By Joe Kashi, for the Redoubt Reporter
Protecting your data involves more than just preventing inadvertent disclosure or hacking. You also need to ensure that your financial, photo and family data is protected from loss.
Loss may occur in many ways. Data may be lost due to hacking, hardware failure, operator error or casualty. Smartphones, notebook computers and other mobile devices are commonly misplaced, forgotten, dropped and broken, or stolen.
Protecting your electronic data is as basic as locking your house or car and buying insurance to protect you in case of loss. Extending this analogy, computer security has two components. An electronic “lock” protects you against those who might invade your privacy and misappropriate or vandalize your data. That’s where network security and, as appropriate, data encryption, come into play.
Physical security, on the other hand, including data backup, protects you against physical loss such as electrical surges, fire or theft. I’ll address physical loss first because, in some ways, it is more straightforward.
Casualty losses such as fire or flood damage and thefts of smartphones, computers and related equipment are fairly common. Your best bet under these circumstances is to ensure you have adequate physical security for your premises and that highly sensitive data is encrypted.
It’s no different than protecting any other valuables, but with one exception — you could also lose a great deal of crucial information unless you back up your data every day. I have had clients who went out of business after their premises and business equipment were destroyed by fire. Losing the bulk of your business data is one of the surest paths to business problems.
Electrical damage from sudden power loss or surges can be obvious, such as smoke rising from your system. More common is subtle damage, such as scrambled accounting programs and other databases. Use a high-quality, high-capacity surge protector between the electrical wall outlets and all computing equipment and network connections, including incoming phone and Internet lines.
Database programs are among the most common used by businesses and among the easiest to scramble due to an uncontrolled shutdown in the event of a power loss or surge. Most insurance policies and utility tariffs will not cover hardware failure or data loss arising from either voltage surges or power failures. Reliable, current data backup is the only way to ensure you don’t lose important data. Be sure that you store your critical computer data in a single spot that’s easy to identify. That way, it’s easy to back up all of your data — just back up the complete data storage device.
Another threat to your data is hardware failure, including data located in nonvolatile storage. Drives fail, including solid-state drives and flash drives. Back up your smartphone to the Internet “cloud.” Adopt proactive preventative maintenance, such as using hard disk arrays for traditional nonmobile computers. Replacing those hard disks and controllers every 18 to 24 months helps in this regard.
Even better is using a RAID disk array to store your data. These use multiple hard disks to store your data in a redundant manner such that the failure of any one hard disk does not lead to data loss. However, once a single drive fails you should replace it immediately because you’ve lost any redundant data protection and the next failure will likely be fatal. A RAID disk array only protects against hardware failure. You’ll still need to protect a computer from physical loss, such as fire, theft or inadvertent deletion. I’ve built 3-terabyte RAID arrays for under $300, using two, 3-TB Western Digital Red hard disks and a Mediasonic ProRaid HUR3-SU3S3 external SATA Hard Drive Enclosure, which uses reliable internal hardware to convert two separate hard disks into a redundant RAID disk array.
Operating systems of all stripes occasionally corrupt and must be restored. If your data is on the boot device to be restored, it’s likely that you’ll lose data. For that reason, always store your data on a second, physically separate disk or memory card, not on the boot devices. That way you can typically restore the boot device without losing your data. A RAID disk array is safest.
Most importantly, train yourself and everyone around you to use your computer systems correctly and carefully, paying particular attention to confirming dialog boxes such as, “Do you really want to delete this file?” rather than just clicking through them until you realize it’s too late. As much as 80 percent of all data loss happens because of operator error. That’s a grim statistic. Training for careful use is the only real solution here.
Once we understand why data is lost, it’s fairly easy to reduce the likelihood and consequences of loss. The most obvious step is to physically secure your premises, avoid losing mobile devices and ensure that you back up your data every day, storing the data backups away from your office so that the same fire, theft or other casualty won’t result in loss of your backup data, as well.
Data backup is generally inexpensive and easy. While many back up data directly to a cloud-based backup vendor, I believe that’s appropriate only for data that resides solely on mobile devices. Otherwise, it’s too demanding of bandwidth and, thus, too slow and too expensive. I still prefer copying a full backup of all office data nightly to an external hard disk dock connected to an eSATA or USB 3 port for routine daily data backups. This is the fastest and easiest approach. You should have at least three sets of external backup hard disks, rotating them so that any backup is made on the disk previously containing an older backup set. eSATA is definitely the fastest external connection.
Use a different hard disk every day and be sure to keep one hard disk backup set at least two weeks before reusing it, just in case of ransomware attacks or slow, subtle data corruption from a failed computer system or human error that is not noticed immediately — all of which do happen on occasion. High-capacity hard disks are now inexpensive, and a larger disk drive will give you more flexibility later. Before starting to make a backup, be sure you know all of the places where data might be stored. You’ll likely be surprised. Avoid storing data on several different mobile devices and office computers in a peer-to-peer network. Install all data on a single file server that’s used only to store and share data, and don’t use that computer to run day-to-day programs. It substantially increases the risk of an overall system crash that could damage data, and it’s slower.
Make a full backup every day. “Incremental” backups tend to be unreliable and more complex to use when trying to restore data. Although not the most sophisticated approach, it may be the least expensive and most reliable.
Local attorney Joe Kashi received degrees from MIT and his law degree from Georgetown University. He has published articles about computer technology, law practice and digital photography in national media since 1990. Many of his articles can be accessed through his website, http://www.kashilaw.com.