We all pay lip service to the idea of backup, but sometimes you have to actually lose some data that you don't have backed up before you really appreciate how important it is. In fact, consideration of backup strategies and mechanisms is generally a major component of generalist security courses and certifications, and quite rightly. To replace stolen or mangled hardware is just a matter of spending enough money. Replacing data that is no longer accessible is another matter, and it can be the difference between survival and non-survival for a business, or even a household, financially speaking.

Backup strategy and implementation in business is a more complex issue than you might think, and not every system administrator and/or IT manager gets it right all the time. What do you do if you're a home or small business user, with no professional system administrator to explain/set you up with RAID , hot sites, replication, and all the other esoteric paraphernalia of disaster recovery? My friend and colleague Aryeh Goretsky's paper Options for backing up your computer won't turn you into a business continuity specialist. However, if you've never been quite sure of what you need to do in case a fire, burglary, hard disk failure or other disaster threatens the electronic data that so many of us are dependent on nowadays, you'll understand the issues much better after reading it, without overdosing on jargon.

Here's the Table of Contents, just to give you an idea of the ground it covers in a not-too-demanding eleven pages. The paper itself is available below.

  • Both hardware and software needed to back up your computer
  • Hardware backup
  • Software backup
  • The value of archive programs
  • Syncing up
  • Disk imaging programs for backing up
  • Blended backups
  • Cloud-based data backup
  • Choosing which data to backup
  • How often to back up your computer
  • Diversify your backup methods
  • Where to store your backups
  • Replace your backups periodically
  • Data recovery services as a last option 

I'll be recommending it to friends and family members. And possibly a few former colleagues. ;-) In fact, that paper has been posted to ESET's "Staying Secure Online" page, which links to other material that may well be of interest to many people.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow