another site.
The traditional enterprise implementation of this strategy involves using hard drives for the primary data and for one backup, tapes for a second backup, with some tapes kept in a secure location offsite. This is a proven method, but at the household level it is expensive and inconvenient.
The new backup rule: 3–2–1–0
The ubiquitous availability of inexpensive cloud storage and multi-disk networked-attached storage (NAS) devices had made automation of backups feasible for home users, and so I humbly propose an extension to the classic rule: the 3–2–1–0 rule of backups. Three copies of the data, on two different kinds of media, with one copy offsite… and zero manual steps.
Automation is an important part of a backup strategy because manual steps can get skipped or forgotten. If you have to remember plug an external hard disk into your laptop to get it to backup (and then leave it plugged in and not move it around for a while), you probably don’t do it as often as you should.
Here’s how I implement the strategy today:
- Devices automatically backup to both a local NAS and to the cloud
If I lose my laptop or it stops working, I’ve got a full backup on my local NAS that I can restore from onto a new laptop. If I accidentally delete a file from my laptop I can restore from either my local backup or my cloud backup. If there is a fire at my house and both my laptop and NAS are destroyed I can still restore files from my cloud backup.
That is my current strategy. Before I got my NAS, I did something even simpler:
- Devices backup to two different clouds
This still fulfills the 3–2–1–0 rule. Start here, and get a NAS later, if that works better for you. And if you can only afford one cloud, then just start with one cloud. One backup is better than none!
There is one gotcha to my current strategy: now that I have a NAS, I’m going to be tempted to start using it for more than just a backup destination. But as soon as I start putting some files on the NAS that don’t exist on my laptops, I’ll need to apply the 3–2–1–0 rule again.
Implementation and cost
I use Arq ($50) to automate the backups. Arq supports doing encrypted incremental backups to both NAS and cloud storage. I have Arq configured to do hourly backups.
I use a Synology NAS, specifically the ds418play ($426), but the wirecutter pick ds218+ ($296) would work, too. I use four Western Digital Blue 2TB hard drives ($50 each, $200 total).
I use Amazon Drive ($60/year for 1TB of cloud storage, plus $120/year for Prime membership) and Google One ($100/year for 2TB of cloud storage). Neither service charges for bandwidth.
Security
Automation and cloud storage aren’t without tradeoffs. Putting backups in the cloud presents a different attack surface from storing the data behind locked doors. Arq uses an open source encryption scheme for everything it stores in the cloud, which I think is good enough for me, but maybe not for you. And I don’t have an offline backup, so I’m potentially susceptible to a sophisticated ransomware attack if someone gained access to my laptop, and the credentials to my NAS, and to my cloud accounts.
To fully protect against ransomware I would have to give up the zero in my rule; truly offline backups cannot be automated. A simple approach would be to buy an external hard drive and use it to make backups of the NAS. Having multiple external drives that I rotate through, some of which are kept offsite, would provide another layer of protection and redundancy.
I use encryption everywhere. My laptop disks are encrypted. The NAS volume is encrypted. The cloud backups are encrypted locally before being sent to the cloud. I have no doubt that a motivated adversary could get through it all if they were targeting me directly, but it does seem like it protects against casual snoops and amateur thieves.
Reliability
I’m not the first person to think to add a zero to the 3–2–1 rule; others have added the zero to mean zero errors. And yeah, that’s important! Make sure you have practiced your recovery, before you need it. Think through the scenarios; if there is a fire at your house, and you lose your laptop and papers, will you have some way to recover the password to your cloud accounts and the encryption key for your backups? [Note to self: maybe I should write these down and put them in a safe deposit box.]
For an additional dimension of protection consider using more than one software package to do your backups. This would protect against the possibility of bugs in one software package preventing you from being able to restore your backups.
Parting thoughts
I want to give a shoutout to the team that built the Apple Time Capsule. One of my household’s laptops has been backing up to the same Time Capsule for eight years. The Time Capsule itself is nine years old. I stopped using it as a WiFi base station a few years ago, but I kept it hardwired on the network as a backup destination. It was only this week that I retired it in favor of the new Synology NAS.
The new NAS is far more powerful and extensible than the Time Capsule. But the Time Capsule worked seamlessly. And kept working. It was the product that brought automated backups to the mainstream. And it was made to a very high standard of reliability. So, thank you, Time Capsule, and thank you to the engineers who designed it, and the product managers who brought it to market. You inspired me to be better.
