A friend had his laptop stolen last week, and he is now scrambling to recover his work (data and documents) and get back to work. It prompted me to get out my disaster recovery plan and review how I would recover from device loss, theft, or a ransomware attack.
While the loss of a device would be an annoying interruption and cost money to replace, my approach is to ensure that my data is easily accessible to me again, and that I can simply get up and running with a new device. Something like: plug in, connect to key services, and begin working again.
Three core principles:
1. No data exists solely on any one device. All devices should only ever be an access point to the data I’m working with, meaning that the data is stored in a central location and accessible from any device I choose to use. With the range of cloud services we have available for a low cost – Dropbox, Box, OneDrive, iCloud Drive and similar – this is easy to set up and use. Data is stored locally on a device in a designated folder, but synchronised automagically to whatever cloud storage service I use.
2. Data is backed up continuously in my office. A password-protected backup drive is connected to my laptop, and takes snapshots of the whole device throughout the day. If necessary, I can recover from a lost or compromised device by connecting a new device to the backup drive.
3. An emergency rescue kit is available somewhere. In order to get back to work as quickly as possible, create an emergency rescue kit with a written plan of recovery and a list of key services and passwords (in full or in code). You could carry this around on an encrypted thumbdrive (don’t forget that password), or put it in a separate cloud service in an encrypted form (don’t forget that password).
And one additional principle that I’m considering:
4. Data is backed up continuously away from the office. Use a cloud service to create regular backups of key devices, thereby creating a second level of backup that’s not located in the same office. While principle 1 above deals with core data and documents, principle 4 creates a backup of everything on the device.
In combination, this means:
– laptop stolen while away from office – recover through 1, 3 or 4
– office compromised, laptop stolen – recover through 1, 2, 3 or 4
– office compromised, laptop and backup drive stolen – recover through 1, 3 or 4
– cloud service compromised – recover through 2, 3 or 4
– laptop stolen, backup drive fails, cloud services fail, online backup fails – oh well, let’s start again with a smile
I hope I don’t have to put this plan into action, but it’s there just in case.
What have I missed? (I haven’t talked about strong passwords, benefits of passphrases vs. passwords for services that support that, two-factor authentication, etc.)
What’s your plan of action?