I am increasingly encountering a dangerous misconception about data backups that could lead to some serious “facepalm” moments. On at least three separate occassions while speaking with someone about data backups, the person I was with referred to DropBox as their primary data backup platform. In case you are unfamiliar with DropBox, it’s a cloud-based platform that can be used to sync files and folders between multiple computers, while also maintaining a copy of that data in the cloud as well. This cloud component is what many folks like to believe is their “offsite backup”. It’s true – if your local hard drive were to fail and you lost files that were being synced by DropBox, you could retrieve a copy from one of your other mirrors or the copy in the cloud. However, what if you or one of your employees who has access to the DropBox repository accidentally deleted some important files? DropBox doesn’t know you (or they) didn’t mean to delete those files, but it will make sure that change is reflected across your entire DropBox repository. What if you got hit with one of those nasty ransomware viruses which encrypts files, including the files in your DropBox repository? DropBox will dutifully overwrite your data with the encrypted copies, effectively destroying your “offsite backup”.
Let me ‘splain:
DropBox’s strength lies in easily establishing a set of files and folders that can easily be synced across multiple machines and locations, and it does this through a simple mechanism which essentially looks at each endpoint (and the cloud) and says, “Make all these the same.” This same strength is a resounding weakness when it comes to proper backup methodology. In a nutshell, your backups should keep track of your data across time, in set intervals, so that you can, in theory, go back to any one of those points in time and retrieve the data as it was at that moment. The reason this is important is for the two situations mentioned above (and many other scenarios as well). In both cases, mistakes were made. Our best course of action would be to go back in time to before those mistakes were made, but seeing as we can’t actually time travel yet, we use backups to accomplish nearly the same thing with our data. Even if the mistakes weren’t noticed for a period of time, as long as you have sufficient version depth in your backup strategy, you can look back to a time interval before the deletion and retrieve the files. This is something that DropBox can’t do, and probably shouldn’t, as it’s not meant to be a data backup platform. There are hundreds of viable backup solutions that range in price and complexity, and many of them are as easy to set up as DropBox. Don’t stop short of using a real backup solution just because you’ve got a copy of your files somewhere else. A good backup solution requires some thought and determination, but can pay back huge dividends when mistakes or disaster strikes.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net