Toyman!
Toyman! MegaDork
11/13/24 10:53 a.m.

The word crowd should be cloud. This is not about Mustangs running over people.

 

It used to be that you would back up your physical local drive to a floppy disk or portable drive and take it off-site to protect your data. I used to do that with my work computer on a weekly basis. I used a thumb drive that would hold everything that was critical to running my business. I kept 5 dated copies on the thumb drive. Pictures and such were on portable hard drives and SmugMug so there were already redundant copies of them.

Then floppy drives became obsolete and they were so slow. But could could set your system up to back up everything on cloud storage. It was automatic, it was off-site, and secure. 

But times have changed a good bit. Now I find myself using Google Drive as my primary drive for a lot of things. I currently have about 20GB of data on there ranging from building plans to business files to information on my RV. I can scan hard copies in and then run them through the shredder or print to PDF and never have to print a hard copy to start with. The only copy of every purchase order and estimate I've generated in the past several years is on there not to mention contracts and other critical information I need to keep up with. It's convenient and organized. I can access it on multiple devices from just about anywhere on the planet. And, it's secure...right?

Then I started thinking, what if the cloud storage fails? Is that even possible? Should I be backing up my data that is on the cloud drive to a physical local drive that I alone control or am I just being paranoid? 

Do y'all back up your cloud drives? Do you even use cloud drives to start with? 

Inquiring minds want to know.

1988RedT2
1988RedT2 MegaDork
11/13/24 11:20 a.m.

I tend not to trust businesses to take security seriously.  I mean, when's the last time you got notice that your SSN, name, address, etc. had been obtained by hackers?  Happens all the time.  Nothing they can do, or nothing they are willing to do, on your behalf.

If it's mission critical, I wouldn't rely solely on the cloud.

https://www.theregister.com/2022/10/24/datacenter_solar_storm_emp/

 

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fi.imgflip.com%2F4tzbcg.jpg&f=1&nofb=1&ipt=6e60dc16fa6c4c4e1737f8a959776d2e8f660311e63d473a31878e2ba8d5d87f&ipo=images

aircooled
aircooled MegaDork
11/13/24 11:34 a.m.

The other concern I have with cloud backup is what happens if you want to move to a different service, or discontinue (also why I am leery of online photo storage).  I guess this is not an issue if you are only backing up and not storing what is not on your drive.

Cost wise, hard drives, even solid state ones are rather cheap.  I think you can get an 18 TB drive (that's freakin HUGE) for a few hundred!  You could back up on to drives and scatter them around (one at a remote location is a good idea) is likely the most secure way.  Just clicking a button for a cloud backup is clearly more convenient / easier.  (Although, I believe there are external drives that can be setup like this, with a physical button)

A quick look shows 2TB solid state external drives at around $150 and a 20(!!)TB spinning external drive for just over $300.  (these are sales listed on SlickDeals)

Unless you have a crap load of videos or gigantic CAD / Photoshop files, 2 TB is more than way too much for most!

Jerry
Jerry PowerDork
11/14/24 8:38 a.m.

I back up my work stuff to a flash drive every Friday, and at home I have two external hard drives for data.  One is the working copy, the other is the backup.  Anytime I save or download something, it gets saved to both.

I kind of feel like anything out in the public could go away at any time.  I remember the early days of the internet and how many free email sites there were.  I used the local company that provided my internet (Internet Access Cincinnati, run by some local geeks/nerds I had friends of friends with, while everyone else went AOL) until I hosted my own site and it came with like 100 email addresses through my domain.  I now reluctantly use Gmail, had to when I got my first Android cellphone, and seems fairly stable.

alfadriver
alfadriver MegaDork
11/14/24 9:02 a.m.

+1 for not trusting the cloud.

I don't like it when someone else has control over my files, first of all.  Second, as pointed out, security is hardly certain.  Third- I've seen issues with cloud storage energy systems- not as bad as AI power requirements, but there are really big buildings with that use a lot of energy to store the data.

But the most important thing to me is access.  With all of the travel we do, we have found a lot of holes in the cell service system.  So when traveling to those locations, we would not have the cloud.  Or in places where we specifically don't want to connect to the internet.

I would not be surprised that the massive cost of extra memory in devices is partially rooted in cloud storage systems- memory is so cheap these days- how is it that a small increase in storage memory results in a massive cost increase?  It doesn't make sense to me that the "base" iPhone, for example, only has 64G of memory- which is pretty much the same for the last decade....  But double the memory, and it's like $200.  So getting a multi T SSD is an easy choice.

Toyman!
Toyman! MegaDork
11/14/24 9:10 a.m.

I am using Google Workspace for business email. All of my employees have a company email. My Google Drive is also through them. It is a paid-for service so I don't think they will be going away any time soon. I'm more concerned with what happens when a Google server has a fault and wipes 1000 hard drives. 

I have a 2 - 1T hard drives in my work PC, one of which is mostly empty. It looks like I can set Google Drive up to mirror to it automatically. That should solve the problem. 

 

 

Tony Sestito
Tony Sestito UltimaDork
11/14/24 9:18 a.m.

Google Workspace Super Admin here. 

Google Workspace has redundant data storage in the cloud, with multiple resources backing up your data. Depending on your plan, you can even choose where you want that data to be stored geographically for compliance reasons. If the primary server where your stuff is goes offline, others will kick in to assist with pretty much zero data loss due to how it is designed. Google is better at cloud storage than anyone else, IMHO, and they make it easy.

For work stuff, it's pretty great, especially for small businesses. I'd choose it 10 out of 10 times over Microsoft or anyone else. 

Toyman!
Toyman! MegaDork
11/14/24 9:20 a.m.

In reply to alfadriver :

Storage is one of the reasons I'm still with Android. My current phone has 512GB of storage. 

If I'm out of cell coverage, it's because I want to be. In those cases, I don't need to access work information.

My sole concern is the dependability of the storage. It would purely suck if all of it disappeared one day and I had to rebuild it from memory. 

wae
wae UltimaDork
11/14/24 9:29 a.m.

Cloud storage is what I do for a living and I do everything I can to avoid using "the cloud" whenever feasible.  Look, "the cloud" just means someone else's computer.  And since it's someone else's computer, that means they can change how it works, where it is, who has access to it, and what you're going to have to pay for it without a whole lot of consent from you.  As an aside, sit down and actually read your medical providers' HIPAA statements that you always just sign off that you've received them when you probably haven't.  I don't know the exact number, but in my own reading, almost all of them say that your doctor can share your personal medical information with law enforcement upon request.  Not upon being served a warrant.  Upon *request*.  Pretty cool, huh?  Not really the point, but it is tangentially related to the conversation at hand since the provider of the cloud service is not really all that interested in your privacy, they're more interested in saving themselves hassle and headache from police, politicians, and bad press.  And nobody gets bad press because they gave someone with a badge access to your private data without a warrant; they get bad press because a guy with a badge needed information to save little Patty Sue and the Big Bad Tech company wouldn't just let them snoop through all the information that they wanted.

That's enough of that particular soapbox - I could rant for hours on that until I'm frothy at the mouth.  The other issue that you've pointed out is that the cloud provider could pull up stakes and just shut down without any particular warning.  Or they could sell the business, of which your contract with them is an asset, and now your data is stored by someone that you did not, perhaps, choose.  Basically, you have no control over the lifecycle of someone else's computer, so you could be scrambling to move your data or you may just find some day that your data is just gone.  Slightly related to that is access control and encryption.  If you're putting your data in some sort of cloud, you should absolutely ensure that you've got some sort of encryption to reduce the impact of the privacy concerns.  The downside is that you'd better be sure that you don't lose either of those because your cloud provider won't be able to help you with that - if you lose the key, you lose the data.

Another concern for cloud is access, but this depends entirely on against what you are trying to protect.  If it's in the cloud, then you're going to need the Internet to be working in order to get to your data.  For personal stuff, that may not be a big deal - if the fit hits the shan and your computer is toast and your Internet access is going to be down for a few days, you may not care that you can't get your document archive. 

Gee, Bill, you're painting an awfully dark cloud here, didn't your mom teach you what to do if you don't have something nice to say?  Okay, there are some significant benefits out there, I'll admit to that - which I suppose I should since my livelihood currently depends on people buying into this stuff.  First of all, it's someone else's computer.  If you're a multi-national conglomerate, then you probably have the resources and wherewithal to build out highly-available, highly-scalable compute, network, and storage resources wherever you need them and then maintain them to the highest levels of availability and performance.  If you're one of the other 8,199,999,000 people in the world, however, you can benefit from the scale that the cloud provider is able to provide.  They're going to have availability zones, fully redundant hardware, generator-backed, redundant power, multi-ingress Internet, and a massive staff who will make sure everything is operating as it should.  Yes, there are outages in the cloud and yes, when they happen, they are very impactful because it's not just one business that is affected.  But given the sheer number of workloads that are running in those datacenters, it's actually pretty rare and the outages tend to be relatively short.  The final bonus in that is that you're not the one that has to go figure out how to fix it - that's the cloud provider's problem.

Speaking of the cloud provider, that makes a big difference as well.  If you're buying the Backupatron 9000 service that just entered the marketplace and is making a big splash, there's a good chance they're going to fold in a short time and you'll be out of luck.  If you're going to use Google Drive/GCP, OneDrive/Azure, or Amazon's whatevertheydo/S3, then those are more likely to be around for the foreseeable future.  Those platforms are going to have a much wider application support base as well, but one nice feature is that Amazon went off and basically created the market and made their S3 API available to the world.  That means that if you've got a cloud storage provider they can probably speak S3 which means your application designed for Amazon can probably be configured to speak to that other cloud provider.

Another big benefit is that if you're sending data into a cloud service, you have site-level protection the very moment that data is sent.  You don't need to finish a copy to a removable drive and then remember to physically move it somewhere.  That means that you can completely automate the process so that your data goes off-site right away, automagically, and you never have to worry that you didn't get the external drive to the fire safe or to the remote, undisclosed bunker before disaster strikes.  It also means that the only thing you need to get to your data is a computer and an Internet connection.  Not your computer and your connection, but any and any.  As long as you've kept your credentials secured - you are using a good password manager, right? - you'll be able to access your data from anywhere.

Okay, that's a lot of theory stuff, but what about actual practice?  What does the cloud-hating cloud-guy do to backup his data?

Uhm.  I use the cloud.  Sort of.

I found a bit of Free software called Duplicati.  It installs on my Windows desktop and has a web-browser interface that I use to manage it.  I have pointed it to a S3-compatible cloud source that I've got access to.  It encrypts the data before upload so that I don't have to worry that anyone would be able to do anything with my data in the event that my bucket is compromised, and I have it set to perform the backup once a day and retain a number of copies so I can go back a day, week, month, or year.  It uses compression and deduplication to reduce the amount of cloud storage that I'm consuming - with all of my retentions, I'm using 850GiB to maintain 9 copies of just under 1 TiB of source data.  You can point that to any S3-compatible cloud provider - AWS S3 is just over two cents a gig or $20/TiB per month, and it's not likely that you'd incur a large amount of transfer fees for normal backup usage.  If you needed to perform a large-scale backup, you'd likely incur some cost for that.

If you wanted to have those files just preserved, you could use something like OneDrive, but now you're trusting Microsoft with the primary copy of all that data and as far as I'm aware, there isn't a good way to self-encrypt that data such that Microsoft doesn't hold the keys.

BoxheadTim
BoxheadTim MegaDork
11/14/24 9:30 a.m.

I think overall, this is another case of the "it depends".

In general, I have a little more faith in the big cloud providers' security than in most other companies', but if the customer uses 'password12345' to log in, well, there's only so much they can do to prevent the data from wandering out. So it's also on the user to make sure that it's hard to guess user names and passwords. Use MFA and where you can, passkeys might be a good idea.

All that said, using Google Drive itself with the mirroring feature is great, but the data in Google Drive isn't a backup.

Keep in mind what you need backups for, other than things like catastrophic local drive failures - yep, being a coffee or three short and deleting the wrong file(s), for example. For that, you ideally want a solution that backs up your computer either to a local drive (please don't use cheap thumb drives) or cloud storage on a regular, scheduled basis. I personally use Arq backup on Windows and potentially on Mac, and Time Machine on my Mac. Oh, and borg backup on the Unixy systems. That tends to protect reasonably well against file corruption and/or me fat fingering things with a differential backup on an hourly basis.

I back up too much data to make a backup to the cloud cost effective (I'd need about 25TB of storage), so I have all machines in the house back themselves up to a file server and then back up the file server to enterprise grade drives that I cycle after 2-3 years. And yes, it's not cheap. Maybe I should revisit that cloud thing and downsize that server when I look at the pile to 20TB drives...

If you do backup to the cloud - ie, something like S3 or similar - make sure you use a backup software that encrypts the data before dumping it into the cloud. OTOH having a local backup of a cloudy drive isn't a bad idea either if you lose Internet access for an extended period of time.

Re the please don't use cheap thumb drives part - flash memory in general has that nasty habit of going from fully functional to doorstop without warning. With spinning rust drives, you usually get some warning (bad sectors) instead of an instant total loss.

alfadriver
alfadriver MegaDork
11/14/24 10:40 a.m.

In reply to Toyman! :

Pretty much everything I mentioned was for personal stuff.  Remember, I don't work anymore.  And even when I did, we pretty much always had local servers or large portable drives to work with.  Even when they pushed for cloud like work, most people just used the same intranet servers Ford had set up over the years.

But I'm now concerned about my pictures and personal documents that are up there.  It's fine for specific files that I share among different devices, but not other personal things.  I even download pictures to a specific computer from phones and whatnot.  It would be horrible if the terms of service changed and pictures were lost.  Or notes were lost (and this did happen- I lost a bunch of notes that I didn't know were on a cloud instead of my device).

Anyway, my rant is all about personal stuff, not work related.

Toyman!
Toyman! MegaDork
11/14/24 10:53 a.m.

In reply to alfadriver :

My personal stuff and my pictures are on portable hard drives and stored in a fire safe.

Any pictures I want to spread around the interwebs are on Smugmug or Photobucket. I have around 6k images on each of them but all of those images also have copies on my hard disks. 

Jerry
Jerry PowerDork
11/14/24 11:03 a.m.

I forgot to mention, my website and where I work, are hosted by the same people.  A few years ago we got emails saying that both their primary systems and backups got trashed.  Sorry for the issue, we'll give you a free year of service.  (Was Kionic and now I think it's called Netfronts or something.  My Star Wars group has a forum and we keep a visual record of our previous "troops" with date/location/photo.  I have about 6 months of photos missing.)

Mr_Asa
Mr_Asa MegaDork
11/14/24 11:31 a.m.

If it's stuff that would hamper your job if you didn't have it for 24-48hrs, you need onsite backup (job dependent, banking has different needs than auto repair)

 

There is a reason this sticker is so popular

GameboyRMH
GameboyRMH MegaDork
11/14/24 12:52 p.m.

"The cloud" is not meaningfully safer than any local storage so you should treat it the same. If you had all your business data on a single hard drive (or worse yet, SSD) that wasn't backed up anywhere in case that drive failed or suffered some kind of accident, that would be a problem. If it's Google Drive instead of a physical drive the problem is at least as bad - not only could something go wrong to cause you to lose that data (it does happen occasionally, even with Google) but you don't even have physical access to attempt recovery.

I don't use a lot of cloud resources, I mostly self-host. I have gmail addresses which I back up locally every once in a while, and I have a minimal VPS that hosts some web apps and network services with very little storage which I also back up to a local server occasionally.

The main reason I bought the VPS was to get a public IP for a connection behind carrier-grade NAT, and right now I could move everything it does to another server that has a public IP, but I tell myself that the VPS which is on a cluster server is probably more reliable...but then so far, the server I've been thinking of moving its workload onto only has a few minutes per year more downtime. The VPS costs around $50 per year.

Pete. (l33t FS)
Pete. (l33t FS) MegaDork
11/15/24 6:27 p.m.

In reply to wae :

I learned that Google uses image analysis software to scan people's Drives and email for illegal content like child pornography.  That's something most people can get behind. 

 

But it's also a slippery slope.  We found that you have copies of what our AI has identified as copyrighted material so we deleted it for you.  Etc.

 

If it's not in your physical possession, you don't own it, someone else just lets you access it.

GameboyRMH
GameboyRMH MegaDork
11/15/24 6:52 p.m.

In reply to Pete. (l33t FS) :

You can store files privately on a cloud host by using something like an EncFS reverse mount: this creates a virtual filesystem that presents encrypted versions of the files on your drive, no extra storage or processing time needed. Back those up, and your cloud provider sees your files as looking like random noise.

Edit: Was looking into newer options to do the same thing, and there's still nothing else that does it. EncFS has a flaw where the encryption can be weakened if an adversary can write to the encrypted files and you continue to use the modified files though. Not a problem if you're just continuously overwriting with updated backups.

You'll need to log in to post.

Our Preferred Partners
3swrw8fQLtZE8QxVDfnyE2DaQjJ70GiVmkPZjGy4D0sJGELbh6Nz9U5eF0ifMVcz