What is the best/most secure way to download/send/keep offline backups?

Question

I have a small app that uses MySQL. I'm on a small Ubuntu box using Apache on Digital Ocean. In case anything ever goes wrong, I would like to have something that periodically sends me or downloads in some way a backup of my database.

My database contains personal information like emails and plain text passwords (haha), so I don't want to do anything where that data could be stolen along the way.

Is the best way to keep backups just to periodically do a database dump and then download that file or is there some more sophisticated way that I'm missing? What do people usually do to protect their data and make sure they have something in case they get compromised?

Thanks

Encrypt them. Make secure copies of the keys, and test your restores. See [this question](http://serverfault.com/questions/299512/are-encrypted-backups-a-good-idea) for more details. — MadHatter, Jul 15 '14 at 07:12

score 2 · Answer 1 · answered Jul 15 '14 at 11:04

There is no best[tm] way. But you basically need to consider three steps:

Data export: an SQL dump is fine (for all smallish databases without performance issues).
Encryption (optional, but recommended): simply add PGP to the pipe, very easy because you only need your public key on the server.
Copy off-site: move the backup files somewhere else, e.g. your homeserver or cloud storage.

I personally use duplicity (does PGP+rsync) for my desktop and tarsnap (does encrypt+copy to AWS S3) for my servers.

score 0 · Answer 2 · answered Jul 15 '14 at 08:23

0

Try this: http://meskyanichi.github.io/backup/v4/

Its a very easy tool written in Ruby that can backup to Dropbox, S3, Rsync and more and also support Encryption with OpenSSL or GPG.

I use it in my personal server and I really recommend it.

answered Jul 15 '14 at 08:23

brpaz

179
1
2
9

What is the best/most secure way to download/send/keep offline backups?

2 Answers2