Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

REMOTE BACKUP COMPUTER DATA SECURITY

Posted on 2007-07-20
6
Medium Priority
?
308 Views
Last Modified: 2008-02-01
Hi all,

I have following problem which I need to solve. I work at home and keep my server at home, it contains all my data, sql datadases, exchange server etc. Obviously my data are very important to me and back and ability to recover from any failure is critical to me.

Normal company usualy changes backup discs in some schema so that they are out of office and only currently used backup medium is in the machine. For me, as I work at home, this does not work, I am not willing to go somewhere (bank, my friend or whereever else, just to store my circulating backup drives).

Therefore I decided to buy software Peersync which is very good in data replication over WAN/LAN. I bought cheap computer with 500 GB capacity and I found reasonable place where to store it. During the night peersync replicate all the data I need to this REMOTE computer, as it replicates only changes even in extremely big file, this is OK.

what I need is to ensure that nobody can read the data on remote computer when this is stolen. It is not probable but I have to be sure.

I will have only remote access to that computer normally .

Can you advice what should be the best solution?

Many thanks

Vladimir
0
Comment
Question by:vladobb
  • 2
  • 2
  • 2
6 Comments
 
LVL 32

Accepted Solution

by:
r-k earned 1200 total points
ID: 19534350
The only real way to ensure this is to encrypt the disk on the remote computer. You can use the EFS built-in with Windows, or Truecrypt:

 http://technet.microsoft.com/en-us/library/bb457065.aspx
 http://www.truecrypt.org/

You will want to make sure by reading or testing that Peersync is compatible with these, and very important to backup your recovery keys in case they are lost.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 800 total points
ID: 19540415
 Not familiar with peersync, but the problem with efs is that it is keyed on the logged in user - so the remote files would be visible if someone could compromise the user account or the currently logged session. In addition, EFS would not protect the data in transit - so unless peersync does so, the data would be sent unencrypted between the two nodes.
  Truecrypt is a possible solution, but you would need to sync the data volume, and if the peersync is only granular at the file level, not the sector level, then it would resend the entire storage every night (not just the changes) which in a 500gb drive would be bad.

  Personally, I would have done the following:
1) installed linux of some flavour on the target (remote) machine
2) each night, ran a script which went though the machine looking for changed files (this is trivial; files changed under windows have the "archive" bit set)
3) for each changed file, copy it to a working area using the free 7z package, encrypting it and compressing it in the process
4) using scp, copy it to the target machine into a matching subdir to the original (creating said subdir if required); for bonus points, if the expected load isn't too high, do so with the provision of a date/time stamp added so that you can keep multiple revisions of the same file.
5) reset the archive bit so that it is marked "clean" for tomorrow

  Writing the script would take about ten to fifteen minutes (actually, most of it is just deciding which dirs to exclude from the scans); the putty scp tool is suitable (and free) and the 7z command line too is similarly lacking in cost).  Adding a gui for the script (so you can see what it is doing and/or if it has finished) would probably take longer than writing the script!

  However, as an alternate - how much data *do* you need to sync? if its less than about 16gb routinely, perhaps you could just invest in a usb pendrive, add that to your keyring, and carry around your backup with you? that would have the added advantage that your files were almost always accessable to you immediately wherever you are, and you could encrypt the drive with traveller mode truecrypt (so anyone stealing it would be unable to access your files at all)
0
 

Author Comment

by:vladobb
ID: 19540508
Hi DaveHowe, hi r-l

thanks a lot for your suggestions, my full and complete backup set has 350 GB, from this 350 GB, 1.5 GB is changed daily which needs to be transferred from server to remote backup machine. Peersync is able to encrypt data during tranfer, moreover, data will be transfered via VPN to keep them really secure on the way.

My primary problem which I need to solve is to make data on remote machine unusable if it is stolen.

I will try truecrypt and let you know.

Peersync is the software for windows which seems to be very good (also very expensive). It is able to replicate data with byte-replication algorithm which transfer only those parts of file that are changed. It is something like rsync for linux but packed in the way which almost anybody is able to set up and use.

Now I have to investigate whether peersync listener (which is service running on target remote backup machine) will collaborate with truecrypt.

Have a nice day

V.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 33

Expert Comment

by:Dave Howe
ID: 19540951
 If it can do a by-the-byte comparison, I would suggest setting up one or more truecrypt volumes, then see if you can sync the volumes across, rather than individual files.

  by synching the host volumes, you will only ever be sending pre-encrypted data across the link to the remote host - therefore, if it is stolen, the data stolen will already be inherently encrypted (and worthless to an attacker)
0
 

Author Comment

by:vladobb
ID: 19633552
Hi both,

truecrypt is really fantastic, so good that I am not sure why people spend money on Steganos Safe and other similar commercial software.

I divided points between you.

Have a nice day

V.
0
 
LVL 32

Expert Comment

by:r-k
ID: 19634953
Thanks and good luck.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Your data is at risk. Probably more today that at any other time in history. There are simply more people with more access to the Web with bad intentions.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

576 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question