Advice appreciated re off-site secure backups...

Discussion in 'Mac Accessories' started by ZenBorg, Jun 10, 2015.

  1. ZenBorg macrumors newbie

    Joined:
    Jun 10, 2015
    #1
    I've done so much research into backup solutions and read so many other posts that I'm getting very frustrated and confused with all the options and non-starters, so hopefully someone here can point me in the right direction...

    MacPro at home, with an external drive holding 4TB of data. The backup scenario I imagine is -

    #1 - A local bootable backup for quick restore in case my hard drive melts. e.g. Carbon Copy.

    #2 - An off-site backup at the office for a round-trip restore in case the house melts.

    #3 - A cloud backup for a last-hope restore in case the city melts. e.g. CrashPlan.

    It's #2 I'm having a problem with. I don't want to keep transporting drives to and from the office, so I thought I could make an initial backup copy of the Mac + external drive at home, and install that backup drive(s) on the office network. Then I imagined there must be an elegant way of connecting securely from home to the drive at the office to keep the backup incrementally updated. Not so easy, apparently!

    I thought a NAS would be the obvious answer, but I don't understand enough of the technicalities to figure out which, if ANY, NAS offering would do the job, and which backup software would do the job, or even if this is a realistic scenario?

    Also, it seems to me that I need a secure internet connection - and the off-site drive needs to be encrypted, in case its borrowed by the evil maid. OR... maybe I can encrypt the files first and the NAS doesn't have to be secure? I'm getting lost...

    That in essence is the problem - How can I do incremental backups over the internet from home to office securely, and store those backups at the office securely?

    Thanks for reading this far... and thanks for any suggestions!
     
  2. Fishrrman macrumors G3

    Joined:
    Feb 20, 2009
    #2
    "It's #2 I'm having a problem with. I don't want to keep transporting drives to and from the office..."

    Well, if you're going to maintain an offsite backup, "transporting drives" is the easiest way to do it.

    I carried my offsite backup drive with me (while I was working) for a number of years, back and forth, once weekly.

    Might be best to have TWO offsite drives.
    This way, one of them will always be at the offsite location.
    The second "in transit".
    Once or twice a week, do a swap-out.

    Doing so will keep the overwhelming majority of your data backed up.

    I wouldn't worry too much about "in case the city melts".
    If that happens, chances are you're going to melt with it...
     
  3. thedeske macrumors 6502a

    Joined:
    Feb 17, 2013
    #3
    Sounds like you want to turn #2 into #3. If so, just stick with1 & 3. Crashplan/Backblaze/etc are doing it much better than you could.

    Agree with Fishrrman - 2 copies of the offsite (A&B if you will) negates 2 round trips.
    This is what I set up for a client 2 years ago, but in her case there are a pair of large drives to swap, so it's 4 drives for "Bank Vault" swap duty. The trick is actually following through with the procedure/trip. I understand your resistance to it. It's another task, but if it's some destination you visit normally, then the task is reduced to the time updating the drives and remembering to take them on some regular basis.

    Hope the zombies don't destroy both locations ;)
     
  4. glenthompson macrumors 68000

    glenthompson

    Joined:
    Apr 27, 2011
    Location:
    Virginia
    #4
    You can attach a drive to an office computer that's always on and use crashplan to backup to that drive. The backup will be encrypted before it's transmitted to the office. You can configure CrashPlan to only backup certain times of day so you don't impact the office internet connection.

    I like having a local TM backup in case I do something stupid. With a backup every hour I feel fairly safe.
     
  5. ZenBorg thread starter macrumors newbie

    Joined:
    Jun 10, 2015
    #5
    Many thanks for the suggestions. Yes, I am resisting the additional task of taking hard drives to the office and back, but that's a nice idea to use an additional set of drives, A/B with one in transit.

    Good idea with CrashPlan, but I'm trying to avoid having any of the office computers on. I imagined a NAS could just sit quietly on the router.

    Is connecting directly to an off-site NAS securely to do an incremental backup such a problem?! It seems like a straight-forward scenario, but 3 out of 3 replies have suggested alternatives - are there too many technical hurdles to make it viable?

    Appreciate the insights - thanks!
     
  6. glenthompson macrumors 68000

    glenthompson

    Joined:
    Apr 27, 2011
    Location:
    Virginia
    #6
    The problem in on the software side. The best backup is one that requires no ongoing effort. It should work seamlessly in the background. A remote NAS introduces complications. TM and CrashPlan won't work with it. CCC may work but it can be tricky to setup.

    What's the difference between leaving a computer plus drive running vs. a NAS running?
     
  7. ZenBorg thread starter macrumors newbie

    Joined:
    Jun 10, 2015
    #7
    Yes, it's the "no ongoing effort" and "seamlessly in the background" that I'm striving to achieve - and you're right, a NAS seems to make it all more complicated.

    The difference about leaving a work computer on is that it has my employer's work-related data on it. The computer has drive encryption to prevent booting up without a password, but if it's left on and unattended, then anyone could access the data.

    Based on what you and others say, I'm thinking maybe one solution is to install a cheapie computer of my own (plus drive) at work and just use that solely for my backups via CrashPlan... encrypted, incremental, and off-site. I just thought that's what a NAS was supposed to be used for!

    Thanks all!
     
  8. hallux macrumors 68020

    hallux

    Joined:
    Apr 25, 2012
    #8
    If you have an IT department to the point that they're installing whole-drive encryption on computers, you may want to run your plan by them. The NAS can be seen as a "rogue" device and they might actually kill the port it's plugged into. Actually, using your work computer as a backup destination would also be seen as a security risk. Either way, good luck getting your backup to communicate through the firewall.
     
  9. ZenBorg thread starter macrumors newbie

    Joined:
    Jun 10, 2015
    #9
    Thanks for the tip. There's certainly more to getting this to work than I thought there would be - no wonder I was getting confused.
     

Share This Page