2

I am the system administrator for a small law office.

We have a local file server on our network that holds all of our digital records. The server is running Windows 8, but uses Cygwin.

I currently have this server being incrementally backed up nightly to one of the local machines using rsync. (Basic method with rotating snapshots script)

We would like to improve this system in the following ways:

  • Host a backup offsite
  • Encrypt the backup.
  • It would be very nice if the backup could be incrementally updated, so we don't have to upload 10 - 100GB every time we backup.

Is there any way to do incremental encrypted backups to a remote server? We have a small budget for solving this problem, if necessary.

Tim
  • 31,888
  • 7
  • 52
  • 78
JoshuaD
  • 225
  • 1
  • 7

3 Answers3

1

I wrote an article on backups recently you might find interesting, for a bit of background on backups.

You have a couple of major options here:

  • Use a piece of backup software that provides incremental backups, then work out where to store those backups yourself. This can be on a disk, a tape, or a remote server / cloud. For example I use a piece of software that creates incremental backups both on local disks, on external disks, and in my choice of cloud storage. I chose Amazon S3 and BackBlaze B2 for my offsite backups. S3 is more complex but gives you more control, B2 is cheaper and simpler. I chose this option as it gives the most control, but beware with control you tend to get the possibility of error and potentially increased risk.

  • Use a backup service like BackBlaze or CrashPlan that provides both software and storage. CrashPlan has a better incremental backup solution, keeping files for as long as you specify. BackBlaze keeps versions and deleted files for 30 days. CrashPlan has Linux software. This is the simpler, lower maintenance solution.

There are dozens of pieces of software that can do incremental, encrypted backups. This list will lose value over time, but I'll offer it as it could be useful as a starting point:

  • Acronis (this is an industry leader, but is complex. Supports Linux)
  • Veeam Backup is industrial strength, works on physical and virtual computers.
  • CloudBerry Backup - cross platform backup tool. Adequate technology, no deduplication but has encryption and compression, saves diffs for modified files but they're larger than they should be.
  • Borg Backup - Deduplicating, compressing, encrypting open source backup tool. This is a branch of Attic, which I use on my Linux server. Borg is more up to date.
  • Arq Backup - Mac / Windows. Non-optimal UI but great technology, deduplicating, compressing, and encrypting.
  • Duplicati 2 is interesting, and will be a good tool in a few years, but for now is too immature. It failed a restore test I did. Deduplication, compression, encryption.

I chose not to make BackBlaze / CrashPlan my primary backup as there's a theoretical vulnerability there. A piece of malware could quite easily use the UI or the service running on the computer to delete files in the cloud. Using the CrashPlan UI, if you remove files from the backup they're removed from the service immediately. You can password protect the UI, but I suspect you could reverse engineer the CrashPlan service and talk to that directly. BackBlaze keeps files for 30 days regardless. I go into this more in my Cloud Backup article.

I suggest that any online storage service should ideally use two factor authentication to allow you to log in. Amazon S3/Glacier does this, CrashPlan does not as far as I can tell, BackBlaze does.

Either of these methods will give you a reliable backup, if implemented properly. You could use both methods - two backups is better than one.

The key to any backup system is testing the integrity of the backups and regularly doing a restore test. Without that you might as well not bother with backups.

Image Backups

The above only looks at data backups. Another class of backup is disk images. This is most helpful for operating system disks, so you can quickly restore your OS to a new disk if the old one fails. You can backup operating system disks that have data on them as well, of course.

Macrium, Acronis, and Veeam are the main vendors who come to mind in this space, but there are probably dozens of them.

Tim
  • 31,888
  • 7
  • 52
  • 78
  • Good information. I would add two-factor logon for the service web site as a criteria. I suspect many offer this already, but it would be crazy today if one did not. Also, when I did a drive shipment restore using BB about 18 months ago, the file and directory datetimes were not preserved. Not the end of the world as long as you get your data back, but it restores online do preserve the timestamps. – Greg Askew Jun 12 '17 at 21:13
  • Good point @GregAskew. I use 2FA but forgot to mention it. – Tim Jun 12 '17 at 21:53
  • Crash plan also lets you backup to other computers you own yourself... For free. So you can backup on-site and/or off site. – rrauenza Jun 13 '17 at 00:35
  • Yes, CrashPlan is quite flexible. I wouldn't be comfortable will all my eggs in one basket, I'd want more than one backup location / method for really critical data. That's what I use S3, B2, Glacier, and an external disk. – Tim Jun 13 '17 at 00:43
  • Veeam will work on physical computers too now. Veeam will also backup and restore your whole computer's state to either a local destination or a server connected backup repository. – tegbains Jun 13 '17 at 01:41
0

You can try below

BackupPC which is free and works great

Link for reference : http://backuppc.sourceforge.net/

  • Carbonite is another option if you want low cost backup solution.

https://www.carbonite.com/

Chandan Singh
  • 34
  • 5
-1

Another option is "FreefileSync" https://www.freefilesync.org/ which is also a great tool to sysnc files/folder on 2 or more places.

Chandan Singh
  • 34
  • 5