Category Archives: Backup

What the Equifax Breach tells us about cloud security

Equifax reports an intrusion into its system which “may have” stolen the data on up to 143 million Americans, including name, address, SS#, and Drivers license number. This is a terrible lapse in security, and, on paper, it should not have happened.

Equifax is a large and profitable company, whose central business is secure, trustable data management and processing. Preventing this type of cyberattack should be one of their most important goals. And yet, it happened. What can photographers and collection managers who use cloud services learn from this?

It’s impossible to know the real story from outside
The first thing to learn is that, as stated above, looking at a company from the outside can’t provide a guarantee. It’s hard to find a company that should have a better security practice than Equifax. They are not a startup prone to pivot, or running out of funds, or a company for whom security is a second tier issue. Yes, they make all kinds of mistakes in their reporting, but that’s an inherent part of gathering up trillions of individual transaction reports from many different sources.

If it’s hard for Equifax, it’s even harder for you
It’s getting reasonably common to hear that cloud service companies get breached, It happened to Adobe,  Yahoo (x3, at least!), and many more (click the link above for fun). But this does not mean you should just manage all your cloud security yourself. The vast majority of people (and institutional IT), simply have no idea how to fully protect from attack.

Cloud services have become essential in the creation, use, storage and management of photos and other media.  Unless you are going to go off-grid (start by throwing away your smartphone), you’re going to have to live with a certain amount of risk. The entry points for hacking are exploding. Now your fridge, car, connected camera, and smart lightbulbs can all be attacked by Internet of things (IoT) exploits. It’s going to get even harder to prevent cyberattacks as IoT grows.

So our best strategy is to become more resilient. Here are some tips.

1. Centralize all of the media you want to keep. Preserving your stuff starts with knowing where it is. If it’s spread between a phone, your laptop and across half a dozen hard drives, it’s impossible to really manage safely. You can now cheaply buy hard drives up to 12 TB. There is no excuse not to collect everything you want to keep.

2. Keep a local copy of any photos or other media you want to preserve. This means you need a copy of your photo archive on local drives, in your possession. Anything you have that is only stored in a cloud service is at some level of risk, and accurately determining that risk is beyond your ability.

3. Keep at least one copy of your data offline. For most people, that means copying your photos and other important data to additional hard drive(s) and unplugging. This is a backstop for all kinds of terrible things, not just cyberattack (lightning, theft, etc.)

4. Consider write-once media. While DVD and Blu-ray are fading from the media storage landscape, there is still a compelling reason to consider them. Photos stored on write-once media can’t be infected after-the-fact. If you think you have too much data for optical disc, consider the fact that Facebook has built a cold-data archive in North Carolina that employs Blu-ray (for the exact reasons outlined above).

5. If something is really sensitive and it needs to be stored in the cloud, you probably want it to be encrypted on the client side. (This means that software on your computer holds the encryption key, and the cloud service only has a scrambled copy of the data). Note that when I say really sensitive, I mean stuff that is life or death, or has a major financial component.

Backblaze is a service that provides client-side encryption. It’s not totally bulletproof, but someone would probably need to know exactly what to look for. Note that an encrypted cloud backup like Backblaze can also help to protect you against ransomware, like the May 2017 WannaCry attack, which is a growing problem.

6. Take a look at the cloud service providers you use. 
Even though you can’t remove all doubt about your cloud service providers, you can make some educated guesses. Does there appear to be a sustainable business model? Am I paying enough for this service to care about my security? Does a google search bring up anything hinky?

If you take these steps, you can help protect the integrity of your photo collection against growing hazards. You may not be able to prevent intrusion, but at least you can recover from it.

World Backup Day

Once again, it’s World Backup Day! While it’s not as fun as Talk Like a Pirate Day, it’s arguably more important. All of us have important digital stuff that we’d hate to lose. So if the lack of a solid backup plan is something that’s bothering you (even a little), take the opportunity to do something about it.  Here are some suggestions.

Send in the Clones
If all your stuff can fit on one single hard drive, then you’re in luck. You can make a clone of your drive.  A clone is simply a copy of the drive, written out to another hard drive. It’s really useful if your hard drive crashes. And a clone that lives in a separate place from your laptop will give you protection in the event of loss, damage or theft of the computer.

Clones are easy to make, and offer a high level of protection (as long as you update them regularly). I think of a clone as a disaster-recovery backup. As someone who really values my data, I like to keep an extra clone stored offsite, in case there is a fire or theft that destroys both my laptop and my main clone.

You can read about making a clone over at dpBestflow.org.

Krogh_150331_WD_Air

I’ve been using this nice little WD My Passport Air for my clone, it’s small, light and durable. It also has built-in encryption so your stuff is protected even if the drive is lost. 

Online backup
While I think everyone needs a clone for fast recovery, I’m also a big fan of Backblaze for continuous off-site backup. It’s a real set-it-and-forget-it system. It costs $50/year per computer to make a duplicate of your entire computer up to the cloud. This protects against the threat of total loss of onsite data, as well as any files that have not been backed up to offsite storage.

Backblaze is particularly valuable for family members or other who are not vigilant about backing up their stuff. I set up both my daughters before they went off to college, and, wouldn’t you know it, one of them dumped a pitcher of water on the keyboard of her laptop during freshman year.

Note that Backblaze is not really designed for large image libraries that many photographers have.

PhotoShelter or other web service
You can also use a photo-oriented service for backup. If you are a PhotoShelter customer and you use Lightroom, you can automatically publish images to the cloud. I have mine set to publish high quality JPEGs from all 4 and 5 star photos.

Publish Backup

 

 

 

 

 

Lightroom’s Publish Services can be used to backup images to the cloud mostly automatically. This can provide a current JPEG (or original file) backup that is updated as new files are added to the catalog. 

Big Drives
If you have a lot of data like photos and videos, you might want to get some big drives for backup. WD is now shipping 6 TB drives that are about $250. That’s a heck of a lot of data in a small package at a reasonable price.  There’s no excuse not to keep those photos backed up.

Krogh_150331_Toaster(Back them up twice if possible – once on-site, and once off-site, for a total of 3 copies.

Here’s a really economical way to backup files. Get a bare drive and a “toaster”. You don’t want to use the toaster for everyday use, but they are great for backup.

 


Don’t let Perfect be the enemy of Good

It’s easy to be overwhelmed by all the considerations that go into a perfect backup system. So don’t try to be perfect, try to be better. If you don’t have a clone, get one. If you travel a lot, then online backup may be a good addition. And if you have only onsite backup, consider adding an off-site.

Each time you make an improvement to the system, you add more protection, and reduce the chance that you’ll lose important data.

Disclosure
I’ve recently been working a bit with the folks at WD. They have sent me some equipment to evaluate, and they sponsored my last talk at PhotoPlus Expo. And a few weeks ago I went to a Product Summit in Laguna Beach. I still have to buy most of my own hard drives, and I’ll typically buy WD when I’m spending my own money.

I have also been working with PhotoShelter to create a new service for people who buy photographs. Again, I’m working with a company I really believe in, because I really believe in them.

Cloud Wars

The competition to provide you with cloud storage is starting to reach a fevered pitch. It’s now possible to add excellent cloud backup to your storage system for a very reasonable cost. Some of these costs remain artificially low, and may therefore not be reliable in the long run. But we’re also seeing the big players in computing (Google and Amazon) offering really low pricing.

Krogh_061001_8516

First, a word of caution
We’ve seen some low-cost options for years. This includes services like Carbonite and Backblaze that have claimed “unlimited” storage for prices around $50/year. This means that someone like me with a dozen terabytes of data will be a money-loser for each of these companies. I’ve always been distrustful of these plans, fearing that the companies will go the way of Digital Railroad, which shut its doors with little advance notice in 2008.

Carbonite gets around the super-user problem by limiting the cheap backup service to your internal drive. As you add external disks, the price goes up. (Let’s also take a minute to note that Carbonite does not forecast profitability anywhere on the time horizon, which is problematic.) Backblaze does allow for truly unlimited data, and explains their strategy by saying it will average out between low and high volume users. This is okay for backup, as long as you realize the service may go away someday, and it’s not your only backup.

(Note: I personally use Backblaze for my computers and for my family. I’m currently testing the unlimited storage with my own archive. You can get a discount off Backblaze by clicking my affiliate link.)

The big boys jump in
Last summer, Amazon rocked the world of online storage by offering a new cloud backup and archiving service called Amazon Glacier. The price for the service came in at 1/10th of Amazon’s regular S3 pricing. You can now store a terabyte of data in Amazon’s cloud for $10/month.  This one is a game-changer. Amazon is the 800lb gorilla in cloud service, so the prices that they set will determine what the rest of the market does.

Krogh_060729_3167

Amazon Glacier is positioned as a real backup or deep archive solution. They say it may take up to 5 hours to access the data, so it’s definitely not a place to store stuff you expect to access frequently. But it does promise great safety and reliability from a blue-chip company.

(I’ve heard, from a very good source, that Amazon can offer this service because they are making use of some “free” capacity. In order to speed up its regular service, Amazon is using the outer rings of the hard drive platters, which deliver faster data throughput. So the inner rings were sitting on drives unused. They created Glacier to make use of this spare capacity.)

Google responds
A few weeks ago, Google matched Amazon’s bet, and even raised it. Not only did they match the $10/terabyte/month price, they made the offer on Google Drive.  This means that Google is offering the price on storage that is always on, not just a backup service.

DriveOnWhile Google will probably lose money on this specific service, it’s part of a larger strategy from the tech giant.

(Note, I’ve been slogging through Google’s Terms of Service to get an idea of exactly what rights you give to Google Drive, and it’s not totally clear to me. It does look like private data stored on Drive is private. But other stuff, like your public photos on Google+ do seem to give Google a  non-terminable license to republish.)

It’s really about “My Stuff Everywhere”
The real competition at work here is not about collecting money for storage. The real competition here is to become the universal shared storage system which can work across all your devices.

Dropbox has been the category killer for this service, seamlessly  sharing between you, your friends and coworkers, your computer(s) and your phone. It has been able to do this where Apple (and others) have failed numerous times. Dropbox has rocketed up in value, and is poised to become even more valuable.

The companies that become successful in creating a shared filesystem  are well-positioned for long-term success.  This kind of engagement is hard to pull away from, since  you build it into your collaboration and your fundamental relationship with your own media.

DAM Edition 3.0 Postcard.indd

In The DAM Book 3.0, I’ll dive into the use of cloud storage as part of a DAM strategy. This new development in pricing and strategy offers some excellent value for photographers looking for storage, backup and sharing services.

Another Drive Failure – this is getting old

I turned on my computer this morning and got a warning that my hard drive’s SMART data indicates a pending failure. Crap. Shown below is the message from SMART Utility.
FailingDrive

SMART Utility tells you when your drive is failing before your system may alert you. In this case, the relevant numbers are the Bad Sectors. It was 0 yesterday, 16 when I booted up in the morning, and 40 after I updated by backup drive. This should be considered notice of impending failure.

This is the second time in 6 months. The first time was caused by rough treatment of the computer on my part – this one just seems to be drive malfunction. I had a full bootable clone from a week ago on a desktop drive, and another one that was on a small drive from a month or two ago. I updated the older clone, and swapped that drive into the laptop. In all, less than 90 minutes from start to finish. For those keeping score at home, these were Seagate drives. I’m looking forward to installing WD Black Squared drives my laptops soon (combo SSD and Spinning Disk!).

driveswapping2
It’s wise to have a clone of your drive handy so that you can swap out a failing drive. Unibody Macs are very easy to work with – less than 5 minutes to swap drives and put the computer back together. You’ll also want to have another backup, like a Backblaze cloud backup or daily Chronosync backup to a local server. 

Let this be your reminder to have a fresh backup.

Hard Drive Reliability Study

Every hard drive is out to get you, (but some more than others).

I’ve used that as a laugh line in my lectures for a bunch of years. Whenever people ask me which drive to buy, I point out that even the best quality drive can experience a sudden failure. But you can lower your odds of a problem.

Backblaze is a company that buys drives by the truckload. And they buy the most cost-effective drives they can. They are nice enough to publish the failure statistics for specific brands and models. Last week, they released a round of these numbers, and provide some good context for them.


This graph is from an article on the Backblaze blog that outlines the failure rate of various drives they use.

The short answer is that Hitachi drives provided the best reliability for Backblaze, and Seagate was the worst. In the case of the Seagate 1.5TB drive, the numbers are really bad. I’ve been buying (and recommending) Hitachi drives for a couple years now. Good to get a little more empirical evidence.

BTW, I like Backblaze as a cloud-based backup service. I don’t use it for my own work, because I have things taken care of locally. But I’ve installed it on the computer my daughter has taken to college with her. It makes a cloud backup in the background as she adds or changes files.

DNG Verification in Lightroom 5

I’ve been looking forward to the day this can be announced since 2007. In Lightroom 5, there is now a one-click solution to verify an entire collection of DNG files. It’s a really simple idea, with pretty huge ramifications from a data management standpoint. Interestingly, it’s nearly absent from any Adobe marketing materials for LR 5.

Read all about it after the jump.

DNG Verification

Near the bottom of Lightroom 5’s Library menu, is an item that lets you validate an entire collection of DNG files with a single click. It’s right below the “Find Missing” command. These two tools, when used together, offer excellent verification workflow.

Continue reading DNG Verification in Lightroom 5

Lightroom catalog backup

Here’s a few tips on backing up Lightroom catalogs.  It’s reprinted from a post I made on a photo message board.

I must have missed the discussion about backing up Lightroom Catalogs. Why isn’t Time Machine a good method?

The problem occurs if the catalog is backed up while still open. If the database (the .lrcat file) is changed during the backup, then it may produce a corrupt backup. You would not know unless you tried to restore from the backup.

Apple may have fixed this – they did for Aperture, as I understand it. The fix involves not backing up the database while it’s open.

Even if that’ s fixed, however, there could still be problems for people, depending on how you use the program. Perhaps you leave Lightroom open most of the time, and there is limited opportunity to do the backup in the background.

The best method for backing up Lightroom has a few components.

On preparation and a good team

I got back from the Palm Springs Photo Festival over the weekend, and like my previous visits, it was a wonderful experience. We had an interesting thing happen while I was there that illustrated the value of having good backups, and of having a great team in place.

Just before my second presentation, the power to an entire city block in the center of Palm Springs went out. I was scheduled to present in only a few minutes at the Hyatt. The hotel had emercency power to keep the exit lights and elevators running, but that’s it. I expected that my presentation would have to be canceled.

But the people who run the Festival are a group of really experienced photographers, assistants and producers, Within a few minutes of the blackout, they had a generator on site, and had strung a cord into the conference room in the hotel.  Without hesitation, they knew exactly what to do to keep running, and they did it.

The hotel managed to find some Coleman lamps, and voila, the show took place without a hitch. (Well, it was a little hotter and stuffier than normal, but you get the picture.)

Kudos to Jeff Dunas and his team for throwing one of the best photo events all year, and for dealing with unexpected glitches without missing a beat.

Presentation by camping lantern, Palm Springs Photo Festival.