Backup! Backup! Backup!
Volume Number: 20 (2004)
Issue Number: 12
Column Tag:
Programming
Backup! Backup! Backup!
by
Brad Belyeu
Data Security for the Extremely
Paranoid
Welcome
It's
similar to earthquake, fire, or (where I'm from) tornado drills. You
hope you never have to
use it, but you do it in case of emergencies.
Such is the case with data backups. A major problem
with backing up
data is that it changes so frequently. A backup is only as good as
it is current.
Applying Murphy's Law to a backup situation means that
disaster is going to strike when you haven't
ran a backup for some
time. When is that last time you've backed up your data?
Why Should I Backup?
Hopefully
you've never had to deal with data loss, but if you have I'm sure
that you understand
the necessity of backing up your data. In my
experience, most businesses are so dependent on
computer data that
they would go out of business if they lost it all overnight. Imagine
working on
a programming project for work or school over the last
several months and then losing it all and
starting over. To make
modern an old adage, "A Megabyte in time, saves nine."
Here
are the most common reasons you should keep a current backup:
- The most overlooked reason why you should frequently
backup, is accidental deletion or
corruption. What if you're working
hard on a file and your Mac shuts off, and you reboot only to
find
that the file you were working with will no longer open because it is
corrupted. You or
someone else using your machine could accidentally
delete the file or make changes to it that you
want to undo. There
are numerous scenarios that could effect the security of your data.
- Hard
drives crash! This is something we all have to live with.
Hard drives are basically read/write
heads hovering a fraction of an
inch over the top of platters that are spinning 7,200
times/minute
all inside an airtight seal. A small speck of dust
would be detrimental! Having professionally
serviced Macintosh
computers for years, I know that hard drives are one of the most
common
components to fail.
- If you're a notebook user, your Mac is
a prime target for theft. Mac iBooks
and PowerBooks have a high
resell value. If you like to carry yours around, you should make
sure
you have critical files backed up in a safe place.
- Natural
disaster/fire seems rather unlikely,
but it does happen. Insurance
might pay for you to get a new computer, but they can't recreate
your
data for you if you didn't backup. In this case, not only do
you need to backup, but also you need
to backup your data to a
different physical location.
- Viruses aren't currently a problem
for OS
X users but could be in the future. Viruses have been known
to delete files or corrupt entire
drives. This shouldn't be
overlooked as a good reason to have a recent
backup.
Media & Software
With
current technologies, there are a variety of ways to backup your
data. Not all backup
options are created equal though. I'll rate
each option on capacity, dependability, speed, & price.
- Zip disks are slowly fading into antiquity. I say slowly because
there are a lot of
die-hard zip users out there, and in its day a zip
disk was one of the best backup options you had.
Today there are
options that offer more space for less money. Internal zip drives
aren't sold in
many retail stores, but a 750mb zip drive can be
purchased from Iomega online for $149.99. The
disks are around $15
each when purchased individually. Assuming you already have the
drive that's
around two cents per megabyte. The 250mb zip drives are
much more common and can be purchased for
$100 online. The disks can
be found for lessthan $15 per disk. The rate at which data can
be
stored to or retrieved from the disk is average. Zip disks can be
overwritten and reused, but they
are not permanent. Zip disks will
go bad eventually, just ask anyone who's used them much. Zips
can be
stored off-site, but as with any magnetic disk, you don't want to
store your disk next to any
kind of a magnetic device. Overall, zip
disk backups are better than no backups at all; but there
are better
options.
- CD burner drives are a better option than zip drives in
my opinion. Creating CD backups is
definitely the cheapest option
available for users with moderate backup needs, and any new
computer
purchased will come with a recordable CD drive. 700mb CD-R
discs can be purchased for a fraction of
a dollar each. When a CD-R
is full, you can't write over any of the files. If you use
an
application like Toast, multiple sessions can be written to a CD-R
until the disc is full though.
Normally when backing up to CDs,
you'll just through away your older backups. CD-RW discs are
more
expensive but allow you to erase and rewrite the disc. The
problem with CD-RWs is that the process
of erasing and reusing them
is time consuming, and there are a limited number of times a disc can
be
erased and reused. The speed of writing to a CD with current
technology is pretty fast and
retrieving data from a CD is quicker
than most data backup options. CDs are a dependable backup as
long
as you have a good case to store them in. If you're just throwing
them in your desk drawer,
they scratch easily making the data on them
hard to retrieve. CDs are a good option for people
needing a modest
backup option for specific files or folders. But someone who wants
to backup an
entire drive or large folders will face the
inconveniences of using multiple CDs to store the data.
There are
better options for those looking for large-scale backups.
- DVD
burner drives offer many of the same benefits as a CD backup, but
they will hold over six
times the amount of data that a CD will hold.
A single layer DVD will store over 4GB while a dual
layer will store
8GB! As of this writing, dual layer drives are available for
purchase, but I
haven't been able to find dual layer disks anywhere.
The cost on backing up to DVD is more per
disk; but considering that
you can fit so much more data on a disc, it evens out to about the
same
per megabyte. With the costs of DVD discs falling and the speed
of DVD drives improving, DVD
backups are the way of the
future.
- USB Thumb drives (a.k.a. flash drives, jump drives) have
become a recent addition to the backup
arsenal. While most people
use these devices for transporting data, they can also be used for
data
backup. These drives are very diverse in both size and price.
A 512mb drive can be purchased
online for around $50. Considering
you don't have to purchase disks and data can be
rewritten
indefinitely, thumb drives are bargain option for
small-scale backups. Also because there are no
moving parts the
drives have a very long lifespan. The only problem with them is that
because they
are so small they can be easily lost or stolen. With
most of the new thumb drives coming with USB
2.0 speeds, they offer a
decent speed at which files can be stored and retrieved. I have a
thumb
drive that I use specifically to backup my QuickBooks data
file. This is, of course, in addition to
my other methods of backup.
Every fourth time you exit QuickBooks it will ask you if you'd like
to
back up your data. At that point I plug in my thumb drive, click
'Yes', and navigate the menus to
the mounted drive. After saving the
file, I dismount the drive and put it away until next time.
Thumb
drives make for stylish, easy, and cheap backups. There are only two
drawbacks to using thumb
drives that I can see. First, the drives
aren't (yet) large enough for me to backup my entire
system.
Secondly, it would be an easy item for someone to steal which puts my
important data at
high-risk.
- The best option for backing up
large amounts of data is to another hard disk. If you need
a
large-scale backup, a secondary drive is the most affordable and
time effective way to backup your
data. There are several ways to do
this. The drive could be setup with a similar drive to create a
RAID
(redundant array of indexed disks). I strongly suggest that people
create a mirrored RAID
instead of a striped RAID because your data is
much safer. In a mirrored RAID, data is mirrored on
each drive. The
drives end up being an exact copy of one another. Inside your
operating system
they appear to function as one drive. But if one of
your drives ever fails, your data is completely
safe on the second
drive (assuming that both your drives didn't fail simultaneously,
which is highly
unlikely). The trick to setting this RAID up is that
the drives must be setup before you can save
data or install an OS on
them. If you create a RAID with a disk that already has data on it,
you
will lose all the data on the drive because the drive must be
repartitioned. To create a RAID disk
with Disk Utility you must boot
to another volume, and then start up Disk Utility (normally found
in
the Applications/Utilities folder). With one of the disks (not
partitions) selected in the left
panel, you can click on the RAID tab
in the right panel. From there you drag the disks you want to
use to
create the RAID into the appropriate fields. After the RAID is
setup, the two separate disks
will appear as one in both Disk Utility
and in the Finder. If one of your hard disks ever fails,
you'll get
a message with a chance to rebuild the RAID from the remaining disk.
This saves your
data in the case of a hard drive failure. Some
people have a second internal drive that they backup
to that is not
setup as a RAID. Even though I recommend RAID, there are times when
running the
second drive independent from the first will work. More
often an external hard drive is used to
backup data from the primary
drive. External hard drives are somewhat delicate pieces of
equipment
and shouldn't be transported more than necessary. If the
drive falls several feet or gets slammed
around at all, its likely to
fail. But if handled with care, external drives can be a
very
dependable backup option.
- Another excellent way to backup
your data is to a remote computer. Backing up to a remote
computer
presents its own set of challenges, such as bandwidth and security,
but generally allows
data to be stored in a secure environment away
from your physical location. You can also backup to
another
server/computer on your LAN. If you're working in an environment
with many users on
multiple computers, setting up a central server
for data backups is a very smart solution saving
both time and money.
When left up to end users, people usually neglect to backup their
data. But
with a server, the process can be automated with a variety
of software packages and protocols, and a
centralized administrator
can make sure everyone is backing up on a regular
basis.
Software Solutions
Of
course you could just use the finder to drag and drop necessary items
on a daily basis to your
backup volume. But how boring is that. As
programmers we believe that anything capable of being
automated
should be! Plus backups are far more likely to happen if we don't
leave it up to people
to remember daily.
- One very
simple and affordable option for reliable and secure backups is a
.Mac account. iBackup
is a software package developed by Apple
specifically for .Mac users. It can be used to backup to
your iDisk
which Apple recently expanded to 250mb. Apple's iDisk isn't large for
a comprehensive
backup, but some major items from your home folder
can be backed up. I use some of the default
suggestions and then
added my mailboxes to the backup list. My contacts, stickies,
calendars,
passwords, mailboxes, some business documents all fit
easily inside my allotted space. iBackup can
also be used to backup
to a CD, DVD, or another hard drive making it a flexible utility.
Because it
allows the capability to backup to another hard drive, you
can actually backup to any volume mounted
on your computer including
network mounts. iBackup allows for you to schedule a time to
perform
regular backups; and as long as your computer is turned on,
it will automate the entire process for
you. iBackup is an excellent
utility with one minor drawback- you must have a .Mac account for
the
software to work. The software checks in system preferences when
you start it up for a valid
username and password to .Mac. I believe
my .Mac account is well worth the $99/year that I pay for
it simply
for the backup utility alone!
- There are many free options for
backup software; but if you're in a business environment,
you'll
probably want the power and flexibility of a commercial
product. The great news is there are many
great off-site backup
packages that work with Mac OS X. These companies normally provide
you with
software and server space to backup. If you have large
backups, this can get rather expensive, so
in a small business
environment, you might consider doing an off-site backup for your
most critical
data along with entire system backups daily in-house.
One great application that can be used for
remote or local backup is
Retrospect. I've only used Retrospect Express, but it is a very
powerful
way to backup a lot of data to any type of media as
routinely and quickly as possible.
- For those of us who don't
want to pay a lot for backup software but still need our entire
system
backed up, Mike Bombich's Carbon Copy Cloner saves the day.
CCC allows you to create a bootable
backup of your volume by copying
it to another hard disk. You can also choose to create an image
file
on the target disk instead of making a clone. CCC uses the ditto
command to copy the entire
drive including important resource forks.
CCC also allows you to synchronize the source to the
target only
backing up items that have changed. This can save a great deal of
time and processing
power. Another option in the preferences allows
to you encrypt the disk image saving it from prying
eyes. CCC is a
great shareware application that can be downloaded from:
http://www.bombich.com/software.
- FTP
can be another great way to backup. I've setup a SFTP server on my
PowerMac to use as a
backup server for my other computers. I
recommend only using Secure FTP (SFTP) when backing up over
a public
network because it will encrypt your data. Most importantly it
encrypts your
username/password so that someone using a network
sniffer can't steal that valuable information and
gain access to your
FTP server. My FTP client of choice is Transmit because of its great
interface
and apple scripting ability. I use it to automatically
synchronize my iBook's home folder with a
home folder on my
PowerMac.
Transmit can be automated with some simple
applescript. Open Script Editor (found
in
Applications/AppleScript/Script Editor) and try typing in the
following script entering the
appropriate values for your
configuration to backup your home folder to a remote server
running
SFTP.
-- *** CONFIGURATION ***
set myServer to "169.127.0.1" -- Put your server address here
set myUsername to "MacTechReader" -- Put your username here
set myPassword to "password" -- Put your password here
set myServerPath to "/BackupHere" -- This is the path to save
-- on your server
set myLocalPath to "/Users/MacTechReader" -- this is the path to backup
-- *** END CONFIGURATION ***
try
tell application "Transmit"
make new document at before front document
-- Creates new window for use
tell document 1
if (connect to myServer as user myUsername with password
myPassword with initial path myServerPath with
connection type SFTP) then
-- Tries to connect to the server with my username and password & the path
-- specified using Secure FTP.
if (set your stuff to myLocalPath) then
synchronize direction upload
files method mirror with time offset 0
-- Uses the synchronize method to upload files and deletes files on the
-- server that are not found on the local computer.
else
display dialog "Sorry. Could not set local folder."
end if
else
display dialog "Sorry. Could not connect to remote server."
end if
end tell
end tell
end try
delay 1
tell application "Transmit"
activate
end tell
tell application "System Events"
tell process "Transmit"
tell window myServer
keystroke return
end tell
end tell
end tell
tell application "Transmit"
quit
end tell
Save this script and then you can insert it in your
startup items (inside Accounts pane of System
Preferences in OS
10.3). Transmit will automatically open and synchronize your files
with the
remote server on startup. If you don't reboot your Mac
often, a crontab can be created to run the
backup at a specific time
of day at certain intervals using the osascript command. Cronnix is
a
shareware application that gives you a GUI to work with crontabs.
CronniX and its documentation can
be downloaded at
http://www.koch-schmidt.de/cronnix.
This
crontab is set to run at 8AM the first day of every week regardless
of the day of the month
or which month it is. The command osascript
launches an applescript file from the command line and
should be
followed by the path and name of your applescript.
- Another
good option for a quick backup is creating your own shell script.
Ditto is a
powerful command for backing up to a mounted volume, but
rsync is an even better option. Rsync can
be used to create a backup
of a file on the same disk, another volume, or a remote host.
According
to its man-page there are eight different ways to use
rsync, and they are:
There are eight different
ways of using rsync. They are:
- For copying
local files. This is invoked when neither source nor destination path
contains
a : separator.
- For copying from the local machine to a
remote machine using a remote shell
program as the transport (such as
rsh or ssh). This is invoked when the destination path contains
a
single : separator.
- For copying from a remote machine to the
local machine using a remote shell
program. This is invoked when the
source contains a : separator.
- For copying from a remote
rsync
server to the local machine. This is invoked when the source
path contains a :: separator or a
rsync:// URL.
- For copying from
the local machine to a remote rsync server. This is invoked when
the
destination path contains a :: separator or a rsync:// URL.
- For
copying from a remote
machine using a remote shell program as the
transport, using rsync server on the remote machine.
This is invoked
when the source path contains a :: separator and the --rsh=COMMAND
(aka _-e COMMAND")
option is also provided.
- For copying from the
local machine to a remote machine using a remote
shell program as the
transport, using rsync server on the remote machine. This is invoked
when the
destination path contains a :: separator and the
--rsh=COMMMAND option is also provided.
- For
listing files on a
remote machine. This is done the same way as rsync transfers except
that you
leave off the local destination.
Rsync is
installed by default on Mac OS X, but if you need documentation or a
download for
another machine you can visit
http://rsync.samba.org/features.html.
Rsync
can be set to work without authentication if you are running a rsync
server on the remote
host. If you're not running rsync server
remotely a password has to be entered to authenticate thus
making an
automated backup a little more difficult. Here's an example of a
command you could put in
a crontab specified to run at a particular
time (keep in mind someone must type in the password
before this will
execute):
rsync -r /Users/myUsername/Documents
myUserName@myRemoteHost:/myRemoteDirectory
The -r option
uses recursion to copy an entire directory. If you'd like more
information on
setting up a rsync server so that a username and
password do not have to be entered, read the man
page for rsyncd.conf
for details.
Security & Encryption
If data is important enough to backup, you don't normally
want just anyone to be able to read it.
Precautions must be taken to
make sure the data is safe from prying eyes. In a remote
transfer,
always be aware if the data is being sent encrypted. You
can use ssh as an argument to rysnc and if
a computer has remote
login enabled you can encrypt your entire session. Secure FTP is
encrypted
during transmission, but not regular FTP. But even if
you're backing up to an external hard disk,
you might want to encrypt
your data after it is stored in case of theft. If you use Carbon
Copy
Cloner you can tell it to create an image and encrypt it,
otherwise you may want to use Disk Utility
after the backup to create
an image from your backup and encrypt it. After all the recently
made-up
Chinese proverb says, "Sometimes it is worse for data to fall
into wrong hands than to be lost
completely."
Brad Belyeu is the President of ABConsulting based out of
Oklahoma City, OK. He is
an Apple Certified Technician and a member
of the Apple Consultant Network.
