I was just finishing off an article that will be posted on the Avast blog in a few days about ransomware-as-a-service. I was typing that one way to minimize the damage from ransomware is to “ensure that your backups are intact and accurate.” This was somewhat ironic, given that soon after disaster struck. And it had to do with the poor quality of my iPhone backup. As if this wasn’t bad enough, next week is the annual World Backup Day. Let’s rewind a bit to set the context.
For the past four or so years, I have been using an iPhone 7. Because I was a cheapskate, I bought the phone with only 32 GB of storage. Over the past several months, as I diligently kept the iOS version updated, I saw that it was having issues finding enough empty space to do the updates. Then last week I got tired of deleting apps or trying to fit my music and photos (the things that take up the most storage) and just said the heck with it and bought a new iPhone 12 and got the 128 GB model, which hopefully will last me a few years. This is my fourth or fifth iPhone (I think I had the 4 before the 7). Activating and moving my data over to the new phone was time consuming but mostly an automated transfer of data, and today I was ready to get down to working with the phone.
Just one problem. I am a big user of the Google Authenticator app to provide additional login security, and when I went to open the app on my new phone, there were no password codes installed. Now, I have about 25 different logins that use this app, and if I didn’t have access to these codes it meant that I couldn’t login to any of my apps. After I had been resuscitated seeing that empty Authenticator screen, I was ready to figure out how to get these login authentications back on my phone. One thing that I didn’t want to do was to have to authenticate each login separately by entering manually these logins to the app. Fortunately, I still have my old phone, and (after looking around) I found the way to transfer them manually. I had to do it 10 logins at a time (the Authenticator app produces a nifty QR code that you then use to restore the logins to the new phone), but problem solved. If my phone had been lost or stolen, I think I would still be in the local cardiac care unit.
Even the best backup plans can ignore certain scenarios. Look at the OVH data center that was on fire not too long ago. That brought down quite a few internet sites. that never thought they would see something like that happen. And I have had my own brushes with bad backups (or no backups, as the case may be), including a fire in my office building many years ago, or a flood in my provider’s basement. Both times things could have been catastrophic, and I did learn my lessons and improve my internal procedures. (Here is a post that I wrote many years ago about my own backup commandments. And for your own amusement, there is always the Tao of Backup.
But apparently there are still some lessons to be learned. So this whole experience with Google Authenticator made me think what else isn’t being backed up on my new phone? How about all the credit cards that I entered for my Apple wallet? Yup, MIA. A relatively easy one to fix. But still, ensuring your backups are complete isn’t a simple concept, even for a company of one. And there are still lessons to be learned, particularly as we do more computing on our mobiles.
David,
I’m assuming that you used the iCloud backup for the transfer of your data? If that’s correct, you can avoid a lot of the problems you mentioned by taking a local PC backup using iTunes and specifying a password to encrypt the backup. This includes passwords, etc.
Then plug-in your new iPhone and restore it from the encrypted backup using iTunes and you are good to go. I used this process with the new iPhone for my wife and didn’t have any issues.
Good luck and thanks for your interesting newsletter.
Hi David,
I finally retired from Mason after 36 years. Do you remember when I first got the job? You were still living in DC!
Af few years ago, you were going to write an article about how I had lasted so long in the job when many people don’t. I had to back off because it would have required clearance from the university’s public relations office and I didn’t want to go through that.
I will say that #1 on my list of tips is to maintain a sense of humor. I have a video link to my retirement extraveganza that tells the story (the university president even showed up to surprise me!). If you send me a way to send it to you privately, I will. It’s better than movies trending on Netflix!
Susan
This is why I stopped using google authenticator and started using Last Pass Authenticator for 2fa. It’s free, backs up to the cloud, has push auth functionality, and a search bar. Check it out.
Pingback: What doesn’t get backed up makes you stronger, part deux | Web Informant