FileSlinger™ Backup Reminder 3-25-05: Often Imitated, Never Duplicated

Sunday, just as I was about to start working on my taxes, my laptop started beeping wildly at me and then shut down. Despite the fact that it was plugged in, it wasn’t getting power, and the battery had run out. I considered screaming and tearing my hair (even though I don’t really want to see how much money I owe the IRS) and checked all my connections. There was no obvious problem. Everything was plugged in. The power light on the AC adapter was glowing green. The “charging” light was flashing red. But I still couldn’t get it to run.

After hauling the machine over to the local PC Club and testing another AC adapter (a process which took until Monday morning), I was forced to conclude that the problem was not in the adapter itself, but in the internal connection between the socket for the power supply and the CPU and battery.

Worse, PC Club, like most places, doesn’t do what they call “board-level” repairs on laptops. In fact, hardly anybody does repairs on laptops, because they have such nonstandard innards. As someone who has used exclusively laptops since 1994, naturally I have had to make it my business to know someone who does repair laptops. So I called Charles at McTek Systems in Berkeley and asked him what he thought about my problem. The answer: probably half an hour’s work and $195.

My cash flow has been a bit constrained lately, so I couldn’t just drive down to Berkeley and get the repair done on the spot. Fortunately, I was able to run the computer for long enough on Monday morning to back up all the files I’d been working on Sunday to my handy external hard drive. That meant that as long as I could get hold of a computer with the appropriate software, I’d have access to all my files and be able to work.

A geek friend of the hardware-collecting variety offered to let me use his Windows 98 notebook for the week, and that’s what I’m typing this on. Like most machines of its vintage, it’s a bit slow. The screen is smaller than mine, even though the laptop itself is the same size. Most of the software installed is at least one version behind what I have on my own machine, meaning that I couldn’t open many of my files even if I could get it to recognize my external drive. (There’s no FireWire port, and the USB drivers I downloaded don’t appear to have had any effect.) I did at least manage to download and install drivers for my tablet. It’s bad enough having the cat sitting on your hands without trying to do all your drag-and-drop or drawing work with a trackpad.

I can also use my housemate’s WinXP computer when she doesn’t need it, and at least I can see the files on my XHD from there. On the other hand, I had to install several programs yesterday in order to accomplish things that I could normally do quite easily on my own machine. And I can’t connect it directly to my wide-format printer, because I don’t have a long enough cable. Backing up the contents of your computer is one thing. Anyone can duplicate files and even clone entire hard drives. Keeping a duplicate computer around is something else.

I have a friend who always buys at least two of any item of clothing that she really likes. That way, when the first one gets worn out, faded, stained, or snagged, she can start wearing the second one. The logic is simple: by the time the first item wears out, something completely different will be on the shelves in the store where she bought it.

New models of computers and computer components replace old ones in much the same way. But how many of us are going to buy two computers and keep one in storage against the time we need it? Even a laptop is going to take up space as it sits pristine in its box—and if it isn’t well-packed, it’s going to be more vulnerable to dust and other hazards.

A large corporation might have a contract with a major manufacturer to supply thousands of machines that are exactly alike and to run software from a central server. Getting a replacement indistinguishable from the original might be fairly easy in those circumstances. Most independent professionals aren’t in that kind of position, though. There might be a home and an office computer, or a desktop and a laptop. The point of having more than one computer is usually to have them serve different purposes. One is often newer than the other, and there are almost always some differences between them. A machine customized for one family member may be completely baffling to another. So when a computer has to be repaired and we’re left without one for a while, it’s very inconvenient.

My problems this week are nothing that a decent-sized contingency fund wouldn’t have solved. As long as you’ve got the wherewithal, hardware can be replaced. But we all have data that no amount of money can replace, and my data, at least, is safe.

The check I was waiting for has now come in, so I can finally get my laptop fixed. Next week, I’ll be writing this on my own machine.

Enterprise IT Planet Backup Discussion

Today Enterprise IT Planet's "AntiOnline" section turns its spotlight on backup procedures, as a contributor makes the shocking discovery that his company's infrastructure team was not up to par, and fellow geeks chime in on what you need to keep an enterprise IT backup structure working. No prizes for a page layout that makes the article almost invisible between ads, though.

FileSlinger™ Backup Reminder 3-18-05: The Psychology of Data Loss

Some time ago the Ur-Guru sent me the following question as a suggestion for a backup reminder:

“Is it better to lose your data due to hardware failure and thus have a brand, device, electronics, or piece of metal to blame, or to lose your data because you did something wrong or accidentally weren't thinking when you deleted files? The latter case you'd want to ram your head into a wall. In the other case you tend to put your anger towards a piece of plastic.”

I could add “software failure” to “hardware failure” in that list and have the essence of the question be the same: would you rather blame a person or a product? If you lose data, does it matter whether it’s your fault?

Emotionally, it probably does. In the face of such trauma, the desire to blame something is a strong one, though the preference for blaming a machine versus a person (or another person versus yourself) is a matter of individual character.

Yet the actual damage in either case is the same: your data is gone. That could mean anything from inconvenience to going out of business, depending on the data you lose. Even when you have intact backups, losing data usually means inconvenience, because you have to take time to restore the data. If you don’t have backups, or if your backups are damaged, losing the data you’re working on can mean disaster, and in the end it won’t matter why it happened.

Almost everyone in the backup business—myself included—frames the importance of backup and recovery systems in terms of potential lost data rather than potential saved data. This is because of the way the human brain works. As the authors of Selling to the Old Brain point out, one of the key points in marketing anything is to “diagnose the pain”. Psychology experiments have confirmed that people will take more risks to avoid loss than to secure gains.

Spending money on backup software and hardware or on a complete data protection system can be seen as a risk, especially in an economy where there isn’t enough money to begin with. And there are no obvious, visible positives that come from backups—at most you have stacks of tapes or disks that have to be stored somewhere, and the associated transport and storage costs. If you’re paying for an online data protection system, you may not even have that much visible result.

Investing in a backup solution is like buying insurance: what you really hope is that you’ll never need it. Indeed, I’ve heard backups described as life insurance that doesn’t just pay out to your beneficiaries but actually resurrects you. And of the two, drive failure and other causes of data loss are more likely than accidental death and dismemberment.

So back up your data today, unless you wanna see something REALLY scary.

Enter the Millipede: Huge Storage Capacity, Tiny Package

How many DVDs can dance on a postage stamp? 25 of them, if the stamp in question is IBM's new prototype Millipede storage chip.

The Millipede is essentially a punch card (anyone remember punch cards?) on an incredibly small scale. How small? You can fit a trillion bits (better known to geeks as a terabit) into one hole on an old-fashioned paper punch card. And it's rewritable.

The technology involved in this is pretty mindboggling, at least to me. And it's not ready for the consumer market yet. No doubt the first Millipedes to hit the market will be expensive, but pretty soon after that, we'll see a lot of high-capacity lightweight storage devices, and flash memory may go the way of the 5.25" disk.

Unfortunately, what we'll also see is increasingly bloated new software and file formats which eat up all that storage space and leave us essentially where we were.

FileSlinger™ Backup Reminder 3-11-05: Searching for Backups

Last night I missed a great opportunity. I could have asked Google co-founder Larry Page about what kind of backup system Google, Inc. uses, but I forgot, so now I’m going to have to find out by another means.

You may not know this (I didn’t), but in order to provide its indexing services, Google has to download the entire World Wide Web. Most of us, as individuals or business owners, only need to worry about backing up our own websites. Google has to back up everyone else’s sites, too. (Which is, of course, why pages can exist in the Google cache when they’ve been taken down from the Web, but Yours Obliviously never thought of that before.)

What was I doing at the Googleplex last night, anyway? Attending a University of Michigan Alumni Networking Night, actually. It turns out that Larry Page was at U-M during the same years I was, but since he was an undergrad in Engineering and I was a grad student in Classical Studies, our paths never crossed. While Larry was building programmable plotters out of Lego™ and attempting to convince the administration that they should replace the diesel buses between North and Central Campus with a monorail, I was working as a teaching assistant, translating and producing Greek and Roman plays, and attempting to write a doctoral dissertation. (I never did finish it, but then, Larry never finished his PhD at Stanford, either. On the other hand, I don’t have a billion-dollar IPO to show for my non-doctorate.)

Even without asking the crucial question, however, I can say several things about Google in relation to backups. The first is that without Google Alerts, I would long ago have run out of things to write in this newsletter and post on the Backup Blog—at least, without spending all of my time doing research instead of working. (Google, of course, has changed the nature of research.) I signed up for a daily alert on the subject of "backup," and every day I get a collection of news headlines. About a third of them relate to sports, a third to traffic jams (a type of backup I did indeed encounter on my way down to Mountain View), and the other third to computer backups, with occasional references to something else. It was through Google that I heard about the Bank of America scandal, for instance, and many other topics that have appeared here over the last several months.

Then there’s Google’s new joint venture with Michigan: scanning 7 million books from the U-M libraries, the better to make them searchable. Naturally Larry didn’t get anywhere remotely near revealing any proprietary technology that might be involved in that project, but he did assure us that it was a non-destructive process and the books themselves would remain intact. Given that many of those books are rare or out of print (or soon might be, given the limited print runs of most academic books), the project acts as a massive library backup system. (See Google Print for sample results.)

Which brings me back to my original question: how in heck do they back all that up? I promise to let you know as soon as I find out.

Hope for Bank of America

Cashing in on the recent highly-publicized disappearance of Bank of America backup tapes, GST, Inc., of Lake Forest, California, has announced the release of a host-to-tape on-the-fly data encryption appliance called SafeDATA™. The product pages on the company's website include a handy 12-page presentation explaining what SafeDATA™ is and why it's a necessary addition to tape backup systems.

SafeDATA™ is about the size of an external hard drive, but with a starting price of $17, 250, it's not likely to appeal to the SOHO market. Most home-based businesses and independent professionals don't use tape backups anyway, and encrypted hard drives can be purchased for far less money.

But I hope Bank of America's IT department is rushing out to buy them. I don't want it to be my financial data that falls off the back of a truck.

Source: BusinessWire, March 7

2 for 1 USB Flash Drives at Office Depot

Office Depot is having a buy one, get one free sale this week on PNY's Attache 128 MB USB 2.0 flash drives ($29.99 each; offer available in-store only). If you've been thinking a key drive might be handy for moving between home and office, now's a good time to pick one up.

FileSlinger™ Backup Reminder 3-4-05: Banking on Backups

Lost backups seem to be the theme of the week. There was the break-in at Lasso Logic (see my March 2 Backup Blog entry), where some enterprising thief (or competitor) made off with the backup servers, for instance. But the big scandal is the disappearance of more than a million SmartPay® records somewhere between Bank of America and its backup facility.

SmartPay® is a General Service Administration program to provide charge cards to government employees and contractors. Bank of America is one of five financial institutions responsible for these accounts, and the missing backup tapes contained customer and account information for 1.2 million government employees, including senators Patrick Leahy and Elizabeth Dole.

If verifying tape backups is rare, encrypting them is even rarer. I don’t normally encrypt my backups, and neither do most people I know.

On the other hand, I keep my Quicken data, my passwords, and any proprietary or financial information about my clients in encrypted files. Doubtless any really professional hacker could still break into them, just as such a person could figure out my Windows Logon password easily enough. But it’s enough to keep casual burglars and curious visitors out of my files.

And if I can do that much, you’d think a bank would realize it needed to encrypt its backup tapes. Banks are, after all, the most obvious targets for large-scale data theft. Bank accounts belonging to the government are, if possible, even more tempting targets. (After all, whose card would you expect to be able to charge more to, mine or Uncle Sam’s?)

I personally find the fact that it was those particular tapes which were stolen highly suspicious, and the disappearance raises a great many questions about other aspects of the transport and security of Bank of America’s backup tapes. Do they send them in armored cars with guards? If not, why not? Pound for pound, the information on those tapes is worth more than cash. If so, then how did the tapes get mislaid? Was this an inside job? Do I need to take my money out of Bank of America? (But if I do, would it actually be any safer elsewhere?)

One hopes that this incident, and certain other recent highly-publicized cases of data theft, will cause financial institutions and other corporations to re-evaluate their backup policies. Continuity Central has some suggestions, including using RFID tags, bar codes, or even GPS locators on the tapes for better tracking, encrypting the tapes, and not using tapes at all. All of those sound like good suggestions to me.

Small and home office users probably don’t need to go as far as bar codes, RFID, or GPS, but I strongly advise you to password-protect not just the backups of any sensitive information you have, but the files themselves. Outlook PST files, ACT! databases, and Quicken and QuickBooks account files can all be password-protected. And your passwords themselves should be password-protected. (There are several freeware products for this, and others which will generate random passwords with as many characters as you want.) If you have lots of sensitive data or many people have access to your office, you definitely need a logon password, and might want to consider a LockBox drive for your backups.

And you might just want to ask your bank what it’s doing to keep your account information secure.

Don't let this be you!

The sheer irony of this story makes it newsworthy. The general manager of Lasso Logic, a company which is developing a Continuous Data Protection product, lost all her data when the company's backup servers were stolen in a break-in over the weekend. She was the only employee who had failed to back up her own data onto the offsite CDP server as well as the local backup server. (Personally, I'm wondering just who would be interested in stealing their backup servers.) Read all about it on Business Wire.