Blog

My OS X Backup Strategy

I take backups seriously. Very seriously. I currently use a combination of five different backup technologies, each with a special function. I've described my setup to enough people in person that I thought it might be worthwhile to get it down somewhere more permanent.

I don't remember where I first heard it, but a good rule of thumb to live by is:

Approach your back-up strategy as if your internal harddrive is always five minutes away from dying.


Harddrives die all the time. Often without any warning whatsoever. What everyone needs is an automated, reliable backup strategy.

The five technologies I use are:

  1. Time Machine
  2. Super Duper
  3. CrashPlan
  4. SpiderOak
  5. Dropbox

These represent a combination of on-site (the backup drive lives in the same location as the computer) and off-site (it lives somewhere else). There are advantages and disadvantages of both, and I'll get into those as they come up.

Note: Only two of the technologies I use here (Time Machine and Super Duper) are actually specific to Macs. The other three are platform independent, so there should be useful info even if you're running Windows or Linux.

Time Machine


Time Machine is the backup software built into every Mac (as of OS X Leopard). It's an on-site backup system, which backs up every byte of data on your computer. It requires an external harddrive be attached to your computer to perform the backups.

One of the key advantages of Time Machine is that not only does it back-up what's currently on your computer, but it also keeps old versions of backups. Let's say you've got a document that you've been working on for months, and at some point you remove a few pages from it. A month or two later, you realize you need to get those pages back. Time Machine will actually let you "go back in time", grab the old version of the document, and restore it alongside the new version. You can then pull out whatever you need from the old one, and you're good to go.

Time Machine does not guarantee that it will always have all old versions of documents, so it's not a replacement for a proper versioning system, but it's nice to know you've got some history. It does guarantee that at a minimum, it will have the full contents of your system (at the time of the back-up).

The other advantage of Time Machine is that it does full-system back-ups. Many backup technologies (including some I'll discuss here) only back-up certain portions of your system. Why do you want a full-system backup? Let's say that the harddrive in your Mac dies. You go to your friendly Apple Store, and they put a fresh new one in for you. Now what? You don't want to have to reinstall all your software by hand. Intead, you can instruct your Mac to "Restore from Time Machine". It will read the data off of your Time Machine backup, and configure your computer exactly like it was before your drive crashed. All your apps will be there, all your settings will be present. Even your desktop background image will be correct. This can save days of work.

Everyone who has a Mac should use Time Machine. Period. All it will cost you is an external harddrive. You don't even have to remember to back-up. As long as the drive is plugged into your computer, the backups will happen automatically.

Super Duper


Super Duper is another on-site backup system, which like Time Machine, requires an external harddrive. Also like Time Machine, it makes full-system backups. Unlike Time Machine, it does not do versioned backups. A Super Duper backup will represent exactly what is on your computer at the time of the backup, no more, no less.

So why use Super Duper? It doesn't seem to be getting us anything that you can't do with Time Machine. I use Super Duper for two reasons:

  1. On-site redundancy
  2. Bootable backups

I want on-site redundancy because I just don't trust having only one on-site backup. Things can always go wrong. The drive holding my Time Machine backup could go bad, or Time Machine itself could have a software fault which corrupts my backup. I've never seen the latter, but anything's possible. Better to have two separate technologies.

The real win of Super Duper is the bootable backups. What does this mean? Let's return to the scenario from before, where the harddrive inside your Mac dies. What happens if you just don't have time to go get a replacement drive? Some piece of work needs to be done, and it just can't wait. What Super Duper allows you to do is reboot your Mac, and when it starts up again, instead of using its internal harddrive, it'll actually start from the Super Duper drive! You can get right back to work. It won't be as fast as using an internal drive, but any drive is faster than a dead drive. This lets you get done whatever needs to be done, so you can go get your internal drive replaced when the time is right.

Like Time Machine, Super Duper can also do a full-system restore, so you don't need to reinstall the OS, applications, etc.

There's a free version of Super Duper, but the restriction on it is that whenever it does a back-up, it has to back-up the entire drive again. This can take hours. The paid version adds in smarts so on a backup, it only has to copy over what changed from the previous backup. Plus, you're supporting an independent developer who's built an awesome product.

CrashPlan


CrashPlan is the first of the off-site backup technologies I want to talk about. Why do I need off-site backups? I've already got two different backups at home, what's the point of having more?

I've got irreplaceable things on my computer. Every picture I've taken of my daughters. Tons of movies showing them growing up. All my software I've written. My Ph.D. thesis. Etc. etc. etc. What happens if my house burned down? Or someone broke in and stole everything? There's no way to get that stuff back. This is why an off-site backup is vital to anyone that takes backups seriously.

With CrashPlan, your computer sends its backups over the internet. You have a few choices in how you want to do that. The first, and most typical, is to have the data reside on CrashPlan's servers. Everything is encrypted before being transmitted so they can't read your stuff, but it'll live safe-and-sound on their machines. If you ever need to restore the data, you use the CrashPlan program to download it again. If you're using CrashPlan's servers to back-up, you'll have to pay a small monthly fee, which varies depending on how much space you use.

I don't actually save any data on their servers. Instead I use their alternate option, which I think is much cooler.

What's the problem with doing full backups over the internet? Upload speeds for most home users are *very* slow. How long will it take you to back-up your hundreds of gigabytes of pictures/movies/music/etc.? Days, weeks or even months, depending on how much you have. And if you have a major data loss (i.e. house burns down), it'll take a pretty long time to download it all again. Plus here in Canada, land of the internet-caps, you may end up getting charged overage fees for doing that initial backup.

What CrashPlan lets you do is attach an external harddrive to your computer, perform the initial backup onto that harddrive, then bring the drive to a friend's home to live attached to their computer. You don't have to incur the time/bandwidth cost of that first initial backup. All subsequent back-ups happen over the internet, updating the data on that harddrive. And if you have to do a restore, you can just grab the harddrive from their house and attach it to your computer again. The data is all encrypted, so your friend can't read your files. It's a fairly awesome system.

One thing CrashPlan can't do is full-system backups. You can back-up all the data on your computer, but you won't be able to do an automated system restore like you can with Time Machine or Super Duper. Personally, I have it back-up everything in my home folder. If my house burns down, it means I'll have to reinstall my OS and applications, but my pictures, movies and documents will all be safe and sound.

The other great thing about CrashPlan? It's completely free in this scenario. You only pay them if you're storing data on their servers.

SpiderOak


SpiderOak is a relatively recent addition to my arsenal. Like CrashPlan, it can't perform full-system backups. You tell it exactly which folders you want to back-up. All the data you back-up lives on SpiderOak servers. Their claim to fame is their security and encryption. They are technically incapable of looking at the contents of your files. Even under a court order, they could not reveal the contents of a customers files, due to the nature of their encryption.

I use SpiderOak for two things: Off-site redundancy (so I don't have to solely rely on CrashPlan) and syncing.

I have two primary computers. An iMac at home, and a MacBook Air that I take to the office. SpiderOak gives me the ability to keep folders in-sync across the two machines, so any changes I make to files in a sync folder on one machine will automatically propagate to that sync folder on the other. This lets me avoid the hassle of manually copying files back and forth, and worrying about which is newer or older. SpiderOak takes care of it for me.

SpiderOak's pricing is pretty great. If you're an education user, they charge $5/month for up to 100GB of data storage. It's $10/month for non-education folks. Either way, very cheap.

Dropbox


Dropbox is not designed as backup software, per-se. Instead it is designed primarily as syncing software, providing the same functionality I just described with SpiderOak. So why do I use both? Certain applications are capable of being configured to use your Dropbox account to automatically sync their settings and contents across machines via Dropbox. In particular, I use it for 1Password. Any passwords I add to my password database on my iMac will automatically be available on my MacBook Air, my iPhone and my iPad.

Dropbox does keep copies of your data on their servers, so you can access all your files via their webpage. The problem is that information has recently come to light that the data is not really encrypted on their servers, so Dropbox employees could read your files. My recommendation is to only store encrypted documents on Dropbox.

Conclusion


If it's not apparent by now, I'm really paranoid about my backups. A few years ago (before developing this strategy), I had a harddrive crash and almost lost every picture I'd ever taken. After a week of stress, hard work and black magic, I managed to pull the data off the drive. But this is outside the realm of possibility for 99% of people, so better to just be safe. All of the technologies I mentioned here are set-it-and-forget-it. Configure it once, and the software will take care of performing the backup for you.

It's an unfortunate fact that most people don't develop a proper backup strategy until after their first major data loss. My hope with this post is that at least one person will see how easy it is to have a solid back-up strategy. It shouldn't cost you much to buy a few external harddrives. And honestly, what's more important? One or two hundred dollars, or every single picture you've ever taken?

Bonus: 1Password


I thought it important I bring up 1Password a little more explicitly. This is software for auto-generating passwords for you, and securely storing them. Too many people use just one or two passwords, and share them across multiple sites. In short, this is a horrible idea. All it takes is for one of those sites to be hacked, and the attacker could get your password. Then it's just a matter of trying that password at various common sites. Use the same password for random site X as you do for your email, and they'll probably be able to get into your email account. And once their, they can initiate password-reset emails at a variety of other sites, and do all sorts of horrible things to you.

1Password is an infinitely better way of doing this. It can auto-generate incredibly secure passwords, store them in an encrypted database, and auto-fill them when you need them. It comes with plugins for every popular browser, so when you browse to a page that needs you to log-in, it can autofill your password. It's incredible, and I use it dozens of times per day. Go spend the money and buy this now. Please.