47 What is the proper way to make backups?
Description
This article is from the Computer Viruses FAQ, by Nick FitzGerald n.fitzgerald@csc.canterbury.ac.nz with numerous contributions by others.
47 What is the proper way to make backups?
A good backup regime is at the heart of any comprehensive virus defense
scheme. No matter what combination of software and hardware defenses
you install, nor what "policy" you implement, there is always the
possibility that some new virus will be devised that can beat your
defenses *or* that someone will fail to follow "proper protocol" with
"foreign" media or file sources. In corporate settings, the possibility
of the latter as a form of directed attack by disgruntled employees
cannot be overlooked.
Planning to minimize the impact of a virus infection on your computing
is much like planning to minimize the effect of an earthquake or fire.
You cannot be sure where, when or even *if* you will ever be "hit"; the
potential impact could fall anywhere in a very wide range of possible
damage; being "completely safe" can involve enormous expense; and you
cannot adequately test your preparations without exposing yourself to
serious risk of damage. Therefore, finalizing on the defense scheme
that suits you involves deciding on the level of loss you can afford to
stand and probably settling on a system that, while not "perfectly
watertight," is "good enough".
Despite the importance of a good backup scheme, it is really beyond the
scope of this FAQ sheet to provide a definitive guide to planning your
backup procedure--that could easily take another document the size of
this! All this said however, we provide the following advice as, we
hope, a good starting point.
Planning an effective backup scheme really starts with answering some
important questions. Consider:
1. Who is dependent on the files on this system? Is it a home
computer mostly used by the kids for games, a standalone
workstation running a small business, a networked workstation
in a medium-sized company or the same in a large corporate
environment, or a server with many (hundreds) of users?
2. How long can the most important user be without access to
these files? One hour, 2, 4, 8, a day, a week? Remember to
assume that your problems will arise at the worst possible
moment (like 24 hours before a tax audit is due to start!).
3. What proportion (and volume!) of files are "fixed" (in the
sense that they seldom change) versus those that change? Do
all changes have to be backed-up, or is a "once-some-given-
time-period" backup acceptable?
4. What type of information is in the regularly changing files?
The answers to these (and other) questions help shape backup and
recovery plans and are fairly well understood issues amongst computer
systems professionals. Highly critical systems containing crucial data
will be designed from the outset to have high redundancy (disk
mirroring, disk arrays, UPSes, maybe even redundant servers), though
such system options *alone* provide no real protection from virus
attacks. You may opt for a backup system that records every change to
any files on your system (server-only or clients and servers) or regular
(often nightly) backup of changed data files, and so on.
When it comes to planning backup regimes with an eye to the possibility
of recovering from a virus attack, you also have to consider that
regularly backing-up executables (loosely, "programs") can cause
problems. If you do and are infected by a virus, unless you can be
*absolutely sure* of the date of first infection (despite sounding
simple, this is not something that can commonly be done!), you may have
quite a few problems finding the best backup set to restore from, as you
will probably have several sets including infected executables.
For home or small business use, it may be best to maintain two kinds of
backups. One would contain only your data files and one your operating
system and program files (issues to consider are covered in the next two
paragraphs). This may be facilitated by maintaining a strict separation
of the two kinds of files, perhaps by putting the operating system and
programs on one drive or partition and your data files on another.
While this is probably not practical for many existing machines,
enforcing adherence to the "rule" that data files should only be placed
in appropriate sub-directories (folders) within a prescribed data
directory may not be a bad thing.
The best way to manage backup of data files depends on the answers to
too many of the questions listed above for us to give definitive advice
here. While planning your backup regime, bear in mind that some viruses
damage some kinds of data files, while others make small, occasional,
random modifications as files are written to disk. While viruses with
either of these "features" are quite rare, both of these possibilities
mean that vital data files should probably be backed-up to long-cycle
media sets as well as to shorter cycle sets and other steps taken to
ensure you can recreate the sequence of changes. (For example, retain
all transaction records so they can be re-entered.)
You should probably backup executables once after installing them and
only *after* you are sure they are virus-free according to your current
antivirus screening procedures. *Never* make a backup containing
executables over media that hold *any* of your current backups. The
more cautious of us maintain several cycles of executable backups.
These precautions should ensure you don't face the problem outlined
several paragraphs ago, and mean that should a newly installed program
be infected with a virus your current defenses don't detect, you can
easily restore your system and installed software to how it was before
the infected software was installed, when you do become aware of its
presence. You will probably have to manually reinstall any programs you
installed subsequent to installing the infected program.
Having referred to this second kind of backup as "executables only", we
should point out that a complete system backup is also acceptable for
this type of backup. However, note that a sequence of full system
backups with interim "incremental" backups (when only those files that
have changed since the last complete backup are saved) is *not* what we
are advocating. Such systems tend to be too "broad brush" to be truly
useful for recovering from an unknown, future virus attack.
Unfortunately, this tends to be the preferred/recommended backup scheme
for small-to-medium sized systems (including most personal computers),
and is typically what most popular backup software for such systems is
designed to do. This doesn't mean that popular backup systems and
software aren't useful, just that you have to exercise some care in
using them (like excluding executable files from your incremental
backups).
Having said all this, there are still a few other problems to consider,
especially: Which files should you count as "data" files? This can be
problematic as most people immediately think of their word-processor and
spreadsheet files, and the like, as data, and that's about it. What
about the files in which your programs store their configuration
information? In a sense, these are as much "your data" as they are
program files, because they reflect your preferred screen colors and
layouts, default fonts, personalized button bars and so on. When you
look at the time people spend finding the (often obscure) options
settings in their programs and making them work "just right", and how
upset they can be if they lose these settings, it makes sense to treat
such configuration files as you treat other "personal data files" in
your backup regimes. Similarly, people tend to treat system
configuration files (in DOS/Windows PCs CONFIG.SYS, AUTOEXEC.BAT,
WIN.INI, SYSTEM.INI at a minimum!) as part of the system, often ignoring
the (sometimes considerable) fine-tuning these configuration files go
through *between* system and executable backups.
One last point--it cannot be stressed enough that you *MUST* have a
full, working copy of the software you need to restore your backups in a
safe place. You must be able to guarantee that this software is not
virus infected should you ever have to use it, *AND* that it is fully
usable should you be facing a machine that has had its entire hard drive
"wiped clean".
Continue to:
My Books
