Using Dropbox or OneDrive as a backup solution? Think again.
In the world of digital, the past few weeks have been completely crazy. Following Russia's invasion of Ukraine, information security issues have been thrust square into the spotlight. Due to a marked increase in cybercrime and ransomware attacks, experts and governments alike have been pushing for greater awareness of the risks involved with having more and more of our lives in the digital space. The White House issued a statement on March 21 urging businesses to "harden your cyber defenses immediately". These warnings are not without reason.
Many of us have gone over our passwords and changed them to stronger, less memorable ones, as well as checking devices for vulnerabilities. Others have decided to use different services than they had previously.
But we're still not all that much safer.
Crime never sleeps
The reason is that it's almost impossible to stay completely safe from attacks. There are many security measures we can take, but in the end, it's important to understand that there's very little chance of our data being completely protected.
Why? Alas, crime never sleeps. As your data becomes more valuable and important to you, the motivation for bad actors to find new ways to exploit it becomes stronger. There is just too strong an incentive to steal, ransom or destroy data, be it for financial, political or personal reasons.
So, are we just f#@&€d?
Thankfully, no. Even though the risk of data loss is growing, some sophisticated (and others not so) data security, backup and recovery solutions have also been created.
However, it can get a bit tricky to know which of these solutions suit your needs. Many services claim to provide data backups when they actually don't, others have various limitations on file types, sizes, retention periods or how many devices can be backed up and recovered. Some lock you into a proprietary system, making it very hard to change vendors while creating a dependency and removing the control you ought to have over your data. Most have subscription-locks, making you pay more for services, features or storage space you don't actually use while making pricing less transparent. A few even make you pay extra to recover your files!
With these types of services, there's always a drawback.
A closer look at popular options: Dropbox and Onedrive
Let's take a closer look at two popular tools which are marketed as data backup and recovery solutions; Dropbox and OneDrive. In all honesty - they are fantastic tools for what they're designed to do, allowing users to sync and share files between devices and users while providing an intuitive interface.
However, as backup solutions, they have serious shortcomings. How so? Consider this scenario: You accidentally delete an important file on your computer. These services then delete the file from all your other synced devices, as well as your online account (as they're designed to do). A couple of months later, you need to access the file, but it's nowhere to be found. You have no recovery options. Why? Because these services only offer a 30 day retention of your files by default. That's a very short frame of time. Sure, you can pay extra to get longer retention, but the cost adds up quickly and even with the largest allowance, 180 days might not be enough.
The insidious time-delayed attacks
Also worth considering is that ransomware attacks are becoming more sophisticated, with hackers implementing time-delayed or incremental strategies where your data is taken hostage with encryption over longer periods of time, file by file. This strategy is designed both to make detection of attacks and recovery more difficult, since it increases the risk of your provider's backup retention policy covering less of your data as time goes by. These types of attacks can make your entire backup and recovery plan completely irrelevant. Sure, you might get lucky and be able to recover some of your files, but what if all of your research datasets or customer data is already gone?
Furthermore, these services only allow you to back up files placed in specific folders, leading to additional risk of data loss if files are misplaced. Therefore, without additional tools, they don't allow backing up an entire device for quick recovery in case of loss or theft. And if you somehow lose access to your account, you're out of luck.
The most glaring flaw
However, perhaps the most critical shortcoming is the fact that neither of these services allow backups to an offline medium - the only surefire protection in case of a ransomware attack, as strongly recommended by security experts. There is only ever one copy of your data available, either on your local computer, or in the provider's cloud. The synced "files" on your local computer aren't actually files, they are links to a version of the file stored in the cloud. By "freeing up" space on your hard drive, you are putting yourself at greater risk of data loss. In the event that you lose your device, these online services do not ensure that you'll ever recover your files.
Therefore, these services shouldn't be seriously considered as a robust and secure backup and recovery solution.
So, what should I do?
When it comes to files that are actually important, you shouldn't settle for compromises. Here's what your backup and recovery service should at least provide:
- Adherence to the 3-2-1 rule:
- Allowing for one primary backup and two additional copies, for a total of 3 copies;
- Save your backups to two different locations, e.g. two independent online or cloud locations, one to a local destination (e.g. an external hard-drive);
- One backup should be kept offline, out of reach of bad actors.
- Control over where, how and when to back up your data.
- Require minimal maintenance, providing scheduled, automatic backups at regular intervals.
- Provide ample retention for your files and version history, the longer the better.
- Provide quick and reliable data recovery options.
Backup Without Compromises!
Luckily, Relica offers all of the above and has additional features that make it the ideal backup and recovery solution, giving you complete peace of mind. Consider these:
- Full control over where, when and how to back up, with no vendor lock-ins
- An option to make up to five, independent, automatic backups with a single upload using our fully-managed cloud backup and recovery solution, Relica Cloud.
- Zero-knowledge encryption in rest and transit, as your files are encrypted before leaving your device. They can't be decrypted in storage without your encryption key, ensuring your files can't be accidentally or maliciously shared or accessed.
- Complete privacy, since nobody (not even us) can see or read your files or even folder structure. With Relica, you are a customer, not a product, and we will never sell your information to a third party or read your files - ever.
- Full flexibility and no limits on file sizes or quantity, no subscription-tiers, vendor lock-ins and no device limits for your account. Your backups have unlimited retention by default.
- Up-front and transparent pricing, where you only pay a fixed subscription-fee and don't have to pay extra for additional features. With the Relica Cloud, there are no subscription tiers, ensuring you never pay for storage space you don't actually use.
- Scalability, wheras with a single subscription you can back up any number of computers. Whether you're backing up your home computer or your organization's entire catalog of network drives, Relica scales with you.
- Failure-point and dependency mitigation, whereas even in case of an emergency where you can't access your account, you can use the open-source tool restic to recover your files with your encryption key.
- Relica distributions are completely self-contained, and its binaries do not require any external system libraries (no JRE, no Python, no libc, etc).
With the increased risk of data loss, it's not a good idea to wait if you don't already have a robust backup and recovery solution, or if your current service isn't suitable for the task. So make sure to start your free 30-day trial of Relica now!
If you have any questions, feel free to e-mail us. We look forward to serving you!