Taking Back Your Digital Independence: A Personal Journey Away from iCloud
This is part 2 in what was supposed to be a 2 part series on transitioning from my iPhone to Graphene OS as my daily driver mobile operating system. However, I decided I should take a detour to discuss my move off of iCloud. As such, this will now be a 3 part series. You can read part 1 here.
This all started with my transition from my Macbook to a Linux laptop. I had transitioned all of my daily computing tasks to my Linux laptop, but I was then frustrated with the fact that all of my iPhone data (pictures, backups, etc.) were still stored in iCloud. Not only was this not compatible with my new laptop, but I also wasn’t completely comfortable trusting Apple to correctly handle (basically) my entire digital life.
The Bigger Picture
In a world growing ever more digitally dependent, the notion of ‘cloud’ is presented as the be-all and end-all for our storage and accessibility needs. Services like iCloud with their ease of use are easy to adopt, but we often neglect to think about the larger consequences of entrusting our most private information to these proprietary cloud services. Opting for self-hosting rather than cloud reliance is a move towards regaining your digital autonomy — yes, it might involve a bit more elbow grease, but the dividends are worth the extra effort.
Initially, it’s important to understand the risks we take when we grant absolute control of our digital existence to third-party companies like Apple or Google. The security of data held on iCloud, or any cloud service for that matter, is largely tied to the company’s security measures, their data management, and their privacy policies. By using these services, we’re essentially saying, “Here, hold my data on your computer,” exposing ourselves to their rules and potential security blunders. Numerous high-profile incidents have demonstrated that even the most secured servers can’t always ward off hacking, unauthorized access, or internal mishandling.
On top of the obvious security pitfalls, proprietary clouds function within a closed ecosystem, making it challenging to shift services or meld with other platforms, should you ever wish to. You’re essentially at the mercy of your provider’s decisions regarding pricing, storage rules, features, and even the service’s continuity. If the service decides to raise their prices, you are forced to foot the bill if they hold all of your data.
Data sovereignty is another issue — the question of who legally owns your data once it’s up in the cloud. Countries around the globe have differing laws about data privacy, and cloud companies, which often scatter data across various global locations, might fall under regulations that don’t quite have your best interests at heart.
Enter self-hosting — the antidote to the dilemmas that come with cloud services. It gives you the reins over your own data, and thus, your digital freedom.
Self-hosting empowers you to decide where your data lives, who gets to see it, and how it’s safeguarded. There’s a comforting transparency in knowing your data is nestled in your personal device, on a server in your home, or in a rented server space that’s only accessible to you.
Furthermore, self-hosting opens up the opportunity to set up your own security protocols and backup systems, lessening the risk of data loss or breaches even further. It allows you to escape the constraints of closed ecosystems and lets you choose how you want to access, distribute, or backup your data.
Sure, the transition to self-hosting might call for more effort and some initial setup. But at a time where data privacy and security are more crucial than ever, the additional work is a small price to pay. It marks a turn towards more mindful tech consumption, where we take back our digital lives and make choices that align with our personal beliefs and needs.
As we journey deeper into the digital age, achieving genuine digital autonomy means becoming the custodians of our own digital assets. Self-hosting provides a route to this goal, bestowing upon us the ultimate control and accountability over our data, and hence strengthening our digital autonomy.
Technology
I want to refrain from diving too deep into the technology, as tech companies and offerings change by the day. I will give you a brief overview of what I have done, but I want to focus on the overall methods (which are repeatable no matter what companies are around at the time). First, we need to discuss the 3–2–1 backup strategy.
3–2–1 Backup Strategy
This acronym serves as a golden rule, a safety mantra if you will, for safeguarding your data against most failure scenarios. It’s a principle simple enough to comprehend yet robust enough to fend off potential data catastrophes.
So what’s it all about? The ‘3’ refers to having at least three copies of your data. That’s your original data and two backups. Think of it as a failsafe mechanism — if one backup fails, you still have another one to rely on. Redundancy is your friend here.
Next, the ‘2’ denotes having these backups on two different media. For instance, one backup could be on an external hard drive, while the other resides on a cloud server or a different hard drive. The idea is to avoid putting all your eggs in one basket, spreading your data across diverse media to reduce the risk of a single point of failure.
Lastly, the ‘1’ is a reminder to keep at least one of these backups offsite, that is, not in the same physical location as your original data. This is to safeguard your data against local disasters such as a fire, flood, or theft. A cloud service, either proprietary or private, often fits the bill for this offsite requirement.
Now, how does this play into our conversation about self-hosting and private clouds, and even proprietary clouds? Well, these solutions can all serve as components of your 3–2–1 backup strategy.
My Strategy
Getting storage
I first bought myself a Network Attached Storage (NAS) device. These devices allow you to access storage over your local network. No matter where I am in my house, I am able to access my NAS. I personally purchased a 4 bay QNAP NAS with 4 x 6TB WD red hard drives (this is way more storage than you probably need. I also use my NAS to store movies and music). Some NAS brands allow you to access your NAS remotely. I do not want this personally and don’t generally recommend it as it increases your attack surface. The last thing you want is someone with malicious intentions accessing your NAS.
I setup my NAS in RAID 5. This would allow me to lose a whole hard drive without losing any data. In a RAID 5, my 24TB of raw disk space is 18TB of usable space. This option is generally something you select when setting up your NAS.
Downloading iCloud Data
Now that I have the local storage setup, I started off by downloading all of my iCloud data onto an external hard drive connected to my Macbook. This took awhile, and I had to make sure I had a hard drive big enough. I then went through and only copied the data I cared about keeping onto my NAS. I then disabled all iCloud on my Macbook and my iPhone. Apple was sure to prompt me many times to make sure I really wanted to stop using iCloud (anything to keep customers paying). I made a 1 time backup of my iPhone using my Macbook, and also copied that backup to the NAS.
I now barely ever touch my Macbook, and I mainly use my Linux laptop. If I still used an iPhone, I would use the Macbook to backup my iPhone once a week and copy that backup to the NAS.
Backup Strategy
I now backup my Graphene OS phone weekly to my Linux laptop (using a double sided usb-c and usb-a thumb drive). I then back up my computer weekly to an external SSD and my NAS. I use DejaDup to conduct the SSD backups, and rsync to conduct the NAS backups. I encrypt these backups with a long password that is stored in my password manager. I am the only one who can decrypt these backups. This solves most of the 3–2–1 strategy, but what about the offsite backup?
Offsite Backup
I go a little overboard and I actually keep 2 copies of an offsite backup. You do not need to do this, it’s simply my personal preference. Once a month I make a backup of my laptop to a 1TB micro-SD card (also encrypted) using DejaDup and keep it at a friends house. If I was to lose all of my backups (including my second offsite backup) I would still be able to access this backup. I realize the risk of this happening is very low, but I keep many things I need on a day to day basis for my digital life, and to lose them would be a severe pain.
The more practical solution is to use a private cloud instance to store your backups in the cloud. Purchasing a private cloud instance to store data at rest is actually fairly affordable for the amount of data I need to store (right now it’s less than 1TB as I only backup critical files, folders, personal pictures, etc. I do not backup anything that I could re-download or recreate easily). AWS, Azure, and Google Cloud all offer solutions that fit our needs. However, after much research I decided to use Backblaze B2. I chose Backblaze for a few reasons.
- Pricing. Backblaze B2 offers to backup and store your data for $5/TB/mo. If you need to download your data, it is $10/TB. At the time of writing, this is cheaper than AWS, Azure, and Google Cloud.
- Integration. Backblaze B2 integrates easily with my QNAP NAS. In all fairness, so do AWS, Azure, Google Cloud, and others. If Backblaze didn’t have an easy NAS integration, I’m not sure I would have chose it.
- If all else fails, and you’re unable to download your data, Backblaze (for a price) will ship you your data on hard drives. It isn’t cheap, but the ease of mind is something that helps me sleep at night (even though the risk is low).
With Backblaze B2, I have a weekly job that runs on my NAS and backs up the folders and files of my choosing to Backblaze B2. My data is encrypted locally before being synced up to Backblaze’s servers. If you are going to use any cloud solution, I recommend always encrypting your data before sending it up. This provides another layer of protection.
In summary, once per week I backup my laptop to my NAS and to an external SSD. The NAS then backs up to my private cloud instance once per week. Once per month I backup my laptop to a micro-SD card that is stored off-site. All of these backups are encrypted with a long password that is stored in my password manager so that only I am able to access my data. If someone else got a hold of my encrypted backups, they would be unable to decrypt the data in our lifetime.
Conclusion
This migration from basically all of my data being hosted in iCloud, to self hosting and implementing a 3–2–1 backup strategy took some time and effort, but was 100% worth it. I am now totally in control of all of my data and am not reliant on the whims of a single corporation’s policies and potential security mishaps. I’ve created a custom fortress of sorts, one where I alone hold the keys to my digital existence. Transitioning from iCloud’s ease to my own system’s peace of mind wasn’t a casual stroll; it involved research, purchases, setting up new systems, and data handling. But in doing so, I’ve taken a massive leap towards digital autonomy, and it feels empowering. Now, I have the flexibility to evolve my system as I see fit, adapting to changes and staying proactive about my digital privacy and security. I hope my journey inspires you to explore self-hosting and regain control of your digital life. Remember, true digital independence is about owning your data, understanding where it lives, and managing how it’s protected — it’s your digital life, after all. Don’t hesitate to take the reins and chart your own path.
Stay tuned for part 3 of this series, where I will go into my subsequent transition from my iPhone to my Graphene OS daily driver.
