Backups¶
Most people who do not have backups know they need them. The barrier is rarely knowledge: it is the gap between intending to do something and building the habit that makes it happen automatically. The calendar reminder suggested below is, in practice, more important than the technical setup.
The first few reminders will feel like extra work. That is the period most habits do not survive, and it passes. The month after the first month is considerably easier.
Why offline backups¶
Ransomware cannot encrypt a drive it cannot reach. An offline backup, disconnected when not in use, is the most reliable defence against ransomware affecting backups along with primary files. It also protects against hardware failure, theft, and accidental deletion.
Cloud sync is not a backup. Files that are corrupted, encrypted, or deleted often sync that state to the cloud promptly.
How to set it up¶
Buy a portable external drive (2TB is sufficient for most households). Copy the files that cannot be replaced:
Photos and videos
Documents (tax returns, contracts, certificates)
Password manager export
Eject the drive properly when done. Unplug it and store it somewhere other than directly next to the computer.
For better coverage: make two copies. Keep one at home and one elsewhere (a workplace, a family member’s home, a safe deposit box).
Keeping it going¶
Set a recurring calendar reminder, monthly works for most people. Call it whatever makes it likely to happen. The goal is to make backup a scheduled event rather than a response to a near-miss.
Encrypt the backup drive if it contains sensitive documents. BitLocker (Windows) and FileVault (macOS) handle full-drive encryption. VeraCrypt works across platforms.
Test the restore at least once a year. A backup that has never been restored is an assumption.
The 3-2-1 rule¶
Three copies, on two different media types, with one stored off-site. This covers hardware failure, local disaster, and theft simultaneously. It is worth more than any particular drive recommendation.