Updated: August 31, 2012
Your first reaction to seeing this title might be - why the hell would I care what some pompous prick out there perceives as his backup strategy? The simple answer is, that self-aware lad happens to be me, which means you ought to listen - and listen good [sic].
All right, on a more serious note, having a sane and tested backup strategy for your personal data is the most important component of your computing life. It is more important than UPS, anti-malware or anything else you can think of. Because your hardware will fail one day, a guaranteed 100% bet, a doomed race against statistics. Anything else may or may not happen, but your hardware will die. And I'd like to teach you what to do when that happens.
Sales pitch - a personal example
Let's begin with a real-life scenario of mine. About a year ago, while innocently browsing the Web, my computer suddenly turned sluggish. It appeared unresponsive, slow, with no apparent reason. After about one minute of checks, I realized the second hard disk on the box was gone. Dead. It no longer showed in the list of drives on Windows, and the SMART data monitor was yelling errors. All right. What now?
I powered off the box. I opened the tower lid. I removed the SATA cabling, unscrewed the disk cage, removed the dead disk and replaced it with a spare one. To cut the long story short, I was up and running in less than 10 minutes of downtime. But still, the new disk was empty and my data seemed to be gone.
Now comes the good part - I restored everything from backup and continued working normally as if nothing had happened. The funny part is, the dead disk was a backup disk, but it was definitely not the only backup disk, hence multiple copies of the data were available for restore. We will discuss the minutes of this case a bit more soon.
Another example of how not to work with your data is the case I list in my FAQ page. A colleague of mine happened to be writing his PhD thesis on a laptop, with no backups. And then one day, he managed to accidentally almost-destroy four years of his work. He was lucky to have me around as I salvaged the loss and saved him from near-practical suicide.
All right, enough babbling, how does one go about having the right backup strategy?
Backup strategy dissected
Your backup strategy is more than the sum of your files, your disks or the number of backup locations. Your backup strategy should be a complete and fail-safe process of preserving the integrity of your data regardless of where and how you use. The importance of your data will determine the redundancy level and the frequency of backups, but it will not change the fundamental basis of the backup strategy - 100% verifiable and restorable process.
What you want to be able to achieve is to have your data accessible and usable at all times. This means that if your disk fails, your entire computer dies, your house burns, you will still retain the lifetime of your work. As such, the backup strategy must encompass all failure points around you. Dogs, children, thieves, power outages, humidity, all these and more present potential failure points.
Therefore, the first step to a solid backup strategy is to assess your work environment and decide the risk level. There's going to be some guessing and estimations, as you cannot always fully evaluate all factors. However, some things are a given. For example, you should always assume that electronic equipment will die sometimes.
Once you've completed this stage, it's time for statistics. Electronic media is designed to last a very short period of time and will eventually perish or degrade as to become unusable. The warranty date on your equipment represents the vendor's guesstimate into how cost-efficient the parts are. If a vendor offers one year of warranty and is willing to replace parts in that time window for free, this means they will be replacing relatively few devices in that period, but definitely less than 50%, otherwise they would never meet the demand in the long run. Hard disks have a mean lifetime of about 3 years or so. CD/DVD discs will probably last twice that.
All right, let's go with the very high and probably super-pessimistic 50% figure. Therefore, your one hard disk has a 50% chance of dying within the first three years of its life. If you have two disks containing the same date, the risk goes down to 25%, three disks down to 12.5%, and so forth. This means that if you have six hard disks, the chance of a complete data failure of all your disks in three years is only 1.5%.
Now, if the failure rate is 10%, then with just two disks, it goes down to 1%, with three down to 0.1%, and the potential failure ratio drops to 1 in 100,000 with six hard disks. This simple calculation illustrates the importance of multiple backups.
So you need to ask yourselves, what is the acceptable loss risk you are willing to take when it comes to your digital media. Are you willing to bet the lifetime chance of 1 in 100,000 that your disks will all fail at once, for instance? Then, what is the likelihood of that happening? For all practical purposes, you will need to use your disks for some 30,000 years to see that occur. With a little more modest life span of 100 years, you're just as good with three disks. Barring natural disasters and deliberate damage, that is.
Backup survivability
All right, so now you know what you need. Let's see how you go about that in the best way possible. Having all three disks in a single box is practical, but then a single power-surge could kill all of them. Having them spread between different machines increases the survivability of your setup. But then, if a meteor strikes your home, all your data will belong to the aliens. All right, so you might want to keep data in multiple locations, which brings us to the fancy point of offsite storage, a practice used in the corporate environment but rarely at home.
Offsite does not have to be a reinforced bank vault; it can be a second room, your office, your neighbor's home, maybe an online storage service like Dropbox. Or you might be carrying some data with you at all times. Either way, you do not put all your eggs into a single omlette.
Back to my example from earlier
So how did all these come to bear in my success story? The affected box had two disks, the first storing the data, the second storing the backup. After almost six years of use and no prior warning, the second disk died. But it just could have been the first. Either way, the two disks shared identical information, synced to within one day. Losing any one would not cause any damage, except the tactical nuisance of restoring the situation to its normal state.
So yes, you need to remember to sync the data and have a spare disk available and all that. However, you need not keep all this in your head. There are lots of useful tools that can help you manage your backup strategy more efficiently.
Tools
A robust, reliable and fast backup software is needed. You cannot rely on yourself to perform backups routinely and diligently. You need an unattended scheduled job running on your preferred basis, according to your risk assessment that is, performing the same deterministic set of tasks. You might be imaging the system or copying user data or both. Either way, you require a software mechanism to do that. Remember, anything manual is prone to mistakes or negligence.
System imaging software
For imaging, there are several free and high-quality tools available. The best option is CloneZilla, although it must run from a live CD and comes with a somewhat geeky interface.
You might also want to check these articles and reviews on imaging:
CloneZilla & PartImage tutorial
CloneZilla tutorial - including both Linux and Windows example
Paragon backup software review & tutorial
Free imaging software for Windows parts one and two
Data backup software
For data backup, I'd recommend Karen's Replicator for Windows or Grsync for Linux users. You might also want to use the built-in utilities that comes available with your operating system.
Some articles:
Backup software for Windows & Linux
Monitor disk health
While hardware health is a tricky topic, you still might want to invest some time in reading SMART data figures for your disks. Most vendors offer diagnostics and monitoring tools for their hardware, but you can also use generic programs, like HDDHealth, SpeedFan, CrystalInfo, and others.
However, I'd like to emphasize the statistical fickleness and promiscuity of the SMART data. It may be reliable or not, most often not. Going back to my dead disk example, the second hard disk failed while having a stellar SMART record. On the other hand, the first disk, which reported a reallocated sector count of 1, a supposedly critical metric that predicts some 40x increased chance of disk death in the coming 6-9 months, survived for more than two years since the error occurred and still works like a champ.
Anti-theft
Now, if you happen to store backups on external media, as you should, then you might also expect your disks to get stolen. If that happens, you will not want your data to be readable by strangers. Enter encryption. As a blank statement, I'd say you ought to encrypt your data on all mobile or portable devices, including external USB disks, thumb drives, netbooks, laptops, smartphones, tablets, and whatnot.
Beware, 'tis a double-edged sword. Encryption does not discriminate between friendly faces and rogues in the mist. Should you forget your password or should the encrypted data somehow become corrupted, you will lose it forever. This is why there are some special precautions you need to take when handling encryption.
You will surely want to read my encryption tutorials:
TrueCrypt - and pay special attention to header backups!
Test
The worst thing that can happen to you is to have a seemingly sound backup strategy in place, but then when a real problem occurs, you discover some gaps or errors or worse yet, that data cannot be restored. A backup without a proven and tested restore is meaningless. Therefore, you must make sure it works both ways, always.
How it all comes together
All right, so we know about risks, we know about probability, we know about offsite, we know about the tools and utilities, and we know about testing and restoring. So let me tell you what my backup strategy is like, broken down to components.
Computer A is the main data hub. The operating system is installed on its own physical disk. Data is kept on a separate disk + partition. This data is copied nightly to two additional disks inside the same computer. Computer B is the secondary data hub. Data is kept on a separate disk + partition and copied to the second disk internally on a daily basis.
After the local backup is complete, data is then copied between the two machines. Data from computer A is copied to computer B and vice versa and stored directly on backup disks.
Computer B copies all of the backup data to two external, encrypted hard disks connected via USB. Both the computers, as well as the external media are plugged into UPS to make sure there are no sudden outages or power spikes, especially during backups. This means that on any given day, data propagates between four internal and two external hard disk.
On top of that, on a monthly basis, a complete data set is saved to DVD and kept in two physical locations. Moreover, data is also backed up to another external and encrypted disk every four weeks, with the exception this device is carried around. Additional data backups exist, but they do not constitute a standard part of the overall strategy.
To portray this:
A --> D1 --> B --> D2 --> E1* ---> DVD^ / E3^*
--> D2 --> E2*
--> D3
B --> D1 --> A --> D2 --> E1* ---> DVD^ / E3^*
--> D2 --> D3 --> E2*
--> daily basis
---> monthly basis
^ offsite location
* encrypted
Laptops and other mobile devices
I also happen to own a whole bunch of laptops, most of which are used for testing most of the time, therefore the data they keep is trivial. However, in some cases, I do keep encrypted data containers and occasionally sync the data to the permanent storage locations, however the importance of these much lower, therefore they do not form an integral part of the backup strategy.
Still, the same basic rules apply: Laptop X data - in almost 100% of cases /home directories with everything - are backed up periodically to external USB disks, forming a solid three-disk redundancy or higher. All of the important data is encrypted.
X --> E1* ---> E3^*
--> E2*
--> weekly basis
---> monthly basis
^ offsite location
* encrypted
Note: E3 backups are not always performed
Deviating from my how-it-all-comes-together, in general, if you do want to preserve user data, browser profiles and/or other data between multiple machines, then you need to consider these into your setup. You should also remember that mobile or Wireless network access is usually slower and less reliable than wired connection, so that should also impact how you treat your MID backups.
However, there is no simple way of keeping network-centric data easily backed up across multiple devices. You might use services like Dropbox or Firefox Sync or similar, but they might be slow or unavailable periodically.
My recommendation in that case would be to setup NFS storage or similar and mount user home directories from server exports, but this is not something most people would want to do. At the moment, a combination of various sync programs, like the earlier mentioned Firefox Sync and Windows Live Mesh, seem like the best option.
But then - you should separate personal data, which cannot be easily recreated, with preferences and profiles in programs, like the browser bookmarks or desktop settings, which might be personalized, but they are not personal per se, and can easily be recreated. You can always find that collection of 80s pr0n, but your PhD is unique. Losing the first is an artistic bother, losing the latter is a disaster. Think about it and plan carefully.
Conclusion
There you go. Most people will probably think my backup strategy is a paranoid overkill, but I would naturally disagree. It's not about blindly piling up stuff to satisfy a mental illness. It's about making sure the data that really matters to you will survive potential mechanical, electric and possibly chemical damage in the very long run. Say, you've written a book or a PhD thesis. Would you like that to simply vanish one day, three or four of maybe ten years of work? It would be foolish, especially if all it takes to preserve that data is maybe a handful of dollars and another backup script.
If this article can be of any use or inspiration, then please, feel free to emulate or even offer suggestions. For example, cloud storage, SSD, other methods, all legitimate. It's about what works best for you. Assess the risks, make the right call and then enjoy a very flexible, highly portable, highly interchangeable, easily restorable computing experience. That's what it's all about. Have fun.
Cheers.