Apple co-founder Steve Wozniak this week warned of the perils of depending too much on cloud storage and the general press reacted like this was: A) news, and; B) evidence of some inherent failure in cloud architecture. In fact it is not news (Woz never claimed it was) and mainly represents something we used to call “common sense.”
However secure you think your cloud storage is, why solely rely on it when keeping an extra backup can cost from very little to nothing at all?
No matter whose cloud you are depending on it will be subject to attack. Bigger targets get more attacks and something as big as DropBox, say, is a mighty big target, while that spare hard drive attached to a PC at your house (or my preference — the house of a friend) is generally a target too small to even be noticed.
Whether it is bad guys stealing cloud data or generally good guys losing or otherwise screwing-up your cloud data, once it is out of your control that data is effectively gone. To read the news reports about this story it is not just gone but also now someone else’s property, given to them by you under their terms of service that you (and I, I admit) didn’t read.
I wouldn’t worry too much about the loss of ownership, because these cloud vendors are less interested in exposing your holiday office party photos than they are in feeding you ads that appear to be about subjects of interest. And even if you were giving away ownership of your data, which you aren’t, that doesn’t mean you are relinquishing any rights of your own to that data especially if you bothered to keep a copy.
So backup and backup again. At Chez Cringely everything is backed-up locally two different ways, also backed-up to cloud storage, and even backed up again to a server in another city (it’s a PogoPlug under a bed at my mother-in-law’s house and she doesn’t even know). Some of these techniques cost me money but not all do and my total outlay for such an extravagant backup strategy is less than $100 per year.
At home we have both Time Machine (actually an Apple Time Capsule — there’s the investment) as well as my 100 percent free ClearOS (formerly ClarkConnect, a specialized version of Linux for network appliances) Internet gateway running a backup server in addition to firewall, antivirus, proxy server, DNS server, etc., all on an old Intel PC I had lying around. ClearOS is the best bargain I know in data security and is ideal for protecting multi-PC, multi-platform home networks. For home use it costs absolutely nothing, runs fine on old hardware, and easily replaces $100+ in security software from places like Kaspersky, McAffee, and Symantec. And with all that crap removed from your PCs they are faster, too. ClearOS protects the computers and their users by protecting the network.
Steve Wozniak is right — users are going to eventually be burned if they rely solely on cloud backup. Forget about natural disasters and malware, what happens when these outfits just plain go out of business? Where is your data then? Nobody will know.
Eventually? Megaupload users have a front-row seat. Oron users are watching the preview right now.
Until there are legally enforceable tenants’ rights in the cloud that can’t be cast aside at the whim of the VPOTUS’ BFF, it’s a safe place to visit but I wouldn’t want to live there.
For me, the less I depend on anyone’s cloud, the safer I feel.
Hey you kids, get off my lawn!
I have some neat backups going on too — mirrored disks for photo storage and then backed up to Amazon S3 periodically via rdiff-backup (password-protected gpg keys kept in gmail and and a flash drive).
While I’m quite confident I could get anything I want back, if I were dead, I doubt anyone else who might care about the content (photos, family documents, etc) could. Try explaining it all to your non-technical wife! At least if the photos are in a shoe box, they’re useful beyond your demise.
Your digital legacy when you pass on is another issue with the cloud IMO.
I think the cloud is good enough for my offsite storage needs. If a particular cloud (or every cloud) crashes, so what? Everything is still on my home computer.
However, I can’t conceive of any high value business firm allowing some independent third party to have access or control over their confidential information. When the government demands access or some cracker gets lucky, goodbye confidential information. Hello criminal charges, industrial espionage, or blackmail.
You’d actually be surprised at how many corporations do just that.
Seriously.
you’d be surprised at how many corporations don’t know where there data is.
“…users are going to eventually be burned if they rely solely on (ANY SINGLE) backup.”
There, I fixed it for you.
I’ll go one better, and fix everything for ya.
https://www.make-everything-ok.com/
Curious about the cloud service you’re using that backs up all of that for < $100 / mo.
I'm paying a lot more than that, but I have my music backed up as well (yes, pricey, but worth not having to reburn all of those CDs).
Thanks for the kind words about ClearOS. You’ll be happy to know that we will have an AppleTalk App in the Marketplace soon…So you can just add disk to that old PC in the future if you need to upgrade your Time Machine capacity.
Backing things up locally also requires careful consideration. By definition the data is valuable to you (otherwise why back it up). Unless it is also encrypted then the storage falling into someone else’s hands could range from just embarrassing through devastating.
It is usually far more inconvenient using encryption as keys have to be entered. If they are available without human interaction then the keys are just obfuscation. And of course that won’t help if a bad guy puts a keylogger on your computer. (How often do you check around the back looking for extra little bits of plastic?)
Secured backups are harder than plain backups and plain backups are harder than no backups.
Bk keys don’t have to be in the process, use public keys for that.
Are all you guys encrypting your backups?
Any suggestions on encryption software/procedures for encrypting what gets put on the cloud?
Am I right in thinking nothing backed up on the Apple cloud is encrypted?
Nice to see everyone isn’t so blindly bullish on the cloud as they are on mobile computing taking over the universe. Or is the cloud just “so last year”? Anyway this will be a good warmup for all the Windows 8 bashing about to ensue.
Wrigley’s law: ask not if you regular back-up but if you regularly restore.
Without regularly testing your back-ups you may just find you’ve wasted all that back-up sweat when the day comes to retrieve lost data.
Good point. At least there is drag and drop or an automated version of that with Microsoft’s SyncToy. When I got Windows 7, I thought I’d try the built-in backup program but unlike SyncToy it created lots of zip files that must be restored to see what you got. The strange part is that it will back up to any disk whether NTFS or FAT32 but it will only restore to NTFS, so I decided to re-partition my backup drive, adding an NTFS partition for restoration, just so I can see it.
you guys worry about storage justifiably, but even apps on the cloud would only be used by the mindless. They will be there and we won’t have to buy and install? over my dead body.
I worked at a company once where MS Office was on the server, not the desk top. I have to admit that it very often worked, but it also didn’t now and then. It would drive me crazy, and that was with someone down the hall that I could yell at.
Let’s define our terms:
“cloud” – computers and networks under someone else’s control that you have little if any insight to.
If its important to you, you should be taking care of it. “Cloud” computing is beneficial for things like Identity Access Management between disparate vendors – enabling company A to do business with company B while a third party, entity C trusts the authentication abilities of A and B, thereby enabling their communication without having company A’s people poking around in company B’s network (and without having to duplicate authentication all over the place).
For personal data, duplicate drives and an occasional trip to a safe deposit box are all that are needed.
I run a very low tech xcopy script every night at some weird hour of the morning so every day I start with two copies of things I want to keep. If I were really concerned about it, I would have a third hard drive that I kept off site somewhere (safe deposit box) and I would rotate the backup drives on a regular basis.
But, I’m not that concerned about it.
I have zero desire to put my data in someone else’s domain.
“I wouldn’t worry too much about the loss of ownership, because these cloud vendors are less interested in exposing your holiday office party photos than they are in feeding you ads that appear to be about subjects of interest.”
They probably don’t have the inclination to steal your data directly, but will they PROTECT it when a pissed-off cop decides he want to rummage through it to find something to harrass you with? Don’t tell me *that* does not happen. I live in Arizona.
error: “the general press reacted like this was:”
I use DropBox to sync files between my devices (iMac, Windows, iPad, Android). It is really cool that files put in there on one show up shortly on the others. I am aware of the possibility, though, that the files might get eaten some day.
Because DropBox on OS X has a designated directory of your choosing that is mapped to the DropBox cloud storage, I am also picking up all my DropBox content in my Time Machine backups. This means that I have a sort of “archeological record” of all my files, DropBox included, because of Time Machine’s retention scheme. (Hourly changes for the last 24 hours, daily changes for the last week/month? and weekly changes for as long as there is capacity on the target drive.) I have 3 Macs sharing a 2GB drive. We’ve got backups going back over 2 years and have only used half of the capacity.
DropBox’s facility might have just been destroyed by a freaky fire for all I know, but I’m pretty sure I still have every file I ever put in it.
Oh, yeah… And i won’t need to leave detailed instructions for any of my family in the case of my untimely death.
I have a brother in the Midwest who had been selling accounting products to small companies. He went to a Microsoft conference and completely bought the MS story of MS Dynamics as a Cloud Service. He really thinks that his clients data (and access to the Apps) are going to be OK because its Microsoft. I’ve spent many a phone call giving him various scenarios of cloud problems and asking him what he will do to rectify the problem…. He doesn’t have very good answers.
Cloud Apps like WebEx, etc. make sense but I would never, ever rely on cloud for long term storage of my data. I’ve spent 14 years of my 27 years in the computer industry around storage and 2 years around Managed Service Providers and what I have seen has convinced me to never, ever rely on remote storage as a service….
BTW Bob – Does your Mother-In-law read your column?!…. vaccumm underneath the bed!??!
My bank account seems to sit in some kind of cloud as well. It’s a Dutch bank, since I’m Dutch. My government guarantees about 100.000 euro of our savings, so it’s reasonable save. Health and pension insurances also have critical governance. This seems to work well. I suppose at one point, we’ll have something like that for our cloud data. And Microsoft and Google will get licenses for local servers.
For a home user I confess I don’t really understand the need for cloud storage except that it removes the need for a NAS and permanently-on router at home. In itself a cost to be born initially and not completely free.
For business it just seems another form of outsourcing, saving the data producer the cost of racks of storage. However I wonder what business rates for the service are – especially when it operates at corporate size – and how that compares with a building or two full of men in white-coats and clipboards talking IT all day and loading spools with tapes…? (Ok maybe not even so dramatic these days).
I backup to a local hard drive. My only concerns are fire and someone breaking in and stealing my computer equipment. What happens if there is a fire? I lose both my backup and my main hard drives since they both sit in the same physical area. The “cloud” is useful for backup if you want something secured from a fire, earthquake, or other (un)natural disaster. An offsite web hosting provider with oodles of hard drive space is an equally valid avenue to take too. Assuming the offsite backup is correct, what’s the probability that you’ll lose both the offsite data, a local backup, and your hard drive(s) all in the same day?
A few comments on backup. This applies equally well to one home or their enterprise.
1) You need your backup to be there when you have a serious problem. If you use a service it must be there when you need it. It is important the service has a viable business model and will stay in business.
2) The ability to RECOVER data is the purpose of backing it up. One usually adds or changes a small amount of their total data on a daily or weekly basis. It is easy to backup small amounts of data. The process of recovering data usually takes longer than backing it up. If you need to recover a lot of data, it is going to take a long time.
I did a test of a personal cloud backup service recently. It was going to take it 300+ hours to recover my data. If you are running a business, can you be without your data for 2 weeks or more?
3) Everyone has sensitive data. There are many government and industry regulations on the protection of data. Your backup plan absolutely, positively must be secure and meet all the rules. If something goes wrong it will be YOU who pays for the fines, penalties, damages, etc.
4) Regarding personal data, you can put a lot of photographs and personal data onto a DVD. Every 6 months a burn a set of DVD’s and put them in our safe deposit box. It does not take a lot of time or many DVD’s.
Excellent article, Bob. Thanks for posting it. Like you and many here, I’m old enough to remember why we got our data off of main frames before. Now they are back, just with a fancy name.
I backup onto two different brands of optical disc (with one set off site) as well as removable hard drives since recordable discs eventually fade. Refreshing backed up data onto fresh media is important.
As we get older, we accumulate more data, but at least storage capacities continue to improve.
Besides backing up data, backing up applications is also a good idea. This assumes you don’t want to pay for the same program more than once.
I was sure I had all my original program disks stored safely away. But when the need arose, I could not find all of them. (The missing ones must have been those downloads that seemed like such a good idea at the time.)
What about if you back up your data on Dropbox, Google drive and Skydrive? Of course most of my non-video data will fit on a couple of DVDs or the flash drive on my keychain.
Cloud storage is philosophically like datagram service: usually reliable, but no guarantees. As long as users are aware of this it’s quite useful. It’s a tool like a shovel or screw driver; not an end to end solution.
My first job in IT (it wasn’t called that way back) was as a tape monkey.
Collins Radio (can I say that?) had the largest tape library west of the Mississippi river in Cedar Rapids. It was a full time job copying old tapes to new ones (and then re-certifying the old) because the tape manufacturer said tapes used for archival storage weren’t much good past four years.
Any idea how long writable DVDs are good for?
Back in June you mentioned that you had an ipv6 comcast address and your home network was ipv6 ready. Now in this article you’re stating that you’re using ClearOS. I didn’t think clearOS supported ipv6.. So how are you able to do this?
This is why I use the IBM SmartCloud system. Nobody is going to buy that company.
Is your Dungeons & Dragons score database really so important?
I’m watching a little product called EFSS, which stands for Encrypted File Storage System. It is an open source product written in PHP that does transparent encryption and compression of files, symlinks, and directories (and clones permissions, owner, and group on linux) but does it in a way that makes it very fast to backup over a network to multiple locations without having to decrypt or (r)diff anything. It is a clever solution, IMO, to the various problems that so many products have that people use to backup data and has other potential uses beyond backups. In addition, the way it is built lends itself to recovery from the cloud without having to download everything first, making it much easier to recover the most critical data very quickly.
One other thought: If you aren’t checking your (multiple) backups on a regular basis, no matter how cloudy they are, you can forget about recovering your data.