The paranoid person's guide to a complete Mac backup
Level 0: System Setup
My backup plan begins with my basic system setup, which may be different from yours. I keep very little data on the internal boot drive. My user's folder is on that drive, along with my most-used applications. But that's it; everything else is saved elsewhere. I even go so far as to use aliases (or symbolic links, if necessary) to move large data files off the boot drive for programs that don't let me specify a storage location. As a result, my boot drive is typically fairly empty--I'm using just 75GB of the 256GB SSD in my Retina iMac, for example.
So where does everything else reside On an external RAID setup, complete with a spare drive in a drawer (in the event of a drive failure). This strategy protects my files well enough while I'm working. But as you'll often hear, RAID is not a backup solution. So how then do I back up my files
I use a multi-drive, multi-location backup strategy, with the goal of ensuring that I won't ever lose a critical file due to equipment failure or natural disaster. (It's still quite possible to lose data via user stupidity; even the best backup plan isn't completely foolproof in that regard. But I take steps to minimize that risk as well.)
Level 1: Time Machine
Time Machine is my first line of defense, and the only aspect of my strategy that includes support for older versions of files. It's the first place I go if I've accidentally deleted a file (user stupidity), or need an older version of something.
In order to keep the deepest version history possible, I skip a fair number of file types from my backups. You can have Time Machine skip certain files or folders by clicking the Options button in the Time Machine system preferences panel, then clicking the plus sign to adding those files you'd like Time Machine to skip.
Tip: If you add an OS X-owned folder--such as the top-level System folder--Time Machine will ask you if you'd like to skip all system files. I reply yes, because Level Two of my strategy takes care of my system files. When you say yes, Time Machine shows "System Files and Applications" as being excluded from the backup.
In addition to the system files and applications, what other types of things do I skip I don't back up any ripped DVD or Blu-Ray movies, again because there's no need for versioning, and they're backed up at other levels of my strategy. I also exclude any Parallels or Fusion virtual machines as both apps include their own snapshot features for versioning, and I back up the full virtual machines elsewhere.
By not using Time Machine for these types of files, I've freed up hundreds of gigabytes of space that can be used for multiple versions of my data files. I do, however, have Time Machine back up my iPhoto and iTunes libraries, along with all my work and personal data files. These are files that I want to be able to get back quickly, or access older versions with a minimum of hassle.
Level 2: Boot clone
A boot clone is not a perfect copy of your favorite pair of cowboy boots. Rather it's a perfect copy of the hard drive that boots your Mac. Having a clone is critical--if your boot drive ever has a fatal error, you can connect the clone drive and reboot, and be back where you were with a minimum of disruption.
There are many ways to make a boot clone. I use Carbon Copy Cloner 4 (CCC4 from here out), which I recently reviewed for Macworld. Creating a clone with CCC4 is a simple point-and-click operation.
As I don't like leaving a clone drive connected all the time, I have a bare drive that I insert into a Sabrent 3 drive dock on a regular schedule. (See my Migrating away from FireWire hard drives article for more on this drive dock and how I put it to use.)
I update my clone about three times a week. Because the vast majority of my files live on the RAID, it's not critical that the clone is current to the minute. Using CCC4, I created a clone task that's set to run on disk mount. Updating the clone is as easy as dropping the bare drive into the drive dock; CCC4 sees the drive mount, and starts updating the clone. Typically the whole task takes about five minutes, as only changed files are updated. (The initial clone takes much longer, of course.)
When the clone is complete, I remove the drive from the drive dock and put it back in its storage box for a couple of days. If my boot drive ever fails, I know I can get back up and running in a hurry, and probably not be missing anything other than some modified preference files.
Level 3: Paranoid backup
I call this level my paranoid backup, because I always think something can go wrong with my backups. My paranoid backup is another full backup of my files, to supplement both Level 1 and Level 4 backups. I use the Sabrent drive dock and CCC4 for this backup as well; when I insert the Paranoid disk, CCC4 fires off the backup task.
One very useful feature in CCC4 for the paranoid backup is the ability to "chain" backup tasks. Because this is a full backup with files from both the RAID and internal hard drive, I have four separate backup tasks in CCC4. The first task is set to run on disk mount. The following tasks are set to run when the prior task completes.
So my paranoid backup is just as simple to run as my boot clone: I insert the
Paranoid disk, and the magic just happens. When it's done, I remove the drive and return it to its storage location. I usually do this once a day, though sometimes twice if I'm creating a lot of new files.
I'm so paranoid that I even back up my cloud services' files here, even though they reside on every Mac and in the cloud. So yes, I'm paranoid about backups!
Level 4: Offsite backup
The best backup strategy in the world is no good if all of the backups are stored with the computer. You need to keep a set of files in a separate location in case your primary location is visited by fire, flood, theft or other disaster. In my case, that means sending a backup disk to my wife's office.
Our offsite backup is also done on a bare disk, inserted into the Sabrent drive dock. As with the Paranoid backup, it runs via CCC4 on drive mount, and chains together a number of separate tasks to perform a full backup.
My wife brings the drive home once a week, I update the backup that evening, and it goes back in the morning. So yes, we have one night's exposure to a disaster while the disk is home. But I keep the disk elsewhere that night, so at least it's nowhere near the computer.
To remind my wife to bring the drive home, I rely on a simple AppleScript application:
set theAccount to "outgoing@email.address" set the_mailto to "recipient@email.address" tell application "Mail" activate set this_message to make new outgoing message with properties {sender:theAccount, visible:true, subject:"Please bring the drive home", content:{"As the subject says - thanks!"}} tell this_message make new to recipient at end of to recipients with properties {address:the_mailto} end tell send this_message end tell
Obviously you'll need to change the script's email addresses to contain valid To and From addresses, and you can change the subject and the text of the email to suit your needs.
I run this script once a week, using a launchagent. (Yes, she could put a repeating reminder on her calendar, but I like to make sure she gets a reminder from me, too.)
Level 5: Double-paranoid backup
This is an automated backup to our Time Capsule of critical work and personal files that runs four times a day via a scheduled task in CCC4. It's fully automatic; I see the OS X notification when the backup finishes, but that's the extent of my involvement in it.
In addition to copying to the Time Capsule, I also copy from the Time Capsule. I use a set of scripts to back up our web sites to the Time Capsule. These backup files are then copied to a backup folder on my RAID three times a day, so that they are also backed up. (These backups of backups eventually wind up on some of the other backups as well.)
I cannot fathom having to use this extra-extra redundant backup, but it makes me comfortable knowing it exists.
Level 6: Cloud backup
If you've read this far, you've probably wondering why I don't just back up everything to a cloud drive somewhere and be done with it. There are a few reasons why I don't it my primary backup target.
I have a lot of data--at nearly 3TB, getting the initial backup done would take forever. I also don't like the thought of using my upstream bandwidth to update a backup on a regular basis. There's also a trust issue: This data is mine, and I don't want to rely on a third party to stay in business in order to get my data if I need it back. Finally, if I do have a major crisis, waiting hours (days) to download 3TB of data to get back up and running is not my idea of a good way to spend my time.
Despite my general disinterest in a full cloud-based backup, I do back up some key files to the cloud. That way they'll be in yet one more place in the event of a major problem.
Although the cloud services encrypt your data, I'm still a bit uncomfortable trusting that there won't be an exposure somewhere along the line. So before I back up any files to the cloud, I first copy them to an encrypted disk image and then copy that image to the cloud (using a CCC4 task). That way, if someone does get a decrypted copy of what was on the cloud, my data will still be protected, as it was encrypted locally first.
Perhaps in the future when cloud drives are all 4TB+ in size, and our upstream connection speed is measured in gigabits per second, I'll be more comfortable with a primarily-cloud-based backup solution. Until then, I view the cloud as an additional element in my backup strategy, not a primary destination.
Other Macs
Although we have more than one Mac in the house, all of the key files reside on my primary iMac. The other machines have their data files backed up to our Time Capsule via Time Machine. Critical files are then copied out to a cloud drive on a regular basis (and encrypted first). However, I don't bother with a boot clone for the other Macs. If one of them were to have a disk failure, it'd be an inconvenience, but no single disk is so critical to us that it needs to be up and running immediately.
The final word
I'm probably an outlier in terms of backup strategy; I don't expect nor preach all to follow what I do. But you should have some kind of backup plan for your data, and that plan should involve redundant backups, with at least one of them being stored offsite.
You can accomplish this with Time Machine and an offsite backup, or Time Machine and a cloud service backup, or some other combination of here and there schemes. The important thing is to have copies of your data files in multiple places.
In addition, your backup plan must be as simple as possible to implement. If it's complicated, you won't keep up, and an old backup isn't much better than no backup. After years of trying various solutions, I'm incredibly happy with the amount of automation in my current plan. All I have to do is drop disks into a drive dock and CCC4 and some scripts do the work.
With any luck, you'll never put your multi-site, multi-copy backup system to use. But if you do, you'll be very glad you went through the trouble of creating a comprehensive backup plan!