Backup Strategy

When I got my new iMac, I took it as an opportunity to revisit my backup strategy. I’m pretty religious about having good backups and they’ve saved my bacon more than once.1

There are lots of different ways of backing up your data. You can use Apple’s Time Machine, clone your hard drive, subscribe to an online backup service, manually copy data to external drives, back up to network attached storage, and so on. Lots of people will extoll the virtues of one or more of these options. However, rather than starting with the backup techniques themselves, I find it more useful to start by thinking about the problem you’re trying to solve. Decide what threats to your data you are concerned about, then pick backup techniques that address those threats.

So, what threats am I trying to mitigate with my backup strategy?

Oh crap I shouldn’t have deleted that!

The most common threat to my data isn’t theft, or fire, or hardware failure; it’s Command+S. I’ll make a change to a document and save it, then realize that the change got rid of something I wanted to keep. Or I’ll delete a file and empty the trash before I realize that it was the wrong file. Either way my actions are more of a threat to my data than anything else.

The simple solution to this is Apple’s built-in Time Machine software. It lets me go back and resurrect old versions of my data before I mistakenly deleted something.

In the past I’ve run Time Machine over the network, either to an Apple Time Capsule or to a share on my Drobo 5N. Every so often, however, Time Machine reports that it needs to get rid of my old backup and start again. With my move to a desktop Mac I decided to switch over to using a directly attached hard drive for Time Machine. So far this has been working well, but I haven’t really used it long enough to tell whether it’s more reliable than doing it over the network.

Oh crap my hard drive just died!

After my own incompetence, the next most likely cause of data loss is some sort of hardware failure. Either the hard drive dies, or my whole computer fails. Time Machine can help with these sorts of situations but it’s not optimal. I would have to get a new drive (or a whole new computer), reinstall the OS and then restore my data.

A better solution is to clone my Mac’s hard drive to an external drive. This way if I have a hard drive failure I can get back to work right away by booting my Mac off the external clone drive and pick up right where I left off.

I use Carbon Copy Cloner to do this. CCC figures heavily in several parts of my backup strategy, and I think it’s a piece of software every Mac user should own.2 Every night CCC clones my iMac’s hard drive to a 1tb external drive. CCC will make this software a “bootable clone”, setting it up so I can boot directly from the cloned drive (unlike a Time Machine drive).

The one potential issue I have with my current setup is that the external drive I’m using is a spinning hard disk, so when I boot my Mac from the external drive it’s very slow compared to running off my nice fast internal SSD. I’m considering whether it’s worth buying an external SSD as my bootable backup instead.

While my most important files are on my iMac’s hard drive, I also want to make sure all the data on my Drobo network attached storage are backed up. I have CCC set up to clone the Drobo as well. Right now I’m actually using two separate clone drives, one for my iTunes library and one for other data. This is primarily because I outgrew both the original drive I was using for this and the larger drive I got to replace it. So now I’m using both the original drive and the replacement in combination. I use Carbon Copy Cloner to clone my Drobo to these drives on a weekly basis.

Oh crap my house just burned down!

While a house fire is the notional threat here, it’s really a stand-in for any disaster that takes out both my Mac and the various backups on external hard drives I have sitting in my office. It could be a fire, flood, tornado,3 or theft. The solution is to have some sort of off-site backup. For a long time the only way to do this was by physically carrying a backup hard drive somewhere else. This sort of thing is obviously a bit of a pain, so most folks didn’t do it very often (if at all). The advent of high speed internet connections and cheap cloud storage has created a much better solution: online backup.

There are various services out there, some that will store your data for you, others that will back your data up to your own cloud storage service, or even a computer at a different physical location. I use Backblaze, which provides unlimited cloud backup for a yearly, per-computer fee.

One limitation with Backblaze is that it will not back up network attached storage, only drives that are directly attached to your computer. This is where the clone backups of my Drobo come in. Because these cloned hard drives are directly attached to my iMac, Backblaze will back them up. This does mean that my backups of stuff off the Drobo will be up to a week out of date since I only run the Drobo clone job once a week, but the stuff on my Drobo doesn’t change that frequently.

One limitation with online backup is the 1tb per month bandwidth cap that my ISP has recently imposed. I ran into an issue that required restarting my Backblaze backup from scratch when I reformatted my Mac mini, and it will be several months until I have everything uploaded to Backblaze again.

Oh crap I’ve got ransomware!

The most recent threat to my data is ransomware, malicious software that infects computers and encrypts all your data so you can’t access it until you pay the person who coded the ransomware for the decryption key.

The problem with ransomware is, depending on how cleverly it’s written, it can potentially corrupt any backup that can be reached from your computer, including network attached storage, external hard drives, and even online backup. The solution is to have a backup that’s not attached to your computer.

The most recent addition to my backup strategy is a “rotating shelf backup”4. I have two large external hard drives and every week I’ll connect one of them to my iMac and clone the iMac hard drive and my Drobo 5N. Once the clone is done, I’ll disconnect the drive and put it on the shelf. The two drives alternate every other week. By using two drives, I ensure that even if I was hit by ransomware while doing the clone, I’ve still got a copy of my data on a drive that’s not connected to my Mac.

Oh crap I forgot that file when I reformatted my hard drive!

Most of these backup strategies are intended to make sure I have as recent a copy of my data as possible. However, there are times where I want to make sure I’ve got an old copy of my data. Whenever I decide to nuke and pave5 I’ll use CCC to back up the computer to a a disk image on my Drobo. This gives me a copy of my data that can hang around for months or years, long after my Time Machine, clone backup, and online backup have been written over with data from the newly formatted drive. This has saved my bacon a couple of times when I realize that there was an important file stored in some odd location that didn’t get copied over to the newly formatted hard drive. I’ll do the same thing when I get rid of one of my computers.

Do I really need to do all of this?

The truthful answer is probably not. This is a pretty heavily optimized backup strategy. Most of these techniques protect against multiple threats. If a hard drive dies you can recover from Time Machine or an online backup, for instance. A clone backup is easier to recover from, but it’s not the only way. You could protect against all of these threats with just Time Machine and a clone backup that you stash at a friend’s house. But that isn’t going to be as quick or seamless as having strategies optimized for each threat, nor does it provide as much redundancy.

I’m trying to have the best possible solution for each of these potential issues. This means when I do have a problem, I’ll be able to get back up and running with a minimum of fuss, but it’s more effort on the front end.

I would say that as an absolute minimum, you ought to have two different types of backup, one of which should be offsite. There’s nothing like suffering a hard drive failure and then finding out there’s a problem with your backup. As the saying goes, “two is one and one is none.” The easy button for most people is probably Time Machine and a service like Backblaze. Regardless, have a backup strategy and test it periodically.


  1. For instance when I unexpectedly needed to erase and reformat my Mac mini. 
  2. SuperDuper has a similar feature set, but I prefer Carbon Copy Cloner. 
  3. Here in Kansas anyway. Depending on where you live substitute in a hurricane, earthquake, wildfire, or whatever the local natural disaster is. 
  4. Does that make it a “lazy susan backup”? 
  5. Reformat my hard drive and set that computer up from scratch.