Backup and Restore for the End User

In today’s world, information is one of civil society organizations’ most important outputs. Whether it is reports on human rights abuses, digital evidence of government wrongdoing, or a local copy of an email account, an unexpected loss of data carries severe consequences for the organization. This paper introduces an important concept that can mitigate the threat of information loss: a data backup. The information provided here defines the most basic level backup, introduces various backup strategies, summarizes the most common local and remote backup media, and identifies relevant online resources.

Basic Definitions

Backup (short-term storage): The process of making a copy of the original files stored on a hard drive and saving them to other media storage locations is known as a backup. Backed-up files should not be tampered with or edited, and they must be updated on a daily basis if they are changed frequently.[1]

Archiving (long-term storage): Data archiving is backing up and removing from the hard drive data that must be retained, but does not need to be accessed frequently.[2] Data can be archived to various media such as USB disks or CDs/DVDs, and the lifespan limits of each type of media storage should be considered.

Disaster Recovery: Disaster recovery refers to the processes, policies, and procedures involved with the recovery of vital technology infrastructure after a natural or human-made disaster.[3]

Restore: Restoring is the process of copying backup files from secondary media storage, such as an external hard disk or flash memory, to the main computer hard disk in order to return data to its original, valid condition after files on the hard disk have become damaged or corrupted.[4]

System Restore: This is a feature of Microsoft Windows that returns the operating system files to their condition on a date when the system was working properly. A system restore can be used to recover from system failures.[5]

Why Is Data Backup Important?

Backing up is the practice of copying and storing data so that it is preserved in case of equipment failure or other drastic events. Backing up data is like having insurance against a disaster. Every hard drive has a lifespan; its moving parts, such as the heads to read and write data, will wear out and die eventually.[6] It is, therefore, necessary to keep a copy of all important data somewhere other than the hard drive. When planning a backup and recovery plan, several questions should be considered:[7]

1- What information is stored on your computer?
2- What would happen if all the files on the computers were damaged or lost?
3- How would this data loss affect your daily work?

The goal of a backup and recovery plan is to ensure that an organization will be able to function even if all of its computers crash. However, hardware failure is not the only reason to save backup copies somewhere other than the hard drive. Individuals and organizations may lose their files due to deletion or another unanticipated major disruption. Such a disruption can be external or internal, and may include:[8]

1- Natural disasters such as earthquakes, floods, or tornadoes.
2- Local events such as major power outages.
3- Other personal events such as computer hardware failure or system and file corruption due to viruses, worms, or other malicious attacks.

Where Should Backup Files Be Stored?

There are two categories of recommended locations for storing file and operating system backups: local backup and cloud-based backup.

Local backup includes all types of media storage, such as:

External hard disks: The capacity-to-price ratio of hard disks has been rapidly improving for many years. The main advantages of external hard disk storage are low access times, wide availability, high capacity, ease of use, and their ability to use local interfaces like USB and FireWire. The main disadvantages of hard disk backups are that they are easily damaged, and their stability over periods of years is relatively unknown.[9]

Optical storage: Recordable CDs, DVDs, and Blu-ray Discs are commonly used with personal computers and have low media unit costs. However, the capacities and speeds of optical storage are typically approximately ten times lower than hard disks. Optical discs are a good option for archives because once data is stored on the discs it cannot be changed.[10]

Solid state storage: These storage devises are known variously as flash memory, thumb drives, USB flash drives, CompactFlash, SmartMedia, Memory Stick, Secure Digital cards, etc. Solid state storage devices are relatively expensive compared with hard drives of similar capacity and unlike magnetic drives, solid state drives do not contain any movable parts. Solid drive storage devices can have speeds ranging from 500Mbit/s to 6Gbit/s and a volume size of 500GB to 2TB.[11]

It is important to keep in mind that a natural disaster or hardware failure will not distinguish between a computer and an external drive. If possible, backup copies should be stored in an entirely different location or building from the original. Otherwise, natural disasters or other events are likely to destroy both copies.

Additionally, the use of encryption is essential when planning a backup. All unencrypted files can be read by anyone who obtains the device storing backup files. All data should be encrypted before or after moving it to local media devices, depending on the backup solution used. If the backup solution does not provide encryption, then third party encryption tools like TrueCrypt ( should be used to encrypt either the media device as a whole or the backup files that it contains. The alternative to local backup is to use cloud storage to save important data.

Cloud backup (remote backup service): Cloud backup services are gaining popularity. They involve backing up data to a remote location via the Internet, which can protect against some scenarios and natural disasters that could destroy local backups. There are many benefits to backing up data on the cloud, such as geographic accessibility, choice of cloud storage location, and the ability to store data on multiple sites from different vendors, which improves reliability.[12] Some disadvantages of cloud storage include slower Internet connections than local data storage devices. Cloud storage also implies that users must trust a third-party service provider to maintain the security of the data hosted on their servers. At the same time, users can ensure their confidentiality by encrypting data with a private encryption key before transmitting it to the cloud backup service.[13] Some examples of cloud storage options are:

Zero-knowledge encrypted data backup such as SpiderOak ( Zero-knowledge means that the provider’s server has no knowledge of users’ stored data; the data is only readable to the user that owns the data.[14]

Common cloud storage including Google drive, Dropbox, Microsoft OneDrive, and others. These options can be combined with a third party encryption tool like BoxCryptor (

Organizations can be compromised and hacked; they may receive requests to provide data to the government; or other companies could scan their data for the purposes of displaying advertising that matches user interests. Using zero-knowledge encryption backup can protect against these potentially problematic scenarios because it allows only a computer or mobile device with an encryption key to access the data. This also prevents the cloud storage provider from accessing the data because it cannot be decrypted without the user’s private key. The common cloud storage solutions mentioned above do not provide zero-knowledge encryption. Using a third party encryption tool like BoxCryptor can add another layer of security to these common cloud storage options.

Creating a Disaster Recovery Plan

Every organization needs a disaster recovery plan to help them recover from events such as fires, hurricanes, snow emergencies, power failures, and hardware failures. There are many online resources available to help build a disaster recovery plan, such as the free disaster recovery plan templates available at Here is an example of an IT disaster recovery plan:

Backup vs System Restore

When a computer’s system software no longer operates correctly and all attempts to correct the problem have failed, it may be necessary to do a system restore. A system restore is a special type of recovery process that uses either a system restore point (SRP) or a system restore image (SRI) to repair a software problem. The suspected cause of the system instability determines which of the system restore recovery methods is used.

A SRP is a periodic snapshot of a computer’s critical operating system files. It is not a full backup of user data or installed programs, so it can only be used to “roll-back” a system’s core operating files to their condition at time when the computer was working correctly. The SRP restore procedure should be used when the computer has become unstable due to the installation of a new program or device, a system upgrade, or a virus infection. The SRP is best for these scenarios because it quickly restores the system to a working state with a minimal amount of effort. A SRP restore can take as little as five minutes to complete, requires only that the user reboots the computer, and does not overwrite or destroy user data.

A SRI is a complete backup of all files on a computer system, including operating system files, installed programs, and user data, at a specific point in time. Almost all computers purchased from a major manufacturer come with either a system restore disk or a special area on the hard drive called a recovery partition. The initial SRI from the manufacturer contains a working installation of the operating system and any installed programs that are included with the system at time of purchase. This manufacturer’s SRI will not contain any user data and is assumed to be virus-free. It is common practice to update a computer’s SRI after installing new programs and operating system upgrades, which saves the user time restoring the machine because all relevant programs and upgrades are already included in the restore. A system restore using an SRI should be used after all attempts to remove a virus or malware have failed; if the system is unstable and the SRP does not resolve the issue; or when the computer will no longer start the operating system (Windows/Linux/MAC OS). The SRI is best for these scenarios because it completely overwrites and destroys all existing files and replaces them with the files contained in its image. Since the image was created before the program, virus, or device caused the instability, it will revert the system to its exact state at the time the image was created. SRIs are used with daily backups to fix the system and then recover the latest user data.

A system restore should not be confused with a backup. A backup is a daily process to protect the user’s data and possibly the operating system files. The system restore image or point is a special backup created at a specific point in time for recovery purposes and always includes the operating system files. A SRI should be taken when the user has completely configured the computer system for his or her needs. The SRI can be periodically updated as new programs or updates are installed. The SRPs should be configured to automatically back up core operating system files weekly or before installation of new upgrades, software, or hardware.

This table shows some of the key differences between SRPs, SRIs, and backups:

Do You Need Help?

If you are an activist or a member of a civil society organization or an independent media group in need of assistance with a proper data backup, operating system imaging and backup, restore, or data recovery options and procedures, please reach out to the ISC Project by contacting us. An ISC Project team member will respond with the proper advice or technical assistance.


Everyone who uses a computer to save or store files will undoubtedly face a scenario that causes the loss of their files in one way or another. Therefore, the question regarding data backup is not whether it should be done, but how. The choice between local backup and remote cloud backup depends on the type of disaster from which data must be protected. However, the best backup strategies incorporate both local and remote backup options, use a combination of multiple portable media storage devices and cloud storage services, and always use encryption on the backup data.

Sources for Further Reading


[1]“Backup Strategies,” Technology Solutions, 2001, accessed January 10, 2014, from

[2]“Your Backup Is Not an Archive,” Symantec, 2011, accessed January 10, 2014, from

[3]“Disaster Recovery,” Wikipedia, December 23, 2013, accessed on January 10, 2014, from

[4]“Restore,” TechTarget, 2006, accesses January 10, 2014, from

[5]“System Restore,” Wikipedia, January 1, 2014, accessed on January 10, 2014, from

[6]“Hard Disk Drive Failure,” Wikipedia, January 6, 2014, accessed on January 10, 2014, from

[7]“Protecting Your Data with Just Get Backup, LLC,” Just Get Back Up LLC, 2012, accessed on January 10, 2014, from

[8]“How to Stay in Business When the Sky Falls In!” Cyberspace Virtual Services, 2008, accessed on January 10, 2012, from

[9]“Backup,” Wikipedia, November 27, 2013, accessed on January 10, 2013, from

[10]“Backup,” Wikipedia, November 27, 2013, accessed on January 10, 2013, from

[11]“Backups and Storage Media,” King Solutions, 2009, accessed on January 10, 2014, from

[12]“Cloud Computing,” Wikipedia, January 10, 2014, accessed on January 10, 2014, from

[13]“Backup,” Wikipedia, November 27, 2013, accessed on January 10, 2013, from

[14]“What Does ‘Zero-Knowledge’ Privacy Mean?” SpiderOak, accessed on January 10, 2014, from