Last week I wrote about my set up for a secure and robust backup solution for my MacBook. Some feedback I got suggested that a flow diagram would help readers understand the concept better. So here is a flow diagram, which I will also add to the original post.
The following article describes how I’ve set up a system for Mac backups that is robust and secure. The importance of doing this correctly came to the fore of my thinking after my brother had his laptop stolen. In the event of a need to restore from a back up you need a system that is robust – you don’t want to find that your backup is corrupted or otherwise of no use right when you need it. Also, in the event of theft you want to be confident that even your backups cannot be used to provide confidential information to the thieves. If you are using FileVault on your internal HDD then you have already made a security-conscious move with your data, therefore having secure backups will be all the more important to you as you don’t want a thief to easily bypass the encryption on your internal HDD by simply restoring from an unsecured backup. If you’re not using FileVault then you should be – follow this link to find out how to set it up.
I have a MacBook Pro with a 500 GB HDD, so the below is a description of how I have recently established my system for backing up that Mac. In addition to that I have an extensive archive of educational videos that I’ve created and need to store somewhere (approx. 350 GB). My HDD is nowhere near large enough to accommodate those, so my backup solution includes keeping redundant backups of that archive (along with some other files). If you have a different size HDD and different archive requirements you can alter your backup disk sizes accordingly.
The system begins with three external disks. I have a 2.5″ 500 GB portable disk (Toshiba), a 2.5″ 2 TB portable disk (Western Digital, WD) and a 3.5″ 2 TB desktop disk (Hitachi). Some time ago (about 18 months to two years ago) I read an excellent article evaluating HDD’s to find the most reliable brands. Since then the article has been updated so it doesn’t have the same information when I read it but it’s still worth a read. In the article I learned that Hitachi drives are the most reliable (in the storage range they considered). Hence I have one in my system and I advise you to get one too if you can. If that is not possible WD now own the hard disk arm of Hitachi and WD drives faired well in the analysis so WD are a good brand to go with.¹
Whichever brands you settle on, I would advise using at least two different brands and one drive should definitely be a 3.5” desktop drive as 3.5” drives are inherently more reliable than 2.5” drives. In my set up I use the different drives as follows:
The 500 GB 2.5″ drive is set up as a Time Machine backup disk. I take this drive with me to work for frequent Time Machine backups at work and at home.
The 2 TB 3.5″ drive has two partitions. One partition is set up with the well renowned Carbon Copy Cloner, CCC, by Bombich Software. This disk remains at home on my desk to make bootable backups whenever I am at the desk. I also have a 128 GB SanDisk micro SD card permanently mounted on my MacBook for additional storage and CCC backs this up to the 3.5″ drive also. The second partition is used as a standard external hard drive for permanent archiving.
The 2 TB 2.5″ drive is used as an external hard drive with no extra software for making second copies of the archive files stored on the 3.5″ drive.
Once you have your three drives you need to format them correctly. In order to make your backups secure they need to be encrypted. So open up Disk Utility should be the first option when you type “disk” into Spotlight, Alfred, or Launchpad. Alternatively open up the Applications folder in Finder and then locate Disk Utility in the Utilities folder. Formatting the drives is easy if you are starting with blank drives. I wasn’t starting in that position so I had to move files to another drive, format one drive and then transfer files back to it so I could format the other drive. This is time consuming if you have to do it but it is important to get it right.
When you have a drive ready to format connect it to your Mac and it’ll show up in Disk Utility. Make sure that you are viewing devices in the Sidebar and not just the volumes in Disk Utility – select View All Devices in the View menu (so that you get the right formatting option). Select “Erase” as the procedure that you want to do on the device. You are then presented with some options. Choose “GUID Partition Map” as the Scheme you want to use and “Mac OS Extended (Journaled, Encrypted)” as the format. This option means that a password will be required to access anything on the drive. Combined with use of FileVault this provides a secure platform for your computing – extending encryption to your backup. Of course there are people/organisations that could bypass the encryption and access your data but the thief who steals your computer for a quick buck is (probably) not one of them.² Disk Utility will prompt you for the password you’d like to use to encrypt the drive.
Once you have correctly formatted and encrypted your drives, select the one that you will use for frequent Time Machine backups and plug it into your Mac. When you plug it in your Mac you will be prompted to enter the password for it – input your password and tick the box to save the password to your keychain. (There should be no security risk by saving your password on your computer because if someone gains access to your computer then what advantage do you have if they do not also access your Time Machine backup?) Your Mac should then show a dialog window asking if you’d like to use that disk to make a Time Machine backup. Click “Use as Backup Disk”, then follow the instructions and Time Machine will start making backups.
I think it is wise to use different software to Apple’s Time Machine for the backup on a second disk. Time Machine is an excellent application but you’ll never know about a bug until you need to restore from a backup by which time it is too late. My recommendation is to use an excellent app called Carbon Copy Cloner (CCC) made by Bombich Software. CCC backups have a feature that sets them above Time Machine backups in my opinion – they are bootable.³ In the event that your internal hard drive gets fried you can boot up straightaway from your CCC backup. With this set up you are preempting bugs from ruining backups in either Time Machine or CCC and you benefit from the unique features of both TM and CCC backups.
If you are following my setup for assigning disks to backup function then this second disk will be your large capacity desktop hard disk. In that case partition the drive so that you have about 700 GB available for the CCC backup on one partition and the rest can be used for archiving large files so they’re not taking up space on your internal drive.
How to partition a hard disk
1. Mount the disk on your Mac and launch Disk Utility.
2. Set the view to Show All Devices (press ⌘2 or use the View menu).
3. Select the “device” for your hard drive in the sidebar. Don’t select the “volume” (volumes are displayed under their device)
4. Then click Partition in the toolbar.
5. Click the “Plus” button at the bottom of the window to add a new partition.
6. Resize the partition you will use for backups to be a bit larger than the internal hard disk you are going to backup.
For instance for my 500GB internal drive I created a 700 GB partition.
7. Ensure that archive partition has the encrypted format in the Format field. The partition for the encrypted CCC backup needs to be set up differently. So follow Bombich’s instructions on how to set up an encrypted backup here
8. Click Apply and Disk Utility will partition the drive.
The third disk is used for creating a redundant archive of your large files. Do this so that if your desktop hard disk should fail you still have copies to fall back on. When you copy files to the desktop disk make sure you also copy them to the third disk and vice versa.
At this point you have now established a back up solution for your Mac and any large files that is robust (if one device or app fails you’re still covered) and secure (even if your backup disk is stolen here is still an encryption barrier to keep that data safe).
If you’ve followed my scheme up until how I hope you find it to be a useful solution for your backup needs. If you have any comments or suggestions add them below or on Google Plus, alternatively you can email me at firstname.lastname@example.org.
Some feedback I received suggested that a flow diagram would help readers better understand the backup solution I’ve described above. So here is the diagram:
Footnotes ¹ In the original article someone added a comment with additional information looking at failure rates over time. They noted that if WD drives failed they tended to fail almost as soon as you got the drive. That suggested that WD drives are most likely reliably built but poorly shipped. So if you manage to get your WD drive running after purchase it is likely going to last well. And of course that may have changed since the original article publish date – hopefully for the better!
² There probably are people or organisations who have the resources and knowledge to crack encrypted drives or bypass the encryption but the question is do they have the motivation to crack the encryption on your drive? Cracking into encrypted drives is possible but very difficult, time consuming and therefore expensive. Unless you are a person of significant influence or a known terrorist you can probably be confident that your data will be safe. Keeping data secure is really about using methods that make it impossible for the average person or even a skilled person to access your data.
³ A further advantage of CCC over Time Machine is the ability to back up multiple hard drives. Time Machine can only back up your internal hard drive (as far as I can see). CCC can make backups of external hard drives that you mount on your Mac. In my case this proves to be extremely useful for making backups of a 128 GB micro SD card that I have continuously mounted to my Mac. Find out more about using micro SD cards for continuously mounted storage expansion here.
Google Prompt is a fast second step authentication option on iOS and Android. Whenever a login attempt is made on your Google account Google Prompt sends a login confirmation to the Google app on your phone. You open the app (via push notification) and tap “Yes” to confirm a login attempt is valid (or “No” to deny a login attempt).
This login method is quite a bit faster than using an authenticator app. I use Authy which even with its widget in the notification centre takes some time to copy the number into the field. I like Google Prompt for its speed and simplicity. The slight downside is that it requires your phone to have a live internet connection to use. This is only a slight downside because if you are signing into a Google service somewhere chances are that you have an internet connection available; with some exceptions. But Google Prompt works parallel to the other second step options available including an authenticator app, so in the absence of an internet connection on your phone you still have offline options to fall back on. Head into your Google 2 step verification settings to set it up.
From a security perspective it is hard for me to say whether this is a better or worse method than an authenticator app. I understand the methodology behind authenticator apps, but not this one. That said, I trust Google with my information and I trust them to have built a reliable and safe second step with Google Prompt. Furthermore I trust that they will be on the ball enough to keep it safe. I say this because of the numerous articles and security updates that are the result of contributions that Google has made to tech security worldwide.
In summary Google Prompt is a system I am prepared to trust and it makes my login process a great deal more streamlined whilst maintaining its integrity. I recommend this for anyone wanting the benefits of 2 step authentication with a bit of a faster workflow.
Earlier this week my wife had the unfortunate experience of having her Amazon account totally hijacked. The hijacker was able to take complete control of her account and lock her out. They then had the ability to place orders on her credit card but they did not have the ability to glean the details of the credit card itself.
This proved to be a serious wake up call to her about the need for excellent password security (especially where credit cards are involved) because until this incident she had been content with an easy to guess password. All the hijacker needed was her email address, which is not hard to come by, and then to try several obvious password iterations.
Thankfully not long after the hijacker had gained control we realised what was happening and were able to take some action by cancelling our credit cards. That was necessary because an Amazon representative made it clear that if they were going to do anything it would be within 48 hours, which was too long to sit around whilst someone spent money we wouldn’t get back!
After taking over the account by changing the registered email address and then changed the email address again to a second email address they owned, the hijacker then changed the password. Lastly, and very cleverly, they created a new account using my wife’s email address and original password.
The point of doing it in that order seems to be that my wife received only an email to notify her that the email address had been changed, to a “burner” email address, but she didn’t know that her password had been changed*. Amazon sends emails to confirm changes to account details, in this case the old email address and the new one. She also wouldn’t receive an email from Amazon containing the actual email address that the hijacker going to use with the account, just the “burner” address that would quickly be removed from the account.
*Doing it that way probably didn’t gain the hijacker much in real terms but maybe email address changes appear less threatening to account owners so they are less likely to act immediately?
Once we realised what was happening I started trying to get into the account in browsers that were already logged into the account. It wasn’t possible to change anything without the new password but I did find out the actual email address the hijacker was using when I was taken to the login page. So when my wife was through to a representative from Amazon we could let them know the account was hijacked and the email address being used on the account.
I said above that creating the new account with my wife’s email address was a clever step. That’s because once we were in contact with Amazon they sent her a link to reset her password, but the reset was being performed on the newly created account not the original! Eventually the Amazon representative told us that Amazon would look into the issue but it would take up to 48 hours. That’s a long time especially given that the representative said they could tell something was wrong from a cursory look (the missing orders going back a few years associated with my wife’s email address). But at least we had found the email address that was associated with the account so Amazon could investigate.
This experience has lead me to these conclusions :
1. Strong passwords are essential for Amazon. They are important anyway, but in Amazon a hijacker can completely shut you out of your account with just your password. I have recently become very impressed with 1Password as a solution for generating and storing strong passwords. Their methodology is secure and their apps and browser extensions are excellent.
2. Amazon, and other companies with similar protocols for handling changes of account information, should update those protocols by sending a link within their courtesy email to override the change if it was not initiated by the account owner. That function is already being used by Evernote (for example). So below is an example of best practice from Evernote!
3. Although I have been a fan of two step authentication for a few years now, this further highlighted the security benefits of using two step. With this set up even if the hijacker knew my wife’s email address and password they would not have been able to break in. Google Authenticator is an excellent app for generating new “random” codes (offline) every thirty seconds.
So please stay safe online – get your passwords strong now and enable the two step where you can!