Secure your data. Protect your business. Save your life!

21 May 2007

Data Security

This may seem a dry subject – like insurance – but data security is an issue that should be dealt with as a matter of priority.

It can cost days, if not months, of work if data is lost and you have no backup. It can happen in so many ways. Inadvertently deleting that important folder when your mind is elsewhere. A freak bug in a software application. A power surge ruining your hard drive. A drink spilled over your notebook. Or simply a hard drive failure or corruption of data.

Most of the time nowadays, computers are extremely reliable. Deleted files can usually be recovered from the Recycle Bin. Data from a hard drive can often be retrieved.

However, it does occasionally happen that important data is lost. Even in a minor case, it can be very expensive or time-consuming to recover the data. In some cases, can be devastating for your business. Particularly if a notebook is lost or stolen and someone else gets access to your data.

Here’s what has happened to me, despite occasionally backing up my data. I had transferred several days’ worth of photographs to my computer and began the work of retouching them. I decided to create a separate catalog file in Adobe Photoshop. I happened to give it the same name as the folder the photos were in and, due to an obscure bug in the software, all the photos were wiped out. Not deleted and stored temporarily in the recycle bin, but completely wiped clean! I spent the next few hours using data recovery software to try to locate the files on the drive, but to no avail. Only the last few photos were still on the camera’s data card, but hundreds of photos were gone. I hadn’t got round to making a backup since the previous week, so I had no backup either. I had spent the last six days solid, travelling all around the city to take these photos. I would have to do that all over again!

Of course, if they had happened to be pictures of a recent wedding or corporate event then this could mean disaster.

I have a friend whose disk failed. He has about three year’s worth of personal photos, videos and other data, which he lost. He also had all the material for the publication of a monthly magazine. Despite it being not a total disaster, it has cost him dearly.

He was able to recover some data from an old archive drive. The last time he backed up was about two years ago. And he managed to rewrite the magazine and only lost two weeks. He lost another week, trying simply to recover the data and it turns out that if he is prepared to spend about $1,000 then some of the data might be recoverable by opening the disk in a clean room.

On another occasion, I inadvertently spilled a glass of water over the keyboard of my notebook. The repair shop told me that it was ‘uneconomical to repair’ so I retrieved the hard drive from the damaged computer and bought a new notebook.

Only to find that when I attached the drive to the new computer, the data wasn’t readable. You see, I had used the encryption feature in Windows to keep sensitive information secure from prying eyes. Unfortunately, Windows encryption is locked to a specific computer and I hadn’t been aware of the need to backup the various keys that would allow me to access the data on another computer.

Never mind, I had made backups of all my documents onto an external hard drive. So I would only lose a couple of days’ work.

The trouble was that I had used the encryption feature on the external backup drive also. And Windows wouldn’t allow me to access the data here either. My last unencrypted backup was made three months previously! I spent the next two weeks on the phone to Microsoft and various data recovery specialists to try to get my data back.

It was useless. Three month’s work down the drain – and, even worse, three month’s worth of correspondence, which I had kept in Outlook, gone for good.

Of course I had to move on and make do with the odd printout I had. Luckily, I had emailed some work-in-progress to various clients and colleagues, so I was able to recover some of the work that I had done. But the next month or so was spent basically re-doing the work that had been lost.

I did manage to recover the data in the end. I bought a second-hand computer, the identical make and model to the one that had got damaged, and inserted the old hard drive. Voilá! I was able to boot up using the old Windows configuration and access the encrypted data.

However, I now had several versions of data on different drives and folders that I didn’t get round to tidying up for another six months.

Yet, no matter how careful or dilligent one is about data security, losses still inadvertently occur.

Recommendations

So this is what I’ve learnt.

  1. The first and most important is to subscribe to an online backup service where your data is automatically and transparently backed up, without any intervention on your part. I use Carbonite because, despite its limitations in providing feedback on its operations, it backs up every file continuously, almost as soon as it has been modified. As I have an always-on broadband connection, this means that my backups are securely encrypted and always up to date. It also integrates nicely with Windows Explorer and allows me to back up all sorts of obscure system files or files stored in application folders. And it only costs $50 p.a.

    (Update: in some ways, this service is perhaps too simple, because it is difficult to know what it’s doing.)Other similar online backup services include iDrive (the first 2GB free) and Mozy. It is worth looking at these too, but whichever one you choose, ensure that your data is being backed up transparently and continuously.

    Relying on CDs or DVDs or external drives is risky because one inevitably makes these back ups intermittently, usually every few days or perhaps even only once a week. This could mean days worth of work being lost, even if you do back up.

  2. Encrypt your hard drive. Especially if you have a notebook. There is so much personal and valuable commercial information on a hard drive that if it gets into the wrong hands, it could ruin you.There are several systems around. I used to use the built-in Windows encryption file system (EFS), but didn’t realise that it is not meant to encrypt external drives either, and gets locked to your computer hardware – even if your data drive is intact! The lesson is to use a third-party system instead, costing around $50-$100. Encrypted Magic Folders is quite good, but perhaps a bit dated now. Others include HandyCrypto and TrueCrypt (which is free). Here is an excellent resource for on-the-fly encryption software: www.thefreecountry.com/security/encryption.shtml.Just make sure you have some way of keeping your passwords safe. There’s no point in locking your front door, if you hang the key on a hook on the doorpost!

Data security is cheap and effective. Do it now while before it slips from your mind. Or face the inevitable consequences of the loss of work-in-progress or your privacy.

It costs only around $100 to secure your data. If you consider how much even a day’s work is worth to you, the price is negligable.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: