A friend had his laptop stolen last week, and he is now scrambling to recover his work (data and documents) and get back to work. It prompted me to get out my disaster recovery plan and review how I would recover from device loss, theft, or a ransomware attack.
While the loss of a device would be an annoying interruption and cost money to replace, my approach is to ensure that my data is easily accessible to me again, and that I can simply get up and running with a new device. Something like: plug in, connect to key services, and begin working again.
Three core principles:
1. No data exists solely on any one device. All devices should only ever be an access point to the data I’m working with, meaning that the data is stored in a central location and accessible from any device I choose to use. With the range of cloud services we have available for a low cost – Dropbox, Box, OneDrive, iCloud Drive and similar – this is easy to set up and use. Data is stored locally on a device in a designated folder, but synchronised automagically to whatever cloud storage service I use.
2. Data is backed up continuously in my office. A password-protected backup drive is connected to my laptop, and takes snapshots of the whole device throughout the day. If necessary, I can recover from a lost or compromised device by connecting a new device to the backup drive.
3. An emergency rescue kit is available somewhere. In order to get back to work as quickly as possible, create an emergency rescue kit with a written plan of recovery and a list of key services and passwords (in full or in code). You could carry this around on an encrypted thumbdrive (don’t forget that password), or put it in a separate cloud service in an encrypted form (don’t forget that password).
And one additional principle that I’m considering:
4. Data is backed up continuously away from the office. Use a cloud service to create regular backups of key devices, thereby creating a second level of backup that’s not located in the same office. While principle 1 above deals with core data and documents, principle 4 creates a backup of everything on the device.
In combination, this means:
– laptop stolen while away from office – recover through 1, 3 or 4
– office compromised, laptop stolen – recover through 1, 2, 3 or 4
– office compromised, laptop and backup drive stolen – recover through 1, 3 or 4
– cloud service compromised – recover through 2, 3 or 4
– laptop stolen, backup drive fails, cloud services fail, online backup fails – oh well, let’s start again with a smile
I hope I don’t have to put this plan into action, but it’s there just in case.
What have I missed? (I haven’t talked about strong passwords, benefits of passphrases vs. passwords for services that support that, two-factor authentication, etc.)
What’s your plan of action?
Categories: Safeguarding Productivity, Tools & Technologies
Michael Sampson 
Hi Michael,
I totally agree with the attitude that the device should not matter much and should be replacable.
some additional thoughts:
What about the case of data corruption (unnoticed for a while). I only see scenario 4 helping out here.
(I still hold on to the tradition of a yearly offline backup of all data across all devices)
For outside the office, what safe place are you thinking about? Bank safe accessible 24×7?
Yet the burden of a monthly manual procedure and going to the external safe isn’t too appealing either is it?
Another point to consider is a scenario where you yourself would not be able to access the data anymore, and a beloved one will need to have access to at least some of it.
In my opinion, such scenarios also request a “shared & known safe” external location with envelopes containing passwords, instructions etc.
…just my 2 cents…
Michiel, hi.
Thanks for sharing your thoughts. You raise some good points, and yes, approach 4 would be required for data corruption (an offsite online location that offered access to historical data?). Your point about loved ones getting access to some of your data under some circumstances is also something I have thought about, but did not write in my post. Thanks for adding that twist.
Michael.
Consider the 3-2-1 model of backups as part of your strategy. (In a way, you already do.)
In a 2012 paper for US-CERT (United States Computer Emergency Readiness Team), Carnegie Mellon recommended the 3-2-1 method in their publication titled: Data Backup Options.
Link to the paper: https://www.us-cert.gov/sites/default/files/publications/data_backup_options.pdf
Thanks Eric, appreciate the link. And I know that you have always been amazing at doing backups and creating recovery options for you and your clients. Good job!