Question How to protect a folder

Jun 26, 2019
21
0
10
hi, i have a backup drive plugged to my main computer and it has a set of folders. I want to be that set of folders as secure as possible, in a way it can't be modified by mistake.

I already marked all folders and subfolders as read only, but the problem is that the files can still be deleted, moved to another location, and even renamed. I almost messed up with the folders by human mistake and since then i don't feel confident on the security of the files, and they are very important to me to.

I also did a checksum on each folder and placed the file inside the folder. The problem is that, the files can still be moved, deleted, or renamed by accident.
You might suggest use BitLocker, but i don't trust that because if the hard drive suffers a failure, having it password protected with bitlocker reduces the possibilities of recovering data from it.

In the past i used to backup the folders on compressed files. Wasn't a bad idea but took double the space because i wanted to have the folders easily accessible so i had the compressed version and the uncompressed version, and i don't have enough space for doing that anymore.

any ideas? thanks
 
Jun 26, 2019
21
0
10
Whatever else you're doing, you absolutely need a backup with known and tested recovery procedures.
I won't trust on any windows built-in backup system because i'll be using both linux and windows, and in the future probably abandon windows.

also i won't trust automated software because if it fails, you don't have anyone to blame and there is no turn back. Been doing manual backup for long years and didn't have a problem, except this one i'm asking but i see nobody is replying about what i'm asking.
 

USAFRet

Titan
Moderator
I didn't say you had to use Windows backup, or indeed any particular tool.
Windows, Linux, iOS...if the data is in anyway valuable...you need a second (or 3rd or 4th) copy of it.

On to your original question...how is encryption not an option?
VeraCrypt, and don't open it until you need to access it.
 
Jun 26, 2019
21
0
10
I didn't say you had to use Windows backup, or indeed any particular tool.
Windows, Linux, iOS...if the data is in anyway valuable...you need a second (or 3rd or 4th) copy of it.

On to your original question...how is encryption not an option?
VeraCrypt, and don't open it until you need to access it.
okay i might test that encrypt tool
thanks
 
Anything connected to the computer full time is also somewhat more vulnerable to ransomware, where as offline periodic backup images or clones are impervious to such attacks...; so I'd also advise disconnected (aka, 'air gapped') backups, and inexpensive USB drives in 1-4 TB size are quite inexpensive these days...

(I've used Clonezilla to make backups of multiboot/mixed Windows/Linux drives, and never had an issue doing practice restores to verify the procedure, but, Acronis True Image and Macrium are much prettier, using a GUI pretty fool-proof GUI for the tasks)
 
Jun 26, 2019
21
0
10
Anything connected to the computer full time is also somewhat more vulnerable to ransomware, where as offline periodic backup images or clones are impervious to such attacks...; so I'd also advise disconnected (aka, 'air gapped') backups, and inexpensive USB drives in 1-4 TB size are quite inexpensive these days...

(I've used Clonezilla to make backups of multiboot/mixed Windows/Linux drives, and never had an issue doing practice restores to verify the procedure, but, Acronis True Image and Macrium are much prettier, using a GUI pretty fool-proof GUI for the tasks)
I already have double backup drives offline. I don't like using hard drive clone utilities because maybe some files on the main drive became corrupt, in that case you are overwriting the good ones by the bad ones, so i prefer to do a "manual clone", cheching manually all the checksum files and copying only content that is new to the backup drive instead of the full 2TB which would take half a day. Said that, i prefer to use HD clone enterprise edition.

I didn't say you had to use Windows backup, or indeed any particular tool.
Windows, Linux, iOS...if the data is in anyway valuable...you need a second (or 3rd or 4th) copy of it.

On to your original question...how is encryption not an option?
VeraCrypt, and don't open it until you need to access it.
And one more thing, encrypting the drive process is long? how much would it take approximately on a 2 tb drive? and what would happen if the drive is desconnected accidentally on the process of being encrypted/unencrypted, would all the drive became corrupt and unreadeable or what?. I don't feel neither confident on leaving a drive encrypting for 5 hours because maybe the drive disconnects by error or the light on my house goes off, then that's a huge risk too.
 
hi, i have a backup drive plugged to my main computer and it has a set of folders. I want to be that set of folders as secure as possible, in a way it can't be modified by mistake.

I already marked all folders and subfolders as read only, but the problem is that the files can still be deleted, moved to another location, and even renamed. I almost messed up with the folders by human mistake and since then i don't feel confident on the security of the files, and they are very important to me to.

I also did a checksum on each folder and placed the file inside the folder. The problem is that, the files can still be moved, deleted, or renamed by accident.
You might suggest use BitLocker, but i don't trust that because if the hard drive suffers a failure, having it password protected with bitlocker reduces the possibilities of recovering data from it.

In the past i used to backup the folders on compressed files. Wasn't a bad idea but took double the space because i wanted to have the folders easily accessible so i had the compressed version and the uncompressed version, and i don't have enough space for doing that anymore.

any ideas? thanks

Use a UNC directory name and do not mount it as a windows drive. Password protect it with a unique password. When running backup, use the UNC name on a network share. Do not make the network share visible outside the network or via http. Do not make the network share on another PC. Use a NAS or Router with basic NAS abilities. It will ask you for a password. It's stored encrypted so other programs can't use it. Make sure you have "unlimited number of backups until space runs out" So even if backup runs and it's was on a ransomwared file, you can recover it from a previous version.

BitDefender also offers an anti ransomware remediation where it will prevent directories from being overwritten by unknown programs.

Your only other option is to run everything on a NAS and have that dedicated NAS have a montly backup to external drive. But those solutions get costly.

There's also cloud backup storage. Again, that's costly, but it would keep you safe.
 
Last edited: