It seems like every day lately I’m hearing one side or the other of the argument for storing data online, so I thought I would take a few minutes to write a post comparing a couple of possible strategies, with pros and cons. With all the heat coming down on Facebook for privacy concerns, it’s no wonder people are starting to question the wisdom of storing all sorts of files online. As the number of critical files we all have increases, making certain that our storage systems and backup systems are in peak form becomes more and more important.
In an ideal world, everyone would use both local and online backups, but the costs to do so can be sky high. Towards the end of the post we’ll discuss some options for using an old PC as a file and backup server. Windows Vista and 7 both support backing up to a network location, which makes it easy to centralize backups, and then to have the backup computer copy the files to a couple of drives to ensure that even if one backup drive fails, there is another to take it’s place. Personally, I keep photos and documents in at www.skydrive.live.com since that’s stuff I want to be able to share, and I’ve not found an online storage option to match the 25 gigs Microsoft offers at SkyDrive. DropBox, GoogleDocs, and lots of other services are available, and keeping your most critical files online makes sharing easier, and disasters easier to recover from.
To begin our security analysis, first, let’s discuss the security of Windows versus the security of SSL online services.
By default, Windows offers only password based user authentication, encrypting files like the online services encrypt the data transferred between your machine requires extra steps, which I explain later in the post. Not all versions of Windows even offer file encryption, only the Pro and Ultimate versions, XP and Vista versions of home have limited encryption abilities.
To summarize the situation for most Windows users, the steps necessary to steal your data and potentially your identity would be:
1. Steal your computer and use a freely downloadable (albeit illegal) tool to hack your Windows password (assuming you even have one)
2. Use the same tool to hack the passwords to your quicken and quick books files.
3. Search the web for your phone numbers and addresses and start applying for credit in your name
As a user of https secured online services, I might be able to get in and see your logins to the online services, but would have little reason to do so. Those passwords are easy to change so in this scenario you would simply change your online passwords once a system was stolen.
1. Steal your laptop and hack your windows password
2. Dig through your browsing history to find out what online services you use
3. Somehow (I have no idea how) get the online password you should have changed after your system was stolen.
4. Search for your personal info like address, date of birth, etc, to enable thief to begin accessing your accounts and opening credit in your name.
Since the thief would be unlikely to check your browsing history to figure out if you use online services that might have personal info, and even more unnlikely to be able to get your recently updated passwords, I for one have to conclude that out of the box, I’d rather store my data online in an https secured service than I would in most Windows computers.
If you still prefer to keep all your data yourself, there are 3 steps you should take to make certain that it is as safe as it can be. Personally, I do keep most of my data on my own machines, I really use the web for sharing info much more than storage. If you want to store your own data and keep it as well secured as an online service can, follow these steps in additon to the normal healthy computing habits of running antivirus and antispyware applications.
1. Use an old computer to duplicate files for you so they are stored on multiple drives in an organized manner, rather than having you duplicate your work & effort on purpose. There are tools like Mesh/Live Sync/SyncToy to do this with the an old computer running Windows XP, or uou could probably install Windows Home Server on it to give you remote access to your desktop, and enable you to leave it off if/when you prefer. You can download a trial of HomeServer from the web, or you can get a free copy of the Beta version of Windows Home Server "Codename Vail" through Microsoft Connect if you’re registered there. It’s
Both versions of Home Server offer file duplication so that if one drive goes down you won’t lose any data, and then you can also set the server to run scheduled backups for a potential 4th layer of data security with layer 1 being the PC you use, 2 being the server, 3 being a duplicate drive, and 4 being the server backup. It is important to have the backup system isolated from the working machines as much as possible so you don’t lose everything to a power surge, flood, or break-in.
2. Encrypting your the files is the next step you should be taking to get SSL-grade/128 bit encryption out of Windows. EFS is a feature in many versions of Windows, so that is a fairly minor configuration step- simply right click a folder or file, choose properties, and from the "General" tab choose "advanced." Simply check the box next to "Encrypt Contents to Secure Data" and OK out of both of the menu boxes.
3. As a last step, you should have a login name to something that isn’t personally identifiable, so someone who steals your laptop wouldn’t even know who it belongs to just by looking at the logon page. In theory, a savvy thief or purchaser of the stolen laptop might realize the laptop belongs to you, and that might cause them go specifically after your data. If there is no name on the login screen it would be much more difficult to figure out who the system belongs to, and what might be available on it.
Both systems have their drawbacks- online services may not be an option if you don’t have constant access to the web, and often do not offer as full a feature set as what their software competitors might. Many online services also have recurring fees as well as the cost of maintaining a web connection. It’s not that hard to set-up and secure your own PC, but it does take a little extra work and planning to make sure that your own computer isn’t your biggest security risk.
I have tried a variety of HD monitoring tools, but for ease of use I reccomend HDD health from Pantera Soft. Drives will start to report errors as they age or if they encounter problems due to bad usb ports or cables, being banged around too much, etc, and with a HD health monitoring utility you can stay aware of these sorts of issues. As I mentioned earlier, in an ideal world, have my server even with its with 3 levels of duplication backing up to an online service, but for now I’m going to accept the fact that short of my house burning down, I’m not going to be losing data anytime soon.