adlerweb // BitBastelei@adlerweb@social.adlerweb.info
@nixCraft@mastodon.social Nowadays I would move to a more complex 33-22-11-00-Backup.
Keep at least 3 copies of the data
and regularly test 3 of them.
Use 2 different types of storage media
managed by than 2 fully independent software packages or service providers.
Keep at least 1 copy at a different location,
but also keep at least 1 of them at a location you own yourself.
Every service you haven't thoroughly checked yourself equals to 0 valid copies, also every copy that will automatically be overwritten without a forced retention (like RAID, most live-replication/geo-redundancy, …) is 0 copies.
Zimmie@bob_zim@infosec.exchange
@adlerweb@social.adlerweb.info @nixCraft@mastodon.social The “1 copy at a different location” has always bothered me. The advice should always have been to keep the data in at least two totally separate locations and providers. E.g, AWS US-East-1 and Azure US-East-1 are separate providers, but not separate locations; they’re down the street from each other.
Sure, it’s ideal for one of the providers to be you, but there are a lot of small companies which don’t have the expertise to manage that. Turnkey solutions like NAS units from major vendors tend to have nightmarish security flaws.