Data Storage: How to Keep Your Digital Documents Safe
June 03, 2014
Digital document storage is convenient, but how do you protect those important files, both from physical damage and from deterioration over time?
Nowadays most of us keep at least some of our essential documents, pictures and other important information in digital format. It's a good idea to have items too important to lose (important documents, paperwork and family photos) copied and safely stored in a digital format. I personally no longer have a traditional file cabinet or photo album, and I only keep a piece of paperwork if it's absolutely necessary.
Keeping everything as digital files has many advantages such as being much easier to make copies and the reproduction is always 100% of the original. Perhaps the biggest benefit is digital files take up practically no physical space. Everything is also searchable and accessible without much effort.
However, the digital format also has some drawbacks. Anything that's digital is subject to accidental deletion, data corruption and the failure of the storage media. ThereÃs also the very valid concern in regards to data security, privacy and accessibility. In this article, I will be using my 15 years of experience as an information technology consultant and a digital media specialist to offer insight and recommendations for keeping your digital documents, images and other important data safe and secure.
The most popular form of flash storage is the ubiquitous USB flash drive. These are widely available and can be very inexpensive. You need to be cautious, though, as the quality of USB flash drives vary widely. ItÃs very common for memory manufacturers to grade their chips and sell them at different price levels. The cheaper USB flash drives are usually made with lower grade memory chips with more errors and defects.
All flash memory has a set number of write-cycles and once that limit is reached, the flash memory media will be read-only or even unreadable in the worst case. My advice is to not go cheap when purchasing a USB flash drive for safe data storage.
USB flash drives are also subject to physical damage. Experience on my IT job revealed the typical plastic case USB drive would fall apart in a relatively short time just from all the daily plugging-in and un-plugging.
My go-to USB flash drive for years has been the Corsair Flash Savior. This is a USB flash drive housed inside a tubular container made from aircraft-grade aluminum alloy. When itÃs closed and sealed, itÃs water submersible to 200 meters and shock resistant up to 40g. Its tough metal housing can withstand any physical mishandling and I have one that has been run over by a truck without sustaining any damage to the USB flash drive inside. Corsair Flash Savior, 16 Gb: $35, 32 Gb: $45, 64 Gb: $75.
For high security storage, IÃm using the specialized IronKey Secure USB flash drive. It has a rugged metal case with certified DoD Mil-Standard level of waterproofing and dustproofing. What sets the IronKey apart from other flash drives is its built-in 256-bit hardware encryption chip. Once set up, the IronKey requires a login password to allow access.
If an IronKey falls into the wrong hands, it's self-protected by a security feature which will lock down the drive and permanently wipe everything on it after 10 consecutive incorrect password attempts. The IronKey is made from the best memory available, a single-level cell type chip that has 10-15 times the write-cycle life as the cheaper memory used in all other flash drives. The downside of IronKey is that itÃs very expensive. IronKey Personal S250 2 Gb retails around $109.
Another type of flash media suitable for safe digital data storage is the SD (Secure Digital) card. ItÃs commonly used in many digital cameras and mobile devices. Most full size SD cards, not the reduced size miniSD and microSD variants, have a physical write-protection slider on this side that will make the card read-only. This helps to prevent accidental data deletion.
All three sizes of SD card can also be set up by software with an access password and to enable/disable the write-protection. I suggest only choosing reputable brands like Samsung, SanDisk, Lexar, Toshiba and Panasonic.
In the Cloud
Cloud Storage is basically storing your data online on someone's server. The advantage is itÃs accessible anywhere and with any Internet connected mobile device like a smartphone or tablet. However, there may be concerns about privacy, security and reliable access using "The Cloud." I only trust two of them: Google's Drive, free with 25 Gb of storage and Apple's iCloud, 5 Gb free and pay for more space.
There are a lot of things I don't particularly like about "The Cloud." If you can access your important info anywhere, it's also possible for cyber criminals across the globe to do the same. You are relying on "The Cloud" service provider as your only gatekeeper.
In additional to common cyber criminals, the NSA could easily suck up your data transmissions between "The Cloud" and your computer or mobile devices into its massive data warehouses. Although they canÃt see whatÃs inside of it, they can obtain a search warrant without many questions from the courts.
Most state and federal courts don't respect your online property as much as they do the property in your home, and they have been rubber-stamping online search warrants on causes as minor as parking violations. Anyhow, many of those same judges probably couldn't differentiate the Internet from a rotary phone. Just remember that the NSA and other agencies can't examine your digital documents and image files if they canÃt access them. Furthermore, nothing online is ever truly deleted. Any data put on the net is always being backed-up or archived somewhere.
Smaller "Cloud" services providers generally don't have a good reputation in terms of customer service, security or service reliability. A friend had 10 Gb of his data in "Cloud" storage. It suddenly became inaccessible. The provider can't fix the technical issue, and it pointed out the fine print in the customer agreement; it's not responsible for lost data.
The big companies are better, except that they all have ulterior motives. Amazon and Apple are both using their "Cloud" service to sell you stuff. Google, Microsoft and Yahoo all want to mine your "Cloud" information to improve their search engines. Adobe really thinks it owns the copyright of your images uploaded to its "Cloud."
Hard Drives and Solid-State Drives
In theory, hard drives should last forever, since they have no specified write-cycle life, but in reality, hard drives fail much more often than flash media under constant use. They are mechanical devices that spin thousands of times per minute: something inside wears out sooner or later. Hard drives can't withstand much shock when running, thanks to their moving reading/writing heads. These hover just a few thousandths of an inch above the rapidly spinning disks. Fortunately, for our purposes, the hard drive is acceptable since it doesn't needs to be constantly running.
I would recommend a 2.5-inch size laptop hard drive over the 3.5-inch size desktop size one, as the 2.5-inch hard drive has higher shock rating and most of them can be powered from only one USB port.
A better type of hard drive is the solid-state drive (SSD). It's essentially a hard drive made using memory chips with nothing mechanical. It differs from flash media by using faster memory chips that also have a longer write-cycle life.
SSD has all the benefits of the shockproof and instant access flash media with the transfer speed and long life of the mechanical hard drive. The tradeoff is a much higher cost than either. A critical point-of-failure in the SSD is its memory controller.
My advice is to only use SSDs featuring controllers by Samsung, Marvell, Toshiba, LAMD, Intel and avoid anything using the unreliable Sandforce controller. I have good luck with Samsung SSDs.
Neither the standard SSD nor the typical hard drive has any built-in security features. To get that, I use the specialized IronKey H200 high security external hard drive. Like the IronKey USB flash drive, the H200 also has an integral 256-bit hardware encryption and it's validated for level 3 of FIPS (Federal Information Processing Standard), the U.S. governmentÃs computer encryption standard.
There's also a secondary authentication mechanism in the form of an integrated biometric fingerprint reader. Also like the IronKey USB flash drive, the H200 has a built-in data self-destruction function to prevent unauthorized access and a new feature that allows remote erasure of a lost or stolen H200. While the IronKey H200 is not water- or dust-proof, it does have a heavy-duty metal alloy housing with rubber bumpers to withstand rough handling. Made in the USA, the IronKey H200 320 GB retails around $300.
Good Housekeeping Software Utilities
A large percentile of security compromises resulted from a virus or malware problem. Microsoft Security Essential and Malwarebytes are the two free Windows anti-virus/anti-malware utilities that I'm using. Don't be fooled by the notion that Apple's Mac can't get a virus. It's just that not much effort has been put into developing virus/malware that only attacks 3% of the computers worldwide. At least install the free ClamXav on your Mac.
Stay away from and uninstall anything that comes from Norton, McAfee and Symantec. I found their cure is just as bad as the disease. In addition, always keep the operating system updated; whether that be Windows, Mac OSX, Linux, Android or iOS.
Sources: http://windows.microsoft.com/en-us/windows/security-essentials-download/ http://www.malwarebytes.org/ http://www.clamxav.com/
Recordable Optical Media Since its invention, recordable optical discs have been used for the safe storing of important digital files. Instead of relying on magnetic coated disks or memory chips, optical disc store data by using a laser to burn millions of microscopic pits on a thin layer of colored organic dye. Optical media is very expensive, with a starting price as low as 15-20 cents per disc. It's fairly resilient, thanks to its built-in data error-correction and once it's written, the data on the disc canÃt be deleted.
However, optical discs are the slowest in term of data access and transfer speed, and they require an optical disc drive to work. There are also various formats with limited compatibility between them, and many computer makers like Apple, are moving away from including an optical drive.
The most widely used type of recordable optical media is the CD-R and the two competing DVD recordable formats: DVD-R by Sony and DVD+R by Philips. All use the similar red laser recording technology with the DVD formats offering 6-12 times higher density than the CD-R.
There's also the recordable Blu-ray disc format developed by Sony with the finer blue laser offering storage of 25 Gb (single layer) and 50 Gb (double-layer). The recordable Blu-ray suffers from far less adoption because itÃs a proprietary format. It's not readable in anything except a Blu-ray drive for computer. Blu-ray also has a less robust data error-correction capability than CD and DVD, which means a scratched Blu-ray disc could more easily become unreadable.
Recordable optical media typically have a useful life of 5-10 years. Discs usually become unreadable after the organic dye breaks down or when the aluminum reflector layer loses its shininess. There are specially developed archival grade CD-R and DVD-R/+R discs that are made using a more durable type of non-organic dye, better plastic and use pure gold or platinum alloy, which doesn't corrode or oxidize, as the reflector layer. The archival grade optical media are generally rated for 100 to 200 years of storage life but cost $3-$5 per disc.
Another shortcoming of the recordable optical media is they can only be written on once and for any update or changes, a new disc must be burned. Since the data on the old disc cannot be deleted, it is now a security risk. Therefore, the old disc should be destroyed physically with something like a shredder.
Encrypt your Data
TrueCrypt is a free disk encryption utility. Its claim to fame was in a Federal District Court case, in which the FBI computer forensic team wasn't able to crack hard disks that were encrypted by TrueCrypt. The recent versions of Windows and Mac OSX also come with a built-in disk encryption utility. It's called Bitlocker in Windows and Filevault in Mac OSX. All have some form of backup plan in case of a lost encryption passkey.
Bitlocker and TrueCrypt can be set up with a passkey stored in a USB flash drive. I use my IronKey USB flash drive for this. Filevault could let you store the passkey with Apple's ID account management.
Have too many passwords to remember them all? Try the free Keepass password manager. Also note that the longer your password is, the harder it is to crack with brute-force methods. Each additional digit will increase the amount of work by 4 to 10 fold.
Sources: http://www.truecrypt.org/ http://windows.microsoft.com/en-us/windows7/products/features/bitlocker/ http://support.apple.com/kb/ht4790 http://keepass.info/
Rewritable Optical Media
What I think is the best optical media for keeping digital documents and files safe is the newer Rewritable (-RW/+RW) types and the lesser known DVD-RAM. It took an additional 20 years of development for rewritable optical media to mature.
Instead of the organic dye and reflector layers of the recordable optical media, the rewritable optical media uses a phase-change metal alloy layer. The laser in the rewritable media drive controls the reflectivity of the disc's metallic layer by changing it from solid to crystalline or vice-versa.
All CD-RW and DVD-RW/+RW can be written, erased and rewritten up to 1,000 times. Another benefit is the metallic layer material doesn't degrade over time and the rewritable disc should be still readable after 20-30 years. The -RW optical media typically costs only 50¢ to $1 per disc.
Developed originally for enterprise and broadcasting applications, DVD-RAM stands for DVD-Random Access Memory. It's different from all other optical media, which write their data in a single track. The DVD-RAM, on the other hand, is preformatted like a hard drive and flash media with pre-indexed fixed data storage cells.
This allows DVD-RAM to have the convenience of working like a hard drive and flash media without needing disc recording/burning software. Of course this ability also incurs the chance of accidental data deletion.
The DVD-RAM uses a similar reflective metallic layer material to the rewritable -RW optical media. The difference is the DVD-RAM works from a phase-transition process where the laser melts the solid metal briefly into liquid metal and reshapes it before it is condensed back to the solid form.
Because of that, the DVD-RAM is even longer lasting than the -RW optical media, with up to 100,000 rewrites and 30-50 years of storage life. The majority of DVD and Blu-ray drives made over the past five years could read Type 3 case-less DVD-RAM discs, but only some can write DVD-RAM. Avoid the older obsolescent Type 1 and Type 2 cartridge contained DVD-RAM since those require a dedicated DVD-RAM drive. Type 3 case-less DVD-RAM costs $2-$4 per disc.
What's the best way to safely store your digital document, images and important information? I would probably not say in "The Cloud" or on a Blu-ray disc. Flash media, hard drives and optic discs all have their pros and cons. My picks would be the solid-state drive and the rewritable discs, especially the DVD-RAM. IronKey's high security flash drive and hard drive are costly but they are worth it for maximum security. I highly recommend making it a practice to always make multiple copies of your data for redundancy.
Optical media: CD-R w/ light color dye, archival grade CD-R w/ gold layer, BluRay Recordable in dark blue, DVD-RW in gray metallic color and DVD-RAM.
USB flash drives are handy and cheap. But keep in mind that they come in many grades, and that souvenir drive you got at a trade show may not last long.