The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
You need to have a copy of your valuable stuff off-site!
All the backups in the world, and the NAS, and the airgaps - won't mean a thing if they're all in your house and then comes fire or flood (or other). In US, financial institutions are required by law to have an offsite backup location.
The cloud, however, doesn't cut it. Access is at the mercy of the cloud owner and if they go out of business (I've seen it), then what? Or they decide to up your fees 1000%, prepaid a year in advance - they've got your data. Pay or cry.
Or, make that air-gapped copy and keep it somewhere else that's not subject to the same vicissitudes of as your dwelling.
The first thing you need to tell your friend is that RAID isn't for backup purposes; it's for redundancy.
And I've sworn off of RAID when my onboard RAID controller died. Which meant unless I happened to have an identical motherboard, nothing would recover anything off of all four 4TB drives that were part of my fancy RAID-10.
And yes, I had backups - as I do understand the difference between "redundancy" and "backup".
My general rule: I tend to buy drives (all in the same capacity) in sets of 4: The live one, the offline backup sitting next to it, the off-site backup that I swap every month, and the fourth one is a spare ready to go at a moment's notice if any of the other three dies. When the capacity is exceeded, I replace the whole set for a higher-capacity set of disks, and the older ones can be reused in other machines (they're great candidates for a multi-drive RAID...although I've shot down that argument myself above).
It's not a cheap solution. But, unlike cloud storage, I remain totally in control of my own data, which IMO makes it worth it (otherwise it would mean I didn't place any value on that).
You are right, but you must excuse the friend a little bit:
If what he experienced was disk crash, this would have been non-fatal in some of the RAID schemes. So if he had been using one of those schemes, his data would have been recoverable in spite of the disk crash.
Yeah, that is tunnel vision. But also how you naturally react after a crisis: I want something that can prevent exactly what I experienced - to heck with everything else.
We need to educate people about all the security threats, not just the one they have recently been exposed to.
Not disagreeing. But consider my own personal experience (which I suppose is all I have to go with):
I've played with RAID on and off again over the last 2 decades or so, and honestly? No RAID's ever saved me from a dead drive - that's never happened to me. But I have experienced multiple controller failures.
So, RAID's never protected me from what it's explicitly been designed to protect you from, yet I've experienced RAID's single point of failure multiple times.
I'm sure RAID makes a lot of sense in large environments, but as a home user, despite being a fan of the idea, I have no good thing to say about RAID at this point.
RAID isn't a good replacement for a backup, especially internal RAID. A backup on an external RAID 1 isn't a horrible idea though.
A backup on a single external drive is, as a matter of fact, way safer, than to a single internal drive. Since the drive isn't powered up all the time, it doesn't wear out as fast as the internal drive. Unless he keeps plugged it in 24/7, then it's indeed a dumb idea.
My GF runs backups with Windows' built-in backupper on her external USB 3.0 drive which she plugs in roughly once a week. While that's definitly not enterprise-grade, it's far from a bad backup strategy.
Since the drive isn't powered up all the time, it doesn't wear out as fast as the internal drive. Unless he keeps plugged it in 24/7, then it's indeed a dumb idea.
This point can't be stressed enough for some people, and it's not just about drives wearing out. You have to ensure the data can't get modified when your system is infected with some ransomware that encrypts everything within its reach. Or deleted altogether.
The answer is whatever the user finds easiest to accomplish. As others have mentioned, the options are local backup to external disk, RAID, backup to an internal disk or cloud backup. For pictures, I think Google has their new service that gives you unlimited high quality storage. There are a host of backup providers, many only charging $5/month which is certainly worth the aggravation of losing years of photos. I personally backup in the following manner:
Internal drive- I have a script that robocopies all of my data to an internal drive.
Acronis to external drive- I have continuous backup running.
Box- Have a 50G box account that backs up everything but pictures and music.
Google- backs up pictures.
Admitted this is a little overkill but I'd hate to tell the wife we just lost all of our music or pictures because I wasn't backing up properly.
I am f***ing fed up with all that security stuff captcha, email confirmation, and even worse, code sent out to my phone to confirm Do they know that there are still people out there who do not carry their phone 24/7 ? Or who are working in other countries and do not have data there ? Damn !
Let me DECIDE about what security level I want to use. If I do not want to enter 10,000 codes to read my email or check my orders, please LET ME DO SO.
I agree. If my boss did not pay for my smart phone, I wouldn't even have one. But unfortunately, society is moving towards everything working based on a phone. A lot of youth these days do not even check email, they only do text on their phone.
Anti-social media and smartphones are making society less social and dumber.
Everyone is born right handed. Only the strongest overcome it.
I'm hating the Push method of 2FA that the employer has adopted. I open the phone app to wait for the message from the system and then have to wait for the system to receive my response. The flippin' six digit code is right there, I can type it faster than all these messages flying back and forth.
It is not the fault of the sites, but the fact that every organisation (including our lunch club for 70 retired men) is required to implement the EU wide GDPR. And if you are really bored, go to your national Data Protection website and read all about it.
A few weeks I had a secondary MS account that needed its password reset. Whatever procedure I tried to follow eventually lead me to a page where the only thing I could do is enter a phone number so a code could be sent via SMS.
Obviously that doesn't work with a landline. And I don't own a cell phone. Honestly.
As someone with a brain, I'd like that too. Unfortunately, idiots tend to be too dumb to realize they're idiots. I'd like me a checkbox labeled "Look buddy, I'm not an idiot. I know better than to trust strangers on the internet and I don't run everything sent to me either, not turn off that annoyance!" but then idiots would check that, either because they think they indeed aren't idiots or because some crap YT tutorial told them to check that to disable this annoyance NOT informing them of the side effects or because some jerk friend told the same and viola, a company is under scrutiny for exposing their users to risks despite those users being so stupid, they deserve all bad that's happening to them. And especially with US-based companies, they're expected to babysit even the stupidest of users. The problem then is that there's no way to tell idiots from people with brains apart so they have to babysit everyone.
Age is a lame excuse, quite frankly. While it's true that older people tend to have less neural plasticity than youngsters, we, techies, are in the perfect field to keep our brains fresh throughout the decades.
The change is real. Around 2000, a user name and password were enough. There was not enough e-commerce going around for bad guys to catch on as they go where there's money to be had. There wasn't enough expertise either, e-commerce was both not established enough to be a target and not established enough for bad guys to have worked out "solutions" to rip everyone off. With the years, both business and crime models evolved and grew, both in numbers and sizes (although most crime models boil to the same basic set of principles, many of them already described in the 70s and 80s). You don't need an expensive lock and alarm system living in a hardly populated suburb with low crime, do you? The internet changed, it used to be that suburb but now it's basically a downtown ghetto, so security had to be upped.
Those are objectively measurable aspects. An aspect that AFAIK is purey my subjective opinion unless proven otherwise are stupid people. Masses of stupid people. A decade or two ago, there was internet but it was only for the few die-hards. Nowadays, everyone and his grandma is on the internet and the more people there are, the more stupid people there are as masses tend to be stupid so the more measures have to be taken to babysit idiots. I'd go as far as to claim that the effective IQ of a huge set of people is the avergave IQ divided by the square root of the number of people. But I think I'm starting to digress...
Yeah. I have to go through two security doors, grab my phone (which isn't allowed to be in my work area), walk up two flights of stairs to get outside...and wait for the security code to show up on my phone...assuming there's a decent connection, which isn't always true. Yay, T-Mobile.
Then walk back inside and down the stairs and badge through the doors, and unlock my computer, and enter the code that Jack built.
We won't sit down.
We won't shut up.
We won't go quietly away.