Backing up your computer through a cloud service?

[Ronstar]

I use time machine to backup non photo files to an external drive. I store photos on the external drive and back up to a NAS. But I need to implement an offsite solution. I was strongly considering an external drive in the lock box, but I'm starting to get comfortable with the cloud


Sent from my iPhone .using Early Retirement .//82339)

 

[Lsbcal]

We have maybe 10GB of digital photos. We have a drawer full of old photos and albums. Then there are the 35 mm slides from my SLR days, the 8mm spools from my movie camera days, and also my parents old slides.

I don't really look at this stuff. Somehow the spirit rebels. Still I keep adding to the hoard.

 

[target2019]

This is a top-ten list of cloud security issues from https://resilience.enisa.europa.eu/...-and-recommendations-for-information-security. Below I've summarized each point from page 7. The article is long, but probably raises issues you may not have considered.

You can assess the risk for yourself. I don't see that one can come up with a definitive answer. Just as it is only a matter of time before each user loses data, it is only a matter of time before a cloud backup service has the same occurrence. As with your personal at-home loss, the loss in the cloud may be extensive, or just one flipped bit.

1. Loss of governance - You are giving control of uploaded data to the cloud provider (CP). Carefully read your agreement.
2. Lock-in - There is no standard for format, and you're probably wedded to that one CP. Ideally, you'd like to be able to transfer your backup to another provider, or download it yourself before deleting your account.
3. Isolation failure - This raises availability issues which center around the actual backup site and how it is maintained. For example, if the CP service is housed within Amazon server farm, and attack on Amazon is effectively an attack on your CP.
4. Management interface compromise - This type of failure point is difficult to control. Someone who accesses the interface has potential access to exploit the resources.
5. Data protection - This is about the integrity of data, how it is backed up to mirrors, and the procedures for ensuring the uploaded data remains accurate.
6. Insecure or incomplete data deletion - Very interesting topic, as I am currently looking at this issue with drives I want to sanitize. What is deleted is not necessarily gone!
7. Mailicious insider - Take a look at Snowden and other offenders. The damage that one insider can inflict is astounding.
8. Customers' security expectation - Are you making assumptions about the information security the CP is providing?
9. Availability chain - Access depends on your local internet connection, and everything beyond, such as your local gateway. Things fail at the worst possible time, I've found.

 

[photoguy]

I would add

10 -- your cloud storage provider goes out of business before you can find an alternative

 

[Lsbcal]

Nice summary Target2019. Giving access to an outsider seems like a big security issue to me.

I might not have the lingo quite right but it seems to me that one issue is pull versus push. Dropbox is a push method i.e. user pushes data to a server that he wants to access someday. Other continuous automated backup plans are pull technology i.e. user's data is accessed by an outside server that has been granted permission to take the data. That granted access is a security issue.

Seems to me that Dropbox has the advantage for me. I am in control of what is in put in the cloud since I put it there. No access for grabbing data has been granted to an outsider. The burden is on me to update the data but I'm fine with that. Weekly is all I would need. There are only a few files that I might be doing a lot of hours work on.

The rest I can backup and store in a bank safety deposit box every 6 months or so to remove the worry of burglary or fire. Weekly local backups are to an external (hidden) hard drive and/or memory stick.

 

[target2019]

Too much pushing and pulling. Ever dare to look at all the processes running at startup on any computer? Mind-boggling!

I have dropbox and used it to share with other developers/customers. But only used it occasionally.

I did find it useful to auto-sync iphone photos to, and then sync with my pc for permanent copy to photo library. So you can use it manually (push), or sync (pull).

 

[Chuckanut]

This is a top-ten list of cloud security issues from https://resilience.enisa.europa.eu/...-and-recommendations-for-information-security. Below I've summarized each point from page 7. The article is long, but probably raises issues you may not have considered.

You have a point. Some of these problems can be avoided if one encrypts sensitive data on the home computer and merely uploads the encrypted file to the storage site.

 

[Lsbcal]

You have a point. Some of these problems can be avoided if one encrypts sensitive data on the home computer and merely uploads the encrypted file to the storage site.

Spideroak (mentioned in my post above) does the encryption on your computer before uploading the data.

 

[bUU]

Backup, by definition, is an image of what is stored locally. If Carbonite goes out of business, people don't magically lose the data - it is still stored locally. They can, at that time, adopt even one of the other backup approaches or engage another backup service provider. It would be akin to having your physical backup in your vault at the bank stolen (and it is just as likely that that will happen as Carbonite going out of business tomorrow without any foreknowledge apparent).

Some people abhor the idea of trusting others with their security. Perhaps they'd also have concerns about giving a key to neighbors "just in case" - a very common practice in the United States - or checking their valuables in the hotel safe when they're on vacation. Everyone has different priorities.

 

[RonBoyd]

Backup, by definition, is an image of what is stored locally.

This is a very important distinction. A "backup" is a MIRROR IMAGE and not a copy of your files. (Particularly significant if your "backup" program requires the use of that program to retrieve those files.)

 

[jim584672]

Spideroak (mentioned in my post above) does the encryption on your computer before uploading the data.

But if the are doing the encryption then they have the means to decrypt as well? Seems to be self-defeating the purpose of encryption.

 

[MRG]

But if the are doing the encryption then they have the means to decrypt as well? Seems to be self-defeating the purpose of encryption.

There's typically hash keys involved so only you can decrypt your data. Since it's encrypted before transmission that implies it's decrypted at that same machine after transmission back.

The data to the low level file system is just a bunch of bits. The file system doesn't have context of the data. So no concern about encryption or not at that level.

Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app

 

[target2019]

Backup was/is a msdos command which copies files and directories. It has become a more generic term, though. Image refers specifically to an exact replica on the storage media. It's common to hear image backup, file backup, online backup and so on.

 

[NW-Bound]

But if the are doing the encryption then they have the means to decrypt as well? Seems to be self-defeating the purpose of encryption.

There's typically hash keys involved so only you can decrypt your data. Since it's encrypted before transmission that implies it's decrypted at that same machine after transmission back.

The data to the low level file system is just a bunch of bits. The file system doesn't have context of the data. So no concern about encryption or not at that level.

Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app

They have the means or algorithm to encrypt/decrypt which they provide to you in the form of software, but only you have the key. The encrypted file may be cracked without a key, but it takes huge amount of CPU power and time. So, unless you have a secret that the NSA is after, nobody will bother to crack your file. It is easier to beat the key out of you anyway.

Of course if the software writer puts in a back door, then all bets are off. However, has anybody ever heard of that being done?

 

[harley]

f course if the software writer puts in a back door, then all bets are off. However, has anybody ever heard of that being done?

Lol! You are so droll!

 

[MRG]

They have the means or algorithm to encrypt/decrypt which they provide to you in the form of software, but only you have the key. The encrypted file may be cracked without a key, but it takes huge amount of CPU power and time. So, unless you have a secret that the NSA is after, nobody will bother to crack your file. It is easier to beat the key out of you anyway.

Of course if the software writer puts in a back door, then all bets are off. However, has anybody ever heard of that being done?

Nice write up.

Back doors well I've seen them implemented in systems. Mainly to ensure if the customer screwed something up support could have a way in. Over the years there was increased awarness from a security standpoint and other workarounds had to be implemented. Kind of neat seeing the change of "we've always done that, to you're finding a secure way now".

Every year we had to re certify HIPPA(and other) compliance. Yes I could have viewed someones confidential data but why, I had enough to do. I think most techs in a cloud providers shops have the same attitude.

As data deduplication becomes more mainstrean that helps make it more difficult to find as much value in backup data. Lets see, unstructured data that has been manipulated by backup software to eliminate extra bit patterns. Interesting technical challenge, poor way to wind up in jail.



Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app

 

[NW-Bound]

I'll say... Seagate to sell 8TB HDD for $260 - AfterDawn

I opened my email last night to see that a local store has a 3TB USB hard drive on sale for $79! My, my, my! That deal is very hard for me to resist.

I must put it out of my mind by going to buy something else instead. Like wines for sale at Bevmo at 5c for the 2nd bottle. Or another store is selling 6lbs of onion for $1. I know I will use up these consumables, while on the other hand I am using less than 2TB out of the 12TB total storage I already have.

PS. Sorry to sidetrack from computer talk, but I am seeing gallons of onion soup in my immediate future. It's really good for the soul when the weather turns cold like right now.

 

[RonBoyd]

I opened my email last night to see that a local store has a 3TB USB hard drive on sale for $79! My, my, my! That deal is very hard for me to resist.

That is really a good price. They have hovered around $100 for several months now.

 

[harley]

I just bought 15 8TB internal hard drives, helium sealed for cooler running for $750 each. That's $100 less than when I bought another 15 about a month and a half ago. Amazing price drops. I'm waiting for the first commercially available XB hard drive.

 

[RonBoyd]

I just bought 15 8TB internal hard drives, helium sealed for cooler running for $750 each. That's $100 less than when I bought another 15 about a month and a half ago. Amazing price drops. I'm waiting for the first commercially available XB hard drive.

Thirty 8TB hard drives!?!?

Wow! Are you going in to competition with Google?

 

[audreyh1]

I just bought 15 8TB internal hard drives, helium sealed for cooler running for $750 each. That's $100 less than when I bought another 15 about a month and a half ago. Amazing price drops. I'm waiting for the first commercially available XB hard drive.

Whoa!

 

[aja8888]

I just bought 15 8TB internal hard drives, helium sealed for cooler running for $750 each. That's $100 less than when I bought another 15 about a month and a half ago. Amazing price drops. I'm waiting for the first commercially available XB hard drive.

Setting up your own commercial cloud service?

 

[NW-Bound]

Mama mia! That's some serious storage. I saw on the Web that Seagate shipped the world's first 8 TB drive in August this year. That's cutting edge stuff.

Then, I remember that in around 1983, a company (IBM?) announced the world's first 1 GB drive. It was probably the size of a washing machine.


PS. Wikipedia has everything a guy likes to know.

1980 – The world's first gigabyte-capacity disk drive (2.52 GB), the IBM 3380, was the size of a refrigerator, weighed 249 kg, and had a price tag of 40,000 USD which is 114,491 USD in present day terms.​

 

[explanade]

I use external disks and back up once a week or every other week to Time Machine.

I have a couple of Aperture photo vaults on two different disks, approaching 200 GB. (I'm going to put off converting to Lightroom as long as I can because I don't like the interface as much).

I've used Crash Plan at work, had to restore once. Wasn't too impressed with the results. Maybe I didn't configure it right but not interested in uploading files to the cloud. Even without the concerns about security and reliability, it would take too long to do the initial upload and then any recovery of hundreds of gigs of data would take long time as well.

Plus the notion of ongoing service fees for something that I could back up on relatively cheap external disks just doesn't suit me, probably penny-pinching here but I'm not convinced cloud backups are an essential service.

Yes I realize the risks of fire or theft from home. Maybe I'll get a safe like someone alluded to earlier in the thread. I could keep one of my drives with my folks for it would be a pain to retrieve once a week just to keep it up to date.

 

[NW-Bound]

And just now, I see the local store that had a 3TB drive for $79 is now offering 5TB for $140. It's crazy. How do hard drive makers make any money?