Patch Lady – Choosing a home backup solution

First in a series of life beyond posts about my journey of tech solutions in the post Small Business Server era.

For many years I used a product originally designed by Charlie Kindel who built a product to make it easier for home users to share data, back up home workstations and stream local content from anywhere in my home setting.  It was called Home Server.  The backup code used in Home server got a really big black eye early on when it was the source of data loss.  Word was they had to pull back in a key NTFS engineer to get to the bottom of the deduplication that also lost data.  The platform never recovered and times changed.  But the backup software (once fixed) stayed and moved on to be used in Essentials Server platforms.

As an aside after he left Windows Home Server team at Microsoft, Charlie Kindel went onto Windows phone and then onto Amazon home services.  Now he’s moved onto a firm called Control4 for home automation.  Things change fast in media and as we’ve moved to streaming services, most normal people don’t want or need to stream media from a home server.

But the writing is on the wall about the Essential servers.  Essential Server 2019 doesn’t have the backup or remote web access that Small Business Server and Essential servers were best known for.  And every (and I do mean EVERY) time there is a feature release, something in that client connector gets mangled so that while the add/remove programs shows that the client connector is still there, the code is not on the box.  At this time the only workaround is to uninstall and reinstall the client connector after upgrading to 1903.

In this era of ransomware, one of the things that even home users need is a good windows backup.  I will disagree greatly with our Redmond overloads regarding their idea of a “backup”.  In their eyes you don’t care about the operating system, don’t care about the programs, all you need is synchronization.  As long as you can get onto the web in some shape or form, you should be able to get to your data and thus you could sync back everything.

Well.  That works in theory but in my reality world, I want, I need a complete image of my computer so that getting it back to functional level again as fast as I can is the best way to protect my computers.  I often have desktop software with specific settings and licensing that isn’t easily sync’d back.  I see people ask for ways to get back their data from a ransomware attack looking for a magic bullet of a unencryption key.  There is a fundamental truth:  You can’t get an unecryption key unless the good guys have taken over a command and control computer and have access to the private key.  In encryption there is a public key and a private key.  The public key is on your encrypted computer, the private key is in the hands of the attackers.  Encryption algorithms being what they are now, one can’t magically crack an encryption key even if you had all the computing power in the world.   Unless the good guys have posted the private key here (or similar sites), your best method to recover is to either a. have a good backup or b. negotiate down the ransomware price

The other thing you need to keep in mind in setting up a backup is to make sure that the ransomware attackers don’t have access to your backup files.  Merely sticking a usb external drive in your computer and setting up a Windows build in backup of folder copying means that the attackers have EXACTLY the same access to that folder and can encrypt it as well.  Furthermore you need to ensure that synchronization settings for OneDrive consumer doesn’t sync encrypted versions to the cloud (Note OneDrive for business is based on SharePoint and has much more robust features to ensure you can roll back)

I’ve been looking around for various consumer backups and one thing to keep in mind is that free software doesn’t always have all the features you need.  For example one I’m currently testing, Macrium doesn’t offer a setting that I like (Image Guardian) in their free version.  Image Guardian ensures that the account used to write the backup files is not the same user rights as you, so that it’s not exposed to ransomware attackers who often come in via phishing attacks and use YOUR access to get to anywhere you have access to and encrypt the files.  Some backup vendors like Acronis are offering up free ransomware protection that monitors a system for files that suddenly become encrypted.

Also make sure that when you set up your backup software that you look in the settings to set up alerts.  Ensuring that you get an email alerting you that a backup has failed so you can take action, is key to keeping your systems protected.  In that, the consumer backup software I’ve seen are a little more cumbersome to set up alerts and notifications.  Finding one with a centralized console (I have four Windows based computers at home) at a reasonable price tag has also been an interesting experiment.

Personally I think the move to consumers using more and more ipads and android tablets means that running a Windows PC in a home setting is getting to be only for the …uh… older crowd like me.

So did I find a home backup solution that met my needs?  Kinda.  I found one that does a full image backup, that ensures that it’s saved in a way that the attackers can’t get access to it.  However I didn’t find one that had a centralized console for a home settings.  Clearly I am in the minority in that need.

What are you using for client backup in your home network?

Next week…. where do I store my stuff at home and how do I store it?  Stay tuned for more in this journey of life beyond .