How to back up your files and encrypt them

6 min read
Lexie

Hi, I'm Lexie! I write about information security, Bitcoin, and privacy.

A cloud padlock.

We accumulate tons of data in the form of pictures, emails, chats, documents, recordings, and videos. Keeping them safe and accessible in the long run is easy but takes forethought.

To protect yourself against data loss, you need to keep multiple copies of your files, ideally in diverse locations that are ultimately controlled by you. Here are a few things to consider.

[Keep up with the latest in technology and security. Sign up for the ExpressVPN blog newsletter.

What data to back up

Back up your personal and work data

Your important files and favorite pictures could be lost if your devices are damaged or lost, so it is recommended that you back up your data on your devices regularly, either on external drives (such as hard drives, SSD, or USB sticks) or in cloud storage.

Your work files should also be backed up, but that might not be your responsibility. Your work data likely belongs to your employer, and ideally the company has a policy in place on how to handle backups.

Back up your chat app messages

As we increasingly choose to use messaging apps rather than emails to communicate with friends and even for work, it’s become more important to back up our chat history. Chat platforms like Telegram will automatically back up your data in their custom cloud, while Whatsapp and Viber give you some choice in how and when to back up your data.

Back up your social media

Although your personal pictures and chats in Facebook and Twitter might be accessible for now, keep in mind that any online platform can without notice or reason terminate your account or change how you access certain parts of it.

With many online platforms, including Twitter, Facebook, and Instagram, users can download their past posts and uploads. Certainly this comes in handy if you want to delete your accounts while saving what’s on them. But downloading everything is also a way to back them up.

Where to back up your data

There are plenty of options on how to store your data. The medium and location of the backup matters a great deal, as does who has access to this data, and how.

External disk

The most common types of external drives are USB stick, SSD, and hard drive; which one you use depends on your storage size requirements and the frequency of the backup. A small SSD, for example, can be used to quickly back up your most important data. If you have a large amount of data that needs to be backed up and doesn’t require frequent updates, a slower, cheaper hard drive will suffice. Whatever hardware you choose for your backup, it should be kept in a separate place from the computer where the data originates.

The cloud

Finding secure and separate places for your hard drives may be difficult if you don’t have much of your own space. Hard drives can also fail or be stolen. And if the data you hold needs to be accessible by multiple individuals, external disks can be a nuisance.

Cloud storage providers make it easy for you to back up your data, share it with others and keep it synced across devices, but there are also significant privacy caveats: Your cloud provider will have access to all your data, they can lock you out of your account at will, alter and inspect your data, and pass it along to third parties.

Keeping your cloud-storage account secure can be tricky, although a competent provider will give you various options such as token-based two-factor authentication. Some providers offer software that allows you to seamlessly keep entire folders in sync, but installing software is always risky. At the very least, you’ll need a good password for your account. We recommend using a password manager. You should also carefully consider the privacy policy of your provider.

Your personal server

With a personal server, you do not need to worry as much about your data being sold or handed over to third parties. However, if you are using a Virtual Private Server (VPS), you need to be aware of its privacy policy as well.

Running your own personal server as a backup requires plenty of configuration and some expertise, but you get to set it up exactly how you want. For example, you can choose between fast and expensive SSD drives, HDD alternatives, or even magnetic tapes.

Magnetic tapes are by far the cheapest option for storage, although usually retrieval and each backup has an additional cost. But whether the magnetic tape is in your possession or stored elsewhere makes a big difference.

Encrypt your data

No matter where you back up your files, you may want to also encrypt them. This adds an additional layer of protection to your data. If you encrypt your files, it would suffice to store them in less secure places. For example, if you choose a popular cloud-storage provider but only back up encrypted files, you do not have to worry about their contents being read, analyzed, and passed on. With encrypted data, you also would not have to worry about your external hard drive falling into the wrong hands.

Full-disk encryption

For your external hard drive, SSD, or USB stick, full-disk encryption is a popular option. With software like VeraCrypt, you can create fully encrypted external drives. When plugging them in, you unlock them with the encryption key and update your files in a virtual container—a single encrypted file that contains all your data.

Creating such a container can also be an option when making backups in the cloud, and it works best if the content of the container doesn’t change. If a single change is made to a file in a container, the entire container will have to be backed up again. Therefore, for data that changes frequently, you are better off encrypting the files individually.

PGP encryption

You can use Pretty Good Privacy (PGP) to encrypt files individually. You can also use this feature to encrypt files for multiple at once, and to sign your files to allow others (and yourself) to authenticate them.

To use PGP, you use software to generate a public-private keypair for yourself, then encrypt each file that you want to back up. Only those in possession of the private key can decrypt the files. This can also offer a convenient option to securely sync data between devices.

Encrypted cloud storage

Some cloud storage providers promise to encrypt your data on your computer, then only store the encrypted data on their servers. While this is a viable option in theory, you usually aren’t able to decide and verify how this process works. You are better off arranging for the encryption yourself.

A good mix

Fully and securely backing up all your data is hard. There will always be one tiny piece of data that you can’t safely back up: the password or encryption key. Similar to a secure physical safe, you will need to keep the key with you, and backing up this key will come with its own risks.

You can try to remember your master encryption password (try Diceware), but you’ll also need to regularly verify your memory and keep it fresh. If you are using an encryption key, that encryption key too needs to be backed up somewhere.

Whoever has access to your password or encryption key will be able to get hold of your data, but if you lose or forget this key yourself, you are locked out, too.

A good and comprehensive solution to backing up your data will take into account all the benefits and weaknesses of the above options, and plug them together in a way that is private, secure, and robust.

Lexie is the blog's resident tech expert and gets excited about empowerment through technology, space travel, and pancakes with blueberries.