Some time ago, I wrote up my data protection strategy. I’m no longer using most of what I describe in that article for two reasons:
- For various reasons, we are now using Windows as our primary laptop computing platform.
- Backing up to an external hard drive is not robust against ransomware such as CryptoLocker that encrypts your files and holds them hostage until you pay the criminal or organization deploying the attack.
This second point is particularly important: in addition general practices to keep from running ransomware (or other malicious software) in the first place, the best protection against CryptoLocker-style attacks is a good backup strategy where the backups are kept out of reach of the backed-up system. These attacks typically try to encrypt all the data files they can find, including on external drives and network shares, so if your backups are stored on such a drive they’ll be scrambled too.
However, if you have good backups out of reach of your computer, and you get hit, you can recover relatively easily: reset the computer from install media, restore data from backups, and go on your merry way. Being careful, of course, to avoid opening potentially-malicious files, as it’s quite possible that the infection arrived through some document that is saved in your backups.