Take Control of Mac OS X Backups: Part Two

Editor’s Note: The following article is an excerpt from Take Control of Mac OS X Backups (version 1.1), a $10 electronic book available for download from TidBits Electronic Publishing. In part one, Joe Kissell covered the different approaches you can take for setting up a backup strategy featuring duplicates and archives. Today’s installment looks at when to schedule backups, how many backups you need, and how to backup a small network.

Scheduling Backups

I can say from personal experience that backups are far more likely to happen regularly if your backup software runs automatically on a schedule. And let me be quite clear: regular backups are the only kind that matter. I think it’s fair to state this as a corollary to Murphy’s Law: “The likelihood of suffering data loss increases in direct proportion to the elapsed time since your last backup.” In other words, if you’re performing all your backups manually, the one day you forget (or run out of time) will be the day something goes wrong.

One consideration in choosing a backup schedule is media management. For example, if you’re backing up to a recordable DVD, you must be prepared to insert a blank disc whenever the schedule runs. Swapping media can be an intrusion into your normal routine (especially if that routine involves the frequent use of other discs in the drive you use for backups). On the other hand, if you schedule backups to run when you’re not around, you must always think ahead and make sure the drive has the necessary media ready. If, on the other hand, you’re backing up to a hard disk or network device that can stay connected all the time, this problem occurs less frequently, if at all.

Depending on the speed of your computer, which software you use, and how you configure it, you may find that your computer slows down significantly while backups are running. This could be an argument for scheduling backups for when you’re not using the machine. However, if you do not leave your computer on all the time, you will need to take special care to ensure that it’s on and ready when the backups are scheduled to run.

How often should you back up your computer? And if you’re making both duplicates and archives, how often should you update each?

No single answer is right for everyone, but as a starting point, my rule of thumb is that duplicates should be updated at least as frequently as major changes to your system (such as installing Mac OS X updates or new versions of applications), and archives should be updated every day you make minor changes (receiving e-mail, modifying text documents, and so on). Thus, if you use your computer heavily every day, and often install new or updated software, you might opt for weekly updates of your duplicates and daily updates of your archives. On the other hand, if you use your computer only occasionally, the schedule could become once a month for duplicates and once or twice a week for archives. Under no circumstances do I suggest backing up less frequently than once a month or more frequently than twice a day—the risk is too high in the former case and the aggravation too great in the latter.

( Tip: Always update your duplicate just before installing system software updates. That way, if the new version of the software contains any serious problems, you can easily roll back your system to its previous state.)

There may be some cases in which you could not afford to lose even a half-day’s work in the event of a serious problem, making twice-daily archives seem inadequate. If you’re working on an important document, there’s nothing wrong with copying it to another volume once per hour or as often as you feel it’s necessary—or scheduling your backup software or a synchronization utility to do so for you. But updating an entire archive that frequently is likely to slow down your work.

Keeping Multiple Backups

A sound backup strategy always includes backups of your backups! Picture this: you’ve diligently backed up your computer’s internal hard disk to an external drive. Then one day, lightning strikes and both drives are damaged—or your home is robbed and all your equipment stolen. So much for your backup. Backup media can fail for all the same reasons your hard drive can fail. So having just one backup, in my opinion, is never enough. You should alternate between two or more sets of backup media for greater safety. If you’ve set up your backups to run on a schedule, this might mean using set A (a hard drive or a stack of CDs) every day for a week, then switching to set B (a different drive or stack of CDs) for each day of the following week, then switching back—and so on.

So are two sets enough? It depends. Most experts recommend using at least three sets, of which one is always stored off-site. But this advice was first given in the days when the media commonly used for backups was much less reliable than what’s available today. And the cost of three sets of media—especially if you’re talking about hard drives—can be hard to swallow for the average home or small-business Mac user.

In my opinion, except for mission-critical business use, two sets each of duplicates and archives should be adequate for most users. If you back up to hard drives, this can mean two drives, each of which is partitioned to store both a duplicate and an archive. Of course, if you can afford a third set, your data will be somewhat safer—and your backup routine will be somewhat easier. In any case, you certainly should keep one of those sets in another location all the time.

Backing Up a Small Network

To this point, I’ve assumed that you’re backing up a single Mac. But what if you have several in your home or office? How does this affect your backup strategy?

One approach is to back up each machine separately. This may involve keeping separate stacks of recordable CDs or DVDs next to each machine, or hooking up external FireWire drives to each one (though you could, of course, move a single high-capacity drive from one computer to the next). If your backup needs are relatively small, there’s nothing wrong with this approach. But if you have more than a couple of machines—especially if their hard disks contain a lot of data that you can’t afford to lose—a wiser strategy would be to back them all up at the same time over your network.

( Note: You do have a network, right? If you have multiple machines that aren’t currently connected (whether by Ethernet cabling or AirPort wireless networking), you should hook them up. Not only does a network enable better backups, it makes transferring files and accessing the Internet much easier.)

Network Backup Approaches In a network backup, one computer functions as the backup server. This is the machine to which your backup device(s) are physically connected. Files from your other machines are copied over the network onto each backup device. Network backups can proceed by three different methods:

• The server shares its backup volume (using AFP, FTP, or SMB), which the client machines mount as a volume in the Finder. Then each client machine uses its own backup application to back up files to the network volume (rather than a locally attached hard drive or optical drive). This is sometimes called a push backup, as each client “pushes” its data onto the network volume.

• Each client machine shares its hard disk (again, using AFP, FTP, or SMB). The server mounts each of these volumes in the Finder, and then the single copy of the backup application running on the server copies files from each of the network volumes onto its locally attached backup volume. This is sometimes called a pull backup, as the server “pulls” data from each of the clients onto its backup volumes.

• The server runs backup software that supports client-server network backups, and the other machines run client software that communicates with the server directly—without any of the machines having to share or mount volumes.

Almost all backup applications support push and pull network backups, but I recommend against them. For one thing, network volumes can become disconnected for any number of reasons, and if a volume is unavailable when it’s time for a scheduled backup, that backup will fail. A few applications can try to mount missing volumes for you (even remembering user names and passwords, if necessary), but even this is no guarantee of success. Push and pull backups are also inherently less secure than client-server backups, and are sometimes quite slow. Also, in the case of pull backups, file ownership may change in unacceptable ways, making bootable backups impossible. Sometimes push backups can be bootable, but it’s a dicey operation.

True client-server backups require less effort, are more secure, and generally offer more flexibility. Often, client-server backup software also supports multiple platforms. Of the software covered in this ebook, Retrospect, RsyncX, and BackupSW offer client-server backups. Retrospect and BackupSW both support Mac OS X and Windows; Retrospect also supports Mac OS 9, while BackupSW supports Linux.

If you need to back up a small Mac or Mac/Windows network, I recommend Retrospect Desktop, which includes a license to back up the machine on which it’s installed, plus two more client computers (additional client licenses are available at $40 each, with volume discounts if purchased in packs of 5, 10, 50, or 100). You’ll get the best results with the Backup Server script, using hard disks that are large enough for all the data on all the Macs.

Special Considerations Besides selecting the right software, several other matters require your attention when planning a network backup system:

Media: Although optical media or other removable storage may be acceptable for single-machine backups, for best results, network backups require storage devices that are always available. In other words, hard drives are the best bet for small networks. Also, if you’re making duplicates that you may later wish to boot from, be sure to partition your hard disks in such a way that each startup disk on the network gets its own partition for a duplicate.

Bandwidth: You can perform a network backup using an AirPort wireless network, but even with AirPort Extreme, you get only a small percentage of the bandwidth that a wired 100Base-T Ethernet connection will give you—so backups will take much longer, especially if you’re duplicating an entire hard disk. In any case, you definitely want the highest-bandwidth network connection you can get. If your computer uses multiple network interfaces, open System Preferences, go to the Network pane, and choose Network Port Configurations from the Show pop-up menu. In the list that appears, drag Built-in Ethernet to the top and click Apply Now to ensure that the wired network is used in preference to AirPort when both are available.

( Note: Every network is different, but I have seen cases where Retrospect client-server backups are unreliable when client machines’ IP addresses are dynamically assigned by an AirPort base station. If this happens to you, consider assigning (private) static IP addresses to each client.)

Availability: For a scheduled network backup to occur, both server and client machines must be turned on and awake. If your machines are currently not left on all the time, be sure to check the Energy Saver pane in System Preferences on each computer to ensure that it will not be off or asleep when backups occur.

( Tip: Scheduling network backups for times when all machines are available can be a challenge—particularly if you have PowerBooks and iBooks that are not always on the network. Retrospect offers a great feature called Backup Server that constantly polls all the clients on a network. If it sees one that hasn’t been backed up in at least 24 hours (or a period of time you specify), it performs the backup immediately. That way, you don’t need to set up an exact schedule for each machine. Backup Server can be restricted to run only during certain hours on certain days, and it can also use any available, designated hard disk as a destination—so you don’t need to figure out in advance when to swap media.

Joe’s Recommended Strategy

What I recommend for most users is a two-pronged approach: periodically scheduled (say, weekly) duplicates of your entire hard disk, and even more-frequent (say, daily) archives of your data files.

The duplicates will provide you with a complete, bootable copy of your hard disk, while the archives will pick up all the files that change regularly.

Duplication Strategy You should create duplicates (onto hard drives, ideally) of your primary disk and any other startup volume you normally use. If you have a single, unpartitioned hard disk, then you have only a single volume to worry about. If you have multiple partitions (or multiple internal or external hard drives) that contain bootable systems, I recommend making duplicates of all of them . If a hard drive fails, after all, it can take with it all the partitions it contains; and a disaster that wipes out a single drive could wipe out all of your drives.

Most duplication software enables you to deselect individual folders you wish to exclude from a duplicate; some use selectors, exclusions, or both. Although you could make an argument that some files are not worth including in a duplicate (such as the cache files located in ~/Library/Caches), the safest and most reliable tactic is simply to include everything. A file or folder that seems irrelevant to you may turn out to be crucial to the functioning of your system.

Archive Strategy The archives you create should include all your important files (on each volume you use regularly, if you use more than one). The main question, though, is how you determine which files those are.

Some people suggest performing a full archive—that is, archiving every single file on your disk, just as you do when creating a duplicate. Others suggest performing a selective archive that includes only user-created data files, especially those that change frequently.

With a full archive, you have yet another copy of all your files besides your duplicates—an extra insurance policy. Restoring a full archive onto an empty disk requires fewer steps, and less time, than restoring a selective archive (since in the latter case, you must restore a duplicate first). On the other hand, a full archive requires significantly more storage space, increasing your media cost, and takes longer to run. In addition, some backup software does not enable you to restore an archive as a bootable volume. My own preference is for selective archives, though I would not discourage you from performing a full archive if resources permit.

If you do choose to archive selectively, a good starting place is your home folder. By default, this folder contains most of your preference files, the files shown on your Desktop, and data for many of Apple’s applications (Address Book, iCal, iTunes, iPhoto, Mail, Safari, and so on), among others. Although you can organize your hard disk however you want, Apple encourages you to keep all your user-created documents in the ~/Documents folder or elsewhere within your home folder. So it could be that all your important, user-specific data files exist somewhere inside your home folder—and if not, presumably you are aware of the locations of folders you’ve created elsewhere.

But even if you have assiduously colored within the lines and kept all your personal data in your home folder, should you archive the whole thing? In some cases, the answer is no.

Because Apple designed the home folder as a catchall, it has the tendency to swell to enormous sizes. For example, if you maintain the default settings in iDVD, iMovie, iPhoto, and iTunes, all your digital media will be stored in your home folder. If, like me, you’ve imported your entire collection of CDs into iTunes, you may be looking at a huge Music folder (mine is well over 16 GB, and that is small compared to some). If you store digital video on your computer, your Movies folder will certainly be even larger.

Although there’s nothing wrong with adding all those files to your archive, it may not be strictly necessary either—because all those files should already be backed up safely as part of the duplicates you maintain. If, as in the case of imported CD tracks, digital photos, or video downloads, you modify those folders less frequently than you perform duplicates, you might consider saving time and space by excluding them from archives. But if in doubt—especially when it comes to irreplaceable photos and video—err on the side of including them; having an extra backup just may save your bacon one day. Purchases from the iTunes Music Store also require special handling; see the sidebar on the next page.

Besides digital media, you may wish to manually exclude certain other files from an archive, if needed to save space. For instance:

Downloads: Applications and other files you’ve downloaded from the Internet can nearly always be downloaded again. It may not be worth dedicating significant media space to hold such files.

Cache Files: Temporary cache files, such as the ones stored in ~/Library/Caches, are not crucial to an archive, as they will be recreated automatically if needed.

Having determined what you need to back up and how often, you’re ready to make decisions about what hardware you will need.

[ Joe Kissell is the author of several books about Macintosh software, including Take Control of Spam with Apple Mail ( Tidbits Electronic Publishing, 2004) and curator of Interesting Thing of the Day. ]

Sidebar: Backing Up iTunes Music Store Purchases

Audio tracks you’ve purchased from the iTunes Music Store (iTMS) differ from tracks you’ve imported from CDs you own. Besides the fact that with downloaded files you don’t have an original copy to serve as an extra backup, the iTMS tracks, which are encoded as AAC files, include special copy protection to ensure that they can only be played by the purchaser, and only on one of up to five authorized computers. Because iTMS tracks are especially valuable, you should take extra steps to protect them:

• Always include iTMS tracks in your archive backups. If you import tracks from CDs as MP3 files, you can use your backup software’s exclusion feature to filter out all MP3 files while keeping the AAC files.

• Be sure to include the /Users/Shared folder in your archive backups as well; this folder contains hidden information required to enable authorization.

• If you suffer a severe crash and decide to erase your hard disk (in order to restore all your data from a backup), deauthorize your computer first. To do this, open iTunes and choose Advanced: Deauthorize Computer. Choose Deauthorize Computer for Apple Account, and click OK. After restoring your backup, re-authorize the computer by opening iTunes and choosing Advanced: Authorize Computer.

Sidebar: Remote Backups

In the discussion so far, I’ve assumed that the machines you need to back up are connected to the same local network as your backup server. But what if you travel frequently with a PowerBook or iBook? Can you use a broadband connection at a hotel or cybercafe to copy the files to your server over the Internet? The short answer is: Maybe.

“Push” backups work only if you can mount your backup server’s volumes remotely; “pull” backups work only if your server can mount your laptop’s volume remotely. Sometimes this works, but often not— your firewall at home must enable access to the necessary ports, and the ISP providing your remote access must also permit file-sharing access over their network. You also run a certain risk that your files may be intercepted in transit by a hacker, unless you take extra steps to encrypt the network link between your laptop and your server.

Client-server backup software, such as Retrospect, normally polls only the local network for available clients. In some cases—for example, with the more-expensive Retrospect Workgroup or Retrospect Server packages—you can manually enter an IP address for a computer outside your local network. However, if you’re traveling and don’t know what IP address you’ll have at any given time, this method is problematic. One possible solution is to use a dynamic DNS service, such as the one provided by easyDNS, to assign your laptop a domain name whose IP address changes as needed, and then enter that domain name in Retrospect.

This problem is more readily solvable using a VPN (virtual private network) connection to your home network, but the details of setting up such a system go beyond what I can cover in this article. As a lower-tech workaround, consider packing some DVD-R media for temporary backups when you’re on the road—and be sure to store the discs separately from your laptop!

Subscribe to the Best of Macworld Newsletter