You need a recovery plan.

Bad things happen. We read about whole hospital systems being hacked and driven offline. Unfortunately the same thing happens to individuals with increasing frequency. We are actually in a hacking epidemic during the viral pandemic.

Protecting against bad things like a virus infecting your computer or coffee in your hard drive is important. Being ready to recover from a disaster is essential. Even the “unsinkable” Titanic had lifeboats (more on that later). If you are now working from home, you may not have the advantage of backups your corporate IT used to do.

Recovery starts before the disaster. If you don’t plan for recovery, recovery won’t happen. For most of us, having a backup of our data is the most important preparation. Usually we can get new copies of our applications online; but our data is uniquely ours.

When you think about recovery, tell yourself that a disaster will happen. Your goal is to make sure that a disaster for your computer is not a disaster for you. Plan for the eventuality that your original computer is toast. It must be possible to restore your data to a completely new computer.

I use a service called Carbonite to back up my data to the cloud. I haven’t made a study of competing services, so this isn’t an endorsement other than to say that Carbonite works for me. No matter which service you use, automatic cloud backup is a very good idea. You can backup to a storage device separate from your computer; thumb drives are cheap and have huge amounts of storage. But unless you’re religious both about making the backup and then storing the thumb drives somewhere other than your home, you’re not protected from a disaster like a fire or perhaps even a hacker attack which gets through your computer to the thumb drive when it’s attacked.

The trouble with cloud backup is that it takes a long time to move data to the cloud even if you have a very good internet connection. For most of us, it would be impractical to upload all of our data every day; we have more than a day’s worth of data on our computers. But, if you backup less often than once per day, then you will lose more than a day’s worth of data in a disaster.

Fortunately, cloud backup services use a process called incremental backup to assure that you don’t have to risk more than a day’s data even though you don’t do a daily full backup. Here’s how incremental backup works. First, a full backup is made of all the data stored on your computer. This usually takes several days but you can keep using your computer normally while this is happening. Once the full backup exists in the cloud, only changes that you make are uploaded each day. When recovery is needed you get the data updated by the changes.

Different cloud providers use different techniques for change management and merging changes with the original data, but here’s an oversimplified example. Think of the hard drive on your computer as if it had a million separate data boxes. Originally the contents of all million boxes are uploaded. Today you change the data in only one thousand of those boxes. In order for you to be able to recover, only the changed boxes need to be uploaded to the cloud so long as the changes are merged with the original when or before recovery time comes. Part of the secret sauce of cloud backup services is how they know what has changed each day; but there are many effective techniques for doing this.

Incremental backup enables recovery by date. Maybe your data corruption started last week. That means some of your backed-up data is corrupt. That’s bad but not catastrophic so long as you can specify that you want the data as it looked a week ago. Most cloud backup providers allow you to recover file by file. BTW, the ability to recover a particular file as of a certain day also saves you from the case where you inadvertently made changes to a document and need to recover the original. Go online and learn how to recover specific documents.

A popular scam – you may have seen it – is a popup that says all your data has been locked and that you have to pay ransom to get it back. The message warns you that, if you attempt a reboot, the data will be permanently lost. Usually the message is a lie; nothing has happened to your data; you just clicked on a bad link. But do you dare ignore it? Should you send bitcoin ransom? If you know your data is backed up and restorable, you can safely ignore the message even in the rare case where it is true.

But how do you know your backed-up data is restorable? The Titanic had lifeboats but neither passengers nor crew had been sufficiently drilled in their use. You only know your recovery plan is usable if you try it. You don’t want to be learning how to recover during a time when you frantically need to get your new computer up and working.

Usually there are two ways to restore all your data. You can download it although that may take days. Or you can ask the cloud provider to cut a DVD and overnight it to you. When I’ve had emergencies, I immediately ask for the DVD to get that in process and then start downloading the files I need most. You should at least know how to request a full restore to a new computer and to request the DVD.

Just as we owe it to ourselves and society to avoid COVID infection, we owe it to both ourselves and society in general to avoid a situation where we might have to pay ransom and fuel the hacking epidemic. Computer virus protection is necessary but not sufficient. Constant backup and rehearsed recovery will let you tell hackers where they can put their bitcoin demands.

See also: Recovery (I hope) Log

Protecting an Enterprise from Cyber Catastrophe