All posts by Jerry Stern

Why Double Backups?

by Jerry Stern
CTO, Science Translations

Standard photographer’s backups consist of 3 copies, 2 local devices, with 1 copy of all data off-site. That should also be the standard for your business documents. That’s a doubled backup process. So why combine cloud backup with local image backup software and a network-attached (NAS) drive? Simple: Those three copies of the data should have different risks, so that they don’t fail at the same time.

One automated backup puts your data in two places, but if those places are both local, both have the same risks of power, theft, fire, flood, and staff. An off-site backup has risks as well, but they’re different risks, and different failures. With good planning, those risks won’t align during a large storm or a regional power outage. For example, to avoid delays retrieving your cloud backups after a major event, say, a hurricane, your cloud backup should be at least a few hundred miles away.

lightning attacks PC backups

How Do Backups Fail?

  • Crypto-malware: Ransomware will encrypt all the data it can find, and most backups will happily back up the encrypted files. Any good cloud backup program keeps a file history, and can restore by date range, ignoring bad files from after the date of an infection. A local image backup will save Windows, but not recent data.
  • Drive failure: The cost of resurrecting data from a failed drive runs from $600 to $1500, takes 2 weeks, and might not recover all the files. Basic corruption of a drive can be fixed locally for much less, but will still take 2-4 days. Restoring a local image backup is quick, but image backups are generally too big to run nightly, so they won’t contain all your newest files. Cloud backup can restore the newest versions of mission-critical files through the internet, or ship a drive by next-day air holding the entire data set.
  • Manually taking the drive home: I have NEVER seen a client who actually took that third backup out of the building consistently, but it would have saved data recovery and manual data re-entry on multiple occasions. Cloud backup automates getting your data out of the building.
  • When the burglar visits, and takes your computer, the devices plugged into it usually go as well. That’s two copies of your data, gone.
  • Sprinkler Freezes and Failures: When a fire sprinkler freezes, it makes an awful mess, basically hundreds of gallons of black, wet, and moldy rust-water on everything. All computers and backup drives are at risk, but surge suppressors left on the floor fail first, possibly taking more computers and backup drives out of commission.
  • Lightning strikes: Here’s an equal-opportunity zap. Local backups are slightly-less reliable than the power they’re plugged into, and when the lightning hits, every circuit gets a jolt, and frequently, there’s an additional jolt coming into the building through the cable modem, running through the network looking for a ground connection. When two copies of your data are attached to the same electrical circuit, both will go away when the lightning strike hits the nearest pole. Or worse, when lightning hits the cable where it enters the building.

Inside your office, your image backups, also known as full-drive backups, should be on a NAS (network-attached storage) drive, as far away from your server as you can place it. Locked into a hidden area is even better. Keep it off the floor.

Cloud backups are the only practical way to automate getting your data out of the building every day.

Caution. You may have entered a bad neighborhood.

Fake tech support popup

Here’s what that bad neighborhood looks like. there’s a scary message on your screen. it is designed to make you panic. There’s a hardware error message starting with a blue screen of death, but the blue screen message isn’t full-screen. It’s a fake. There is a urgent message to call a toll free number to have a Microsoft certified technician fix the problem immediately.

That’s not Microsoft

Microsoft does not, ever, place phone numbers in error messages. Most big technology companies don’t want phone calls, and their phone numbers are only on their support and stock holder pages. There may be an exception for sales and training events, but not much else. Every other phone call is an expense, and they will do everything that they can do to prevent you from calling them.

Next , Microsoft does not give away technical Consulting Services, or free computer repairs. They provide lots of reference materials on their websites, and free training for partners in various categories. For example, I am a Microsoft partner in their OEM and Refurbisher and Technical Sales programs, and have been through training in those areas. But even I can’t just call Microsoft and ask for a free diagnostic of a system, most of which consists of other companies’ hardware. If you actually reach them, don’t expect more than a link to: https://support.microsoft.com/en-us

Dead-end sign from PC410.com

But enough about Microsoft. Amazon is involved here. If the web address is visible on the popup, there’s a good chance that it includes aws.com, or Amazon web services, which is basically a web host with massive and scalable computing power, online and for rent. To anyone, anywhere, with computer approval based on the validity of your payment. In other words, gun for hire. Yes, they have terms of service that prohibit use for anything illegal or tasteless, but they are applied retroactively, and there is no approval process for new pages going up. You pay your money and you put up your page, and if someone complains, then a human being will look at it and if it doesn’t comply with their terms of service, it will go down until the authors create a new account and start again.

Poisoned Pages

Now I’m going to pick on Google and Bing and all the other search engines. Not every page you find on a search engine result is a safe page. There are poisonous results all over the place. The worst web results are for this search: “tech support phone number (company name).”

Nearly all searches for tech phone numbers lead to scam companies that will want to log into your computer, show you the event logs, and claim that the lengthy list of routine messages means that you need $249 to $399 of repairs and an annual service contract. Never search for tech support phone numbers: Go to the company web site, and follow the menu links for support, or call me for help–I have additional resources for many tech companies.

But how do these bad phone numbers end up at the top of a Google page? Google can be fooled, temporarily, by a black hat SEO campaign (basically, evil search engine optimization). When a search engine sees a thousand links to a site means it is popular, and it isn’t recognized as good or bad; that happens later after Gooogle has found and indexed what appears to be a keyword-heavy page, with ‘tech support phone” used repeatedly, which will never be the case of a real technology company web site. Later, Google will see that the links were identical and planted in web sites by malware, and will remove the search result, but it’s a numbers game, and it all starts again.

Expired Domains Get New Evil Uses

The bad guys do more things. They buy up expired domains that previously had moderate traffic, and they put their fraudulent sites up. The search engines mostly fail to remove the old site descriptions and search results because they’re not always checking to see if the web page is suddenly on a new server somewhere else than where it started. They catch up eventually. The bad guys are also buying up bulk misspellings of popular web sites, so typing in any popular site with an extra letter is probably going to land you on random and dangerous garbage.

Now do I blame Microsoft/Bing, Google, and Amazon? Well, it’s an arms race, largely based in parts of the world where there are no internet laws. They could say, “We want you to trust us, but first be sure that what you are visiting is really us. Here’s is how to tell the difference.” They don’t.

Years ago, Google’s official policy was to index all of the web without any commentary or analysis, ranked as best they could to guess the intent of the searcher. Now, of course, they block criminal activity in a few categories, but they’ll still show blatantly illegal content, scams, fake news, and so on.

In all fairness, the search engines want a way to decide if a site is illegal, without any risk of being sued for de-listing sites that retain lawyers. Yes, the larger illegal sites have legal counsel. So if there is any chance that a site that looks like a service company is legit, and can only be proven as a scam by doing business with them, that site remains in search results.

And you need to stay far, far away. Stay suspicious. When it’s too good to be true, it’s a scam. And when it looks like a company with no history of phone support is giving it away for free on random web pages but not on their own pages, it’s not them.