Three strategies for better backups
Data Protection
To protect your data, you need to do more than schedule regular backups. Here are three often overlooked strategies that can help make your backups more accessible, secure, and reliable.
From rsync and rsnapshot to Bacula and Déjà Dup, Linux has no shortage of backup applications. You can even find basic suggestions for a backup strategy such as Ubuntu’s, which include such basics as storing at least one backup off-site. However, these suggestions are usually incomplete and occasionally misleading. As my own backup strategies have evolved, I have found three strategic considerations that are often neglected but can greatly affect a backup’s accessibility, security, and reliability.
Choose an Appropriate Filesystem
Most external drives come with NTFS or exFAT filesystems, so the users of recent Linux distributions can use them out of the box. However, thanks to parted and its desktop counterparts, reformatting an external drive takes only a few minutes, and users have no shortage of filesystems to choose from (Figure 1).
For reliability, the standard ext4 filesystem is hard to beat, but for a backup accessible to others, you might want to choose another one unless you have a Linux technician within reach. FAT32 will work, but it is slow and inefficient by modern standards. NTFS, of course, is a Windows standard and has the advantage of Linux-like features like permissions, journalling, and encryption – although if accessibility is a priority, encryption is probably not the best choice. ExFAT is open standard and fast, and a backup using it should be accessible from most operating systems, but it has no built-in security. Which you prefer depends on your priorities. However, if you use multiple drives for backups, you might consider using more than one to spread the odds.
Encrypt and Split Backups
While cloud storage is popular, it depends on faith. Users are rarely in the position to evaluate cloud services and can only assume that the providers store data securely and privately. In some cases, that faith is justified, but in 2022, the Thales Cloud Security Report, found that 45 percent of businesses have experienced a cloud-based data breach or failed an audit in the past 12 months – an increase of 5 percent over 2021.
Short of avoiding cloud services or setting up a private, self-hosted server like those offered by Nextcloud, you can solve this problem by using the security principle known as least authority, which means that service providers should be given the least control possible over their customers’ data. This goal is accomplished at a minimum by storing only encrypted files in the cloud. Better still, Tahoe-LAFS (Least Authority File Store) divides uploads into pieces and defines how many pieces must be present to recover them. The pieces can reside on multiple servers and external drives, making a security breach almost impossible. For added security, Tahoe-LAFS can also administer the pieces anonymously using Tor. Like any software, Tahoe-LAFS has vulnerabilities and bugs, and it can't prevent the hardware that is storing your data from being stolen. All the same, Tahoe-LAFS offers the highest security in the cloud that is currently available.
Invest in Military-Grade External Drives
Hardware manufacturers usually display the cheapest external drives prominently. On Amazon, for instance, several pages of results pass by before quality drives are listed – which means that many buyers make a decision before they even reach these drives. If you are looking for reliable backups, these cheap drives (Figure 2) are a problem, because, at best, they are only slightly more reliable than flash drives, with neither being designed for long-term storage. The cases are thin plastic, and the USB port is exposed. As long as you do not move a cheap drive, it might remain workable. However, if you drop it or even move it carelessly, the drive can become disconnected from the case. Often, transferring the drive to another case can restore functionality, but some manufacturers such as Seagate sometimes use a proprietary connection to the case; once the connection is shaken loose, the drive becomes a permanent brick. As a result, you can quickly discover that what you thought was a reliable backup is itself unrecoverable without an expensive trip to a data recovery expert.
The difference between a cheap drive and military-grade external hard drive is like the difference between a phone without a case and one with one – only more so. A military-grade drive (Figure 3) is obvious immediately by its extra padding and sealed USB port, as well as its extra weight, which can be twice as heavy as a cheap drive. A military-grade drive looks like a bulky mutant. More importantly, its military-grade designation means that it can take far more rough handling than a cheap drive. Specifically, the drive has been tested and meets the MIL-STD-810G standard or – better still – the more recent and thorough MIL-STD-810H standard. To meet either standard, a drive must pass over 29 physical tests, including:
- Low pressure
- High temperature
- Low temperature
- Temperature shock
- Fluid contamination
- Solar radiation
- Rain
- Humidity
- Fungus
- Salt fog
- Sand and dust
- Explosive atmosphere
- Immersion
- Acceleration
- Vibration
- Acoustic noise
- Shock
- Pyroshock
- Acidic atmosphere
- Gunfire shock
- Temperature, humidity, vibration, and altitude
- Icing/freezing rain
- Ballistic shock
- Vibro-acoustic/temperature
- Freeze/thaw
- Time waveform replication
- Rail impact
- Multi-exciter
- Mechanical vibrations of shipboard equipment
Some drives are advertised as military grade without external testing, which may be acceptable. However, before relying on these drives, you should research the drive on Consumer Reports, any in-house documentation, and the Trusted Review site, which lists certified hardware. You may also be able to transfer a cheap drive to a more protective case and use a protective storage bag. However, drives that pass testing are the most reliable, such as those made by ADATA, LaCie, and Transcend. Typically, military-grade drives will cost $30-50 more per terabyte than the cheaper ones, but if your backups matter to you, the difference is a small price to pay.
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.
-
New KDE Slimbook Plasma Available for Preorder
Powered by an AMD Ryzen CPU, the latest KDE Slimbook laptop is powerful enough for local AI tasks.
-
Rhino Linux Announces Latest "Quick Update"
If you prefer your Linux distribution to be of the rolling type, Rhino Linux delivers a beautiful and reliable experience.