GPSOLO June 2008
There are at least five somewhat competing goals to a good law office backup program: (1) get back to work as quickly as possible; (2) minimize lost data; (3) minimize the opportunity for a disaster to wipe out your backups; (4) ensure full recovery of all computer programs, with all of the preferences and settings you have created for those programs; and (5) recover from a virus or worm.
No single backup strategy can achieve all five goals. For example, when first asked about a backup system, most people probably think in terms of backing up to a tape or portable hard drive. Those systems will not save the data that was created or altered between the time of the last backup and the time your system crashed; therefore, they do not minimize lost data. On the other hand, there are now small hard drives that will make “mirror” copies of the data on your primary hard drive the instant you make a change. By their very nature, however, they must be physically attached to the backed up computer, so a fire, flood, tornado, theft, or other calamity could easily wipe out both the computer and the backup.
The secret to a successful backup strategy is to deploy multiple layers of backups such that each layer best addresses one of the key goals set forth above.
Get Back to Work Quickly
It is practically an immutable law of nature: Your computer will fail when you most need it—at 3:30 pm when your brief is due at 5:00 pm, or as you are making last-minute changes to a presentation for a new, important client. Although computer technologists like to preach about full system backups (and full backups are, most assuredly, critical), your immediate need when your computer fails is generally to get a particular document out the door.
There are several methods you can deploy to address this situation. One is to store your data on a computer with multiple hard drives set up in a redundant array of independent disks (or RAID). In RAID arrays, everything on your hard drive is simultaneously saved on at least one other hard drive. If one hard drive fails, the other(s) automatically take over. A key advantage with RAID arrays is that the transition to the trouble-free hard drive(s) is seamless. There is nothing to set up, no drives to re-map; no action is required at all. So if the hard drive fails when your IT person is unavailable, you are still able to operate without any difficulty. If your systems and data are on the same hard drive, a RAID array also has the advantage of “backing up” your system software and settings as well.
RAID arrays are not without limitations, which is why you need additional layers of backup. The RAID array must be located on-site (i.e., it is inside the computer with your data), so if the computer is stolen or destroyed, the additional copy of your data is gone, too. If the computer housing the RAID array fails for some reason other than a hard drive failure (e.g., the motherboard fails), you will not have access to any of the data on any of the RAID hard drives until that problem is fixed.
A network file synchronization program can also get you back to work quickly. Although there are many software products that synchronize files, I like Mobiliti ( www.mobiliti.com; formerly known as Network Unplugged) because it creates a “virtual network”: Your laptop “thinks” it is connected to the network even when the server or another component of the network has failed. You can schedule the program to synchronize with the network file server periodically (weekly, daily, or even more often if necessary) at a set time, or when you shut down the laptop. If the server fails, the network is down, or you are away from your office, Mobiliti runs a virtual network on the laptop, so that user continues to work as if connected to the network. Changes made to files while working in the virtual network are then synchronized back to the real network when it is up and running. When synchronized to your laptop, you can take all of your client documents with you when traveling, which also indirectly gives you an off-site copy of your network files. Unlike the disadvantage of the RAID array, Mobiliti will allow you to keep operating regardless of the reason the server fails. Mobiliti, however, will not protect you from the loss of system files and software.
Mobiliti offers an enterprise version that will synchronize all (or a selected portion) of the network files to all of the workstations in your office. With this system, your employees can continue to work on their files no matter what part of your network has failed. Once the network is restored, all of the files that were changed while the network was down can be synchronized back to the server.
HP’s Media Vault ( www.hp.com) is a combination hardware/software solution to ensure that you keep operating if the computer housing your data fails. The Media Vault is a network-attached hard drive (similar to a portable hard drive, but directly connected to a network) that can be set to continuously back up the files on a server or other computers.
Flash drives and e-mail can provide limited protection from data loss if you are working on one particular, critical project. For example, when I am working on an appellate brief, I will frequently save a copy of my latest version of the brief to a flash drive and e-mail a copy to an Internet-
based e-mail account such as Gmail. This ensures that I will have access to a recent version of the brief should Armageddon strike my office.
Minimize Lost Data
A RAID array or HP’s Media Vault will also provide good protection against lost data
because an additional copy of the file is made as soon as it is saved to disk. For a higher level of protection, you want to consider programs or hardware that provides continuous (or near continuous) data protection. (The proper definition of “continuous data protection” is often disputed within the IT community; however, for most law offices, anything that captures data changes within one minute of the change is “continuous enough.”) These solutions generally copy bit-by-bit changes in the hard drive (rather than merely copying files from the primary drive) and are not dependent upon the user having saved the file. Additionally, because they are not simple copies of the file saved to the primary hard drive, there is greater likelihood that you will be able to recover a corrupted file on the primary drive from the backed-up copy.
There are a number of software programs and hardware products that provide near continuous data protection, but few that fit comfortably into a solo or small firm practitioner’s budget. At $59.95, an inexpensive solution is EzOpenBackup Plus! ( www.xlink.com). The program tracks changes in files in real time so that even a change that was made a few seconds before a computer crash can be recovered. The program will save files and changes to portable hard drives, so you can quickly switch your data to a new machine simply by moving the portable hard drive to that machine and using Windows Explorer to transfer the files. The program will also allow you to recover older versions of files.
There are several companies that provide similar continuous data protection by backing up to an off-site location over the Internet. Lawyers must be careful, however, about placing their confidential data in the possession of third-party vendors. There is a risk of loss of control of the data if the vendor providing Internet storage has inadequate security (either physical or electronic) or is served with a subpoena. You should also inquire about the location where the data will be stored. Will it be in the United States or another country that is relatively stable? What if the vendor declares bankruptcy or ceases business? At a minimum, your data must be encrypted before it is transmitted to the vendor (some vendors offer this as part of the service), and the vendor should not have access to the encryption key. This will ensure that if the data is lost, it will be difficult for someone to gain access to your data. There is little you can do if the company ceases to do business, but if you have followed the advice in this article, your other sources of backup will allow you to recover most of your data.
Protect Backups from Disaster
The collapse of the World Trade Center towers and the damage caused by Hurricane Katrina provide dramatic recent examples of the need for off-site, geographically remote backups. It’s not enough to have the backup a couple of doors away from the server, or even on a different floor, as the World Trade Center destruction demonstrated. Hurricane Katrina proved that even having the backup in a different location in the same city will not do you any good if a city is off-limits for a month at a time and the backup was stored in someone’s house in the same city.
An easy way to achieve an off-site backup is to do a daily backup to a different external hard drive each day of the work week. Every day, you attach that day’s hard drive to your system and put the prior day’s hard drive in your briefcase to take home with you. (Make sure your disaster plan for a fire includes having someone grab that briefcase and evacuate with it.) You should have your backup software scheduled to do a full backup (not an incremental backup) nightly when the office is empty. These backups also give you a limited ability to recover a file that was accidentally overwritten or deleted. Simply go to one of the drives that was used to do the backup earlier in the week and recover the version of the file that existed at the time of that backup.
As with Internet-based backup, it is important to encrypt the data stored to your external hard drives. These devices are easily stolen or lost. If you lose possession of one of these hard drives and the data on it has not been encrypted, all of your clients’ confidential information is at risk; you could face serious ethical and liability consequences.
The external hard drive rotation strategy is fairly safe. Obviously, if a flood or other disaster destroys your office as well as the location of the off-site backup, all is for naught. Part of your assessment of this strategy depends upon where you keep the off-site copy. If your office is attached to your home, you need to find a different location for the off-site copy. The biggest drawback to the use of external hard drives is its vulnerability to human error. Someone has to remember to swap out hard drives every night. If the person responsible is on vacation or out sick, then someone else has to be responsible for stepping in and performing the job.
Internet-based backup, employed as one of the layers in your backup strategy, is probably the best solution for protecting your practice from a disaster because the distance between your office and the backup location is likely to be substantial. Moreover, a company specializing in backup storage is likely to have a secure vault where its storage servers are located.
Ensure Full Recovery of Programs
The strategies described so far are primarily directed at ensuring that you can recover your data; but if your hard drive fails, how will you get all of your programs reinstalled? Even assuming that you could easily locate all of the installation CDs (and assuming none of the programs were downloaded from the Internet without installation CDs) and locate all of the licensing keys, it would take you hours, if not days, to get everything reinstalled. Even once you had all of the software reinstalled, you would not have all of the preferences and other tweaks to the programs that you had added as you used them.
The best way to ensure the prompt recovery of all of your programs and system settings is to periodically create an exact image of your hard drive. There are many software products that will create images or “mirrors” of your disks and burn them to a CD, but they are not all the same. It is best to purchase a program that will allow you to do a “bare metal” restore. This will allow you to restore the system on almost any computer, not just the one that failed.
You do not need to create a disk image as frequently as you create other backups. At a minimum, you should create one after any significant change to the programs or system settings. If you lose a few of the preferences that were modified between the time you last created a disk image and the time of the failure, the result will be only minor inconvenience. When creating disk images, it is a good idea to make two copies—one to store on-site and one to store in a remote location.
Another advantage of using an imaging program is the ability it gives you to restore your system to a “clean” state. Inevitably, your computer’s performance degrades over time as files get fragmented, registry entries get changed, etc. If you make a disk image immediately after purchasing a new computer; and then make a second disk image immediately after you have that computer set up exactly how you want it, you will have two disks that will give you the ability to restore your hard drive to a point in time when it was virtually pristine.
Recover from a Virus or Worm
The criminals that distribute viruses and worms over the Internet are extraordinarily clever. A virus can be timed to “go active” many months after it was installed on your computer. If that happens, by the time you discover the virus, the five external hard drives in your rotating backup arrangement will already be infected, and it may be difficult to restore the data from those drives without reinfecting your computer. How do you protect against this threat?
The use of periodic disk images burned to CDs will help immeasurably to overcome this threat. As a secondary precaution, or as a far less effective alternative, it is a good idea to periodically burn a copy of all of your data files to CDs or a DVD. Such a data set will not give you a full recovery, but it will enable you to save much of your data.
Test, Test, Test!
If you are not going to follow this next piece of advice, you might as well take all of your backup solutions and throw them in a lake. Your backup strategy is of absolutely no value if it does not work when you need it—after the catastrophe. The only way you can ensure that your data will be there for you after the loss is to test your backups before the calamity.
At least once every six months, and ideally once a month, you should do a test restore from each of your backup options. All you need to do is to see if you can recover one file from the backup. Check that once a month and you can be confident in your ability to bounce back up if disaster strikes you down.
Andrew C. Simpson owns his own litigation firm, Andrew C. Simpson, PC, in St. Croix, U.S. Virgin Islands. He is a frequent contributor to GPSolo and regularly writes and speaks on technology topics. He may be reached at firstname.lastname@example.org.