Many users aren’t in the habit of making an external backup and instead rely on the system’s restore capability if something goes awry and data is lost. If the relevant system processes are functioning properly, then Previous Versions, Shadow Volumes or System Restore should provide the answer. Though even if these are working, the recovered files may not be as up-to-date as is required. This would seemingly pose more of a problem for work/business related data than for the private user – or perhaps this is not the case. With increasing reliance on digital storage for most things in life, it’s important to not only to initially guard personal and financial data – it’s also vital to make external back ups. Failure to do so can result at least in inconvenience – at worse – critical data loss.
There are several reasons for data loss, and why it is important to backup; these first causes are mundane, though all have the same effect. They are physical hardware damage, operating system corruption, and total machine loss. For instance, if a hard drive wears out (as they do with time through design – built-in obsolescence to perpetuate markets), then a technician can replace this easily and should be able to recover the last imprints of data. In some cases this isn’t always possible to do, depending on the technician and the damage. Faced with this problem, there is also the matter of time to get the work completed. A fatal operating system error (that shows the dreaded ‘Blue Screen of Death’ or BsoD), can usually be remedied by rebooting, though it’s important to get advice if the on-screen instructions are not completely understood, as further damage can result with repeatedly attempting an incorrect rebooting process. Then there is the case of machine loss – plain physical loss – or theft. This generally amounts to the same thing – data loss.
The final cause of data loss is something a little less rational: malware. An extreme example is a trojan that emerged in 2003 called Trojan.Killfiles.904. When it infiltrated a computer it set about destroying all files except Windows System Files while the user carried on operating as normal, unaware until all the drives were wiped. There is no explanation of where this came from, or what it’s purpose was – it could have been a trial run for a tactical element later added to ransomware. Ransomware is an infection that encrypts files, and also tries (and often succeeds) in deleting all of the available backup data. The key to restore files – unless cracked by researchers – is only available after payment. Today’s ransomware has the capability to detect all drives (mapped and unmapped) and encrypt everything. This is important when considering Cloud storage – if there is live access for the malware, then this data will also be mangled. It is expected of storage facilities to make backups, though these may also be corrupted or deleted by good malware. The user’s data security is in the hands of a third party, which is a weak link security-wise. In such a situation without reliable backup, the result is either payment – or data loss.
The greatest benefit of having backups is that if ransomware does manage to enter and infect a computer, often the most simple option is to wipe the hard disk, re-instal the operating system and reload the files. Ensure that a patched and updated operating system disk is also available.
Backing-up files can be an easy routine to practice, taking a few minutes at the end of each operating session. This should be done to an external device like a removable drive that is disconnected at all times when not in use. Placing files to be backed-up into folders containing the same extensions prior to transfer will also help spot any rogue files. Remember – backup does not replace security – it is a backup! Be ready: P-B-D: Plug-in. Backup. Disconnect.