As we all enjoy this three day US holiday weekend, consider this my public service announcement to protect all your hard labor this past year and into the future. Taking a few minutes now to refresh yourself on proper backups and password protection will prove to be worth it in your digital future.
Hard Dive Backups
Many of you know from my past blogs and tweets, I get a lot of panicky phone calls and emails from friends who are facing the tragic fact that their hard drive – with “my whole life on it!!!” – has crashed. Dead. I usually don’t even ask if they have a backup. If they’re contacting me, I already know the answer.
Many times I can use a series of tricks and software to try to coax the problematic drives back to life. We sit there, with me explaining what I’m doing in my best soothing bedside manner voice and my friend nervously looking over my shoulder. Sometimes I’m successful and the drive stays alive long enough the transfer the data to a new drive, lesson learned, but just as often I’m not.
The next step is to direct them to a company I’ve worked with before called Drive Savers, send them the drive and see if anything can be recovered in their clean labs. But that’s incredibly expensive (thousands of dollars for large hard drives) and even then, sometimes the data is lost forever.
The old cliché is true: It’s not if your hard drive will fail, but when.
Your hard drive, spinning every hour you use your computer, starting up, shutting down, tossed in your backpack or collecting dust on your desk with lots of moving mechanical parts is a fragile thing. It will probably only last a few years if you’re lucky and often less than that.
You can prevent tragedy and the resulting expense very easily these days in one of two ways. Services like Mozy (starting at $4.95/month) and Carbonite (starting at $54.95/year), encrypt and backup your data to their remote servers for off-site protection. Or you can use external hard drives or RAIDs to keep your backups local.
Both have advantages and disadvantages. The off-site methods, sometimes referred to these days as Cloud Computing, require a fast internet connection if you have a lot of data to at least initially backup (although some will allow you to send a hard drive to get you past the initial first backup hump). But off-site adds the benefit of keeping your data safe even if you are the victim of physical theft in your home or business, fire, earthquake, flood, plague of frogs or locusts. You never know.
The other method, is on-site backup to external hard drives or RAIDs. The advantages here are that local storage is much faster to backup gigabytes or terabytes of data than over even the fastest of internet connections. Restoring anything more than a few gigabytes of data over the internet could take days, weeks or longer. The disadvantages are that you have to train yourself to continually monitor these drives to make sure they are doing what you think they are, and again, hard drives fail. And of course there is the above mentioned theft, fire, frogs and locusts issue. You can help avoid this last issue by moving your backup drive to another location and returning it to back up once a week or so.
Either of these methods can be a bit time consuming and will cost you some money, but how much is your data worth to you? If you suddenly lost everything, how would you feel? Would you be willing to part with thousands of dollars to try to get it all back?
My backup system combines both off-site and on-site backups. I have terabytes of still photography, moving footage and business documents such as accounting, bids, client lists and correspondence. I used to use a series of external firewire or USB drives for my backups. But as my shelf full of dead external drives will attest, it’s not a bullet proof method. Instead now, I use RAIDs which are groups of hard drives that record the data redundantly across several drives so in case one fails, I can swap that bad drive out with a new one and nothing is lost.
For the past several years I have been using Drobo drives which provide me more secure data protection. A Drobo is basically a box that contains four or more hard drives, taking care of the redundant data writing across the drives and alerting me with a red light or email if one of the drives fails. I always have spare hard drives standing by to swap out when (notice I say when) one fails. Drobo takes the IT (Information Technology) out of the equation for me. I just put the drives in format it like any other drive and Drobo does the rest. No server software. Just easy.
In fact I have several Drobos. One that I use for daily storage and another that gets backed up from the first one, once a week and is stored in a safe. A few times a year, I also take that backup Drobo from my studio into my office where we have a tape data backup system to add another layer of protection.
It may seem like overkill, but I’ve never lost a single photograph due to a drive failure in the last 15 years. I have over 100,000 individual photographs, most impossible to replace.
For Mac users, Apple has a system built into their operating system called Time Machine which is a fairly easy way to automatically backup a single computer every hour by attaching an external hard drive and selecting it as the Time Machine backup drive. That alone has saved me days of recovering and reinstalling all of my software and data several times when my laptop’s hard drive didn’t fail, but became corrupted with bad data and wouldn’t boot. (Windows users may have something similar, but since I don’t use Windows, I can’t tell you for sure.)
Now that you know how to protect your Labor, how about the rest of your information? So much of our lives are online these days that it’s become easy for unscrupulous people to steal bits and pieces of it, enough to put together a profile of you ready for anything from harmless mischief to full on identity theft. Making sure the “good people” at Facebook haven’t exposed you to data mining with their constant “privacy improvements to help share you life with others,” by keeping an eye on your privacy settings is one thing. Making sure your secret passwords stay secret is just as important.
Again, a little prevention is so much easier than damage control after the fact.
A recent study by the Georgia Tech Research Institute (GTRI) has determined that passwords of eight characters or less are no longer strong enough to prevent hackers from decoding them in less than an hour and obtaining the names of all of your BFFs, email and banking information.
For example, those of using Google for our email, calendars, contacts and documents, we are one password hack away from all of that information being used by people who don’t subscribe to the “don’t be evil” Google philosophy.
This isn’t meant to strike undue fear into your computer hearts, just a nudge in a safe direction. Knowledge is power.
For instance, a password that is eleven characters long would take a widely available hacker’s supercomputer three years to crack. A password that is one digit more, twelve characters now takes that same supercomputer over 130 years. Three years? 130 years? Overkill? Perhaps. However, once your information is out there, it’s out there.
I should probably take this time to say that passwords that use the year of your birth, you name or anything else readily available don’t require a supercomputer of any kind to hack your information. That’s just too easy.
Here’s a list of the commonly used passwords. If your password is on here, you should just leave your wallet or purse on the sidewalk the next time you go outside.
- (your first name)
And for more fun, here’s a link to a list of 500 worst passwords, compiled in 2008. Turns out that many people are thinking about sex when they choose a password.
But back to your password. Adding a random number is a good way to increase its strength as long as it’s not your birthday or address. Adding a non-letter character such as an exclamation point or something like that helps as well.
But probably the best protection is not using the same password for all your email, Facebook, and banking sites. Sadly, a lot of people I know use the one-password-for-all philosophy.
Do I care if someone hacks my New York Times password? Not so much. Facebook or Twitter? Maybe a little more if I suddenly start spamming all of my followers, but no tragic damage. But my email or banking? That would be a serious problem.
So do I have a twelve character password for the NY Times? No. Hack away.
But the more important the website (email, banking), you can bet my passwords get longer and more complicated. And they’re all different.
But Billy, if you visit several dozen sites and your passwords are all different, how do you keep track of them?
An excellent question. I can’t. I’m getting old and forgetful. So I have a couple of password programs I use to keep track of everything. On my Mac I use Safe Place by Mere Mortal Software. $10. There are a lot of software programs out there that you can use. Just make sure it stores you data in an encrypted file so if someone comes across your data file, they don’t have your keys to the kingdom.
It’s on all of my computers and it has yet another unique password. But it’s the only one I have to remember.
To Sum It All Up
So there you have it. This Labor Day weekend, take some time to examine how you protect all of your Labor. The files you create that have any value to you at all should be backed up regularly. Think of it like this: If your data doesn’t exist in more than one place, it doesn’t really exist.
And take some care with your passwords. Don’t write them on a post-it note stuck on your computer screen. Don’t use your name or birthday. Twelve characters is very strong. A mix of letters numbers and symbols. Combine a few words if that’s easier to remember.
And because you’ve read so much here, I have a little reward for you. This is my lovely model friend Asphyxia. Is she blindfolded to symbolize her lack of a data back up plan or her careless use of easy to hack passwords? Or is she blindfolded because she’s damn sexy? Hopefully I have taught her well and it’s the latter.
The other photos on this blog are iPhone photos I took this week walking around Chicago.
Oh, and one more thing… my good friend Pete says he uses Labor Day to check the batteries in his smoke detectors. Another good way to prevent data loss. Thanks Pete!