In this post, we’ll show you the methods to ensure that your notes never disappear. Fully automated document backup, encryption and security policies.
Why you need a file keeping strategy
Imagine a picture of you waking up early and writing an entire semester’s graduation thesis, or a project document that an entire team spent countless human and material resources to advance at work, because of a plain software error, a computer flood, a damaged hard disk, or even a ransomware virus – lost forever and forever. That should be one of the few moments in your life when you want to hit the wall head-on.
If something is broken, you can buy it again, and the note-taking software can be changed again, but the text you record, the pictures you take, and the video you record, once lost, it means that your life has a hole that is difficult to fill. Even if you can fix it, you have to experience the pain of doing the same thing twice, and this kind of skin pain can only hurt your heart if you experience it.
So this article will present you with the following
How insecure is your data?
How to ensure the data security of local documents?
How can I improve the data security of documents in the cloud?
Note:
Since I have no knowledge of program code, this article is also intended for ordinary users.
My understanding of some terms related to technology may be biased, and I welcome criticism.
Your data is not secure
Your hard drive is less reliable than you think.
Blackblaze, the world’s leading storage service provider, released a statistical report on hard drive failure rates in the second quarter of 2022, showing that the average annualized failure rate over the life of the 210,000 hard drives they use is 1.39%.
Ransomware has swept the world since 2017, and countless business and individual users’ hard drive data has been lost due to virus encryption
Data in the cloud is more secure than you think
Notion uses Amazon Cloud. These large and medium-sized online note-taking software have selected top cloud server providers at home and abroad, and these cloud server providers have provided a considerable degree of data disaster recovery backup guarantee for their customers
Your data is always at risk
In December 2021, Amazon Cloud servers went down on a large scale, paralyzing a large number of websites and services, and losing more than 10 million US dollars
Although cloud computing service providers and cloud note companies have promised users that they will do their best to ensure the security of users’ data, the facts show that this can only be a good wish for the time being.
Follow the 3-2-1 backup principle
3 copies: You should ensure that you have at least two copies of the original data. Even if the probability of a single copy of the data being corrupted is as high as one in 1 percent, the probability of three copies being lost at the same time will drop to 1 in 1 million, provided that all three copies of the data are not placed in the same place.
2 types of storage media: In addition to internal storage (such as the computer’s own hard disk), at least one copy of the data should be stored on external storage media, such as USB flash drives, removable hard disks, magnetic tapes, optical disks, etc
1 offsite storage: Store at least one copy offsite at a physical distance to prevent data loss due to floods, fires, earthquakes, etc.
This principle is a world-recognized golden rule in the matter of backup, although there are still variants such as 4-3-2-1, 3-2-2, but for ordinary people, 3-2-1 is already a perfect backup principle.
The full process of backing up my documents
Note
The main note taking software I’m currently using (Logseq, Obsidian) all support local offline and all documents are stored in Markdown format, so I just need to pay attention to backing up and encrypting these local documents.
I will first demonstrate the backup and encryption methods for some of my own document data, of which the key device is NAS, which actually has a certain cost and tossing threshold. Later I’ll cover simpler or lower cost methods for the average user.
But at the same time I occasionally use purely cloud-based notes or document tools such as Notion, graphite documents, so I will also introduce how to improve the security of these cloud-based data.
My Backup Hub – Synology NAS
Synology NAS is my data backup hub, and NAS is simply a small metal box with many large capacity hard drives and a 7*24 processor that can handle some simple storage and upload tasks like a personal computer.
NAS can be directly connected to a computer with a network cable or WiFi, enabling us to upload data from the computer to this independent iron box to complete the first backup; NAS can also be connected to other cloud storage services via the Internet, such as Baidu.com, Google Drive and other network services, enabling the data in NAS to continue to be uploaded to the cloud to complete the second Backup.
First Copy of Data – Synology NAS Local Storage
All the important documents on my MacBook and Windows are automatically uploaded to the NAS as my first copy of data.
And the storage pool of this NAS is backed up in SHR mode (similar to Raid 5). In this mode, assuming I have 4 hard drives, even if any one of them is broken, the NAS can still be used normally and all data can be repaired perfectly automatically by unplugging the broken drive and replacing it with a new one.
Data Encryption in Synology
You can also create a separate encrypted shared folder in Synology, which will encrypt the entire folder with AES-256 level to prevent your entire Synology or the hard drives in Synology from being stolen. In the case of a separately encrypted folder, even if you have the highest administrator privileges, the folder will be inaccessible without the decryption key.
Second Copy of Data – CloudSync
There is a suite (App) on the Synology NAS called CloudSync that connects the NAS to the current leading cloud storage services, as shown below.
CloudSync supports automatic two-way synchronization between NAS and network drive at regular intervals, and most importantly, it also supports encrypted upload function. All files uploaded to the network drive will be encrypted with AES-256 level to ensure the privacy of your data stored on the network drive to the maximum extent. For the strength of this encryption, you can watch this video from 3B1B: “How Secure is 256-bit Encryption?
Even for a 3G size video file, it only takes a few seconds to encrypt and decrypt it, so in principle, you can use this method to encrypt any type of file and upload it to a public network drive. Even if the file is leaked, as long as you don’t have the secret key, you can’t open the file correctly.
As for decrypting these files, it is also very easy, you just need to download the Synology Cloud Sync Decryption Tool from the download center of Synology’s website.
Third copy of data – local removable drive
I usually don’t use this method very often, and only backup once a month. However, if you don’t have enough space in your Synology NAS for SHR or Raid backups, you can use this method to do regular backups using a removable drive.
Synology NAS has a package called USB Copy, which can be set to automatically back up a specified folder to a removable drive when the drive is plugged into the USB port of the NAS. Alternatively, if you also need an encrypted backup to a removable drive, you can use the Hyper Backup suite.
So, if I include the data on my MacBook or Windows, I now have at least 4 copies of all my data, and one of them is stored encrypted on the cloud, so if I can still lose data like that, I’ll just have to smile at the fear.
Synology isn’t for all users
The Synology NAS is an expensive thing in the end, and more expensive than the NAS are the hard drives and accessories stuffed inside.
My current DS920+ with 4 8T NAS hard drives costs more than $10,000, but from my current experience, it’s actually enough to go down two levels, after all, I have very little need for Docker and virtual machines, so if you just want to use the NAS for simple document and audio/video file management and backup, I think the entry-level DS220+ from Synology is perfectly adequate. If you just want to use the NAS for simple document and audio/video file management and backup, I think the entry-level DS220+ is sufficient, or you can also purchase the relatively lower priced VeriLink.
Common backup and encryption methods
Encrypt before backup
If you don’t have a device like Synology that automatically encrypts your documents when backing up, you may need to encrypt them to some degree before we upload them to the cloud, or use other storage devices for backup, to prevent things like compromised Netflix accounts, or the loss of an entire removable drive resulting in data being accessed by a third party.
Office comes with encryption
All three Office suites can add passwords using the method that comes with the software as shown below, and Office uses AES-256 level encryption starting with version 2016.
Encrypt any file
1. Use compression software to encrypt
All common Windows unzipping tools support the function of setting the unzipping password when compressing files.
For Mac, we recommend using Keka, a free decompression tool, to encrypt files.
2. Use a professional encryption tool to encrypt
We recommend this Encrypto, mainly because of its really high value. It has a macOS client and a Windows client, and it supports AES-256 level encryption and decryption for individual files or entire folders. The encrypted file will have the .crypto suffix, people who are not familiar with this software will not know what this suffix format is for, which adds another layer of privacy.
Encrypt the entire drive letter
This scenario is more suitable for computer repair, or to prevent the theft of personal computers.
The FileVault feature is enabled by default on Mac systems, which encrypts all data on the entire system.
Windows systems can use the built-in Bitlocker function to encrypt the entire drive letter.
Windows has two ways to enable Bitlocker for encryption.
Click the Start menu, search for Bitlocker, and open the Bitlocker panel
Right-click the partition you want to encrypt (such as D drive) and select “Enable Bitlocker” in the pop-up submenu.
Once you set your password, the entire partition will be encrypted
Note:
Bitlocker does not support encryption of individual files, only entire partitions.
The encryption process is lengthy and requires patience.
For the performance loss of mechanical hard disks, it is best to divide a separate area to encrypt specific file libraries, and unencrypted partitions are not affected by performance.
Be sure to fully understand how Bitlocker works and the impact of losing your password (all files will no longer be readable) before deciding whether to enable this feature. You can read this article from Minority for more detailed information about Bitlocker.
Creating a vault for automatic encryption and decryption
I think the three encryption methods introduced above can basically meet the occasional encryption needs of general users, but Bitlocker will have an impact on the performance of the whole partition, and Encrypto needs to encrypt or decrypt files individually each time, which is still relatively tedious for long-term use.
You can use Cryptomator, another open source, free encryption software that supports all-platform clients, to create a more convenient, automatic encryption and decryption vault. Once Cryptomator is installed, click “Add Vault” in the lower left corner and select any folder location to create a vault there. Compared to Boxcryptor, which charges a fee, Cryptomator has no limit on the number of vaults that can be created.
Once the vault is created, a virtual disk will appear on your computer, just like inserting a USB flash drive, and all files placed on this disk will be automatically encrypted. When you lock your vault, you unplug the USB flash drive, and the vault disappears and no one can access the files anymore.
In my opinion, Cryptomator is a more suitable software for encrypted synchronization with network disks.
Traditional encryption software, such as VeraCrypt, will encrypt all the files of the entire folder and package them into one file, which leads to any changes in this folder, and the packaged file will also change, so you need to re-upload the entire vault, waste time, and repeatedly consume a lot of synchronization traffic.
And Cryptomator said that what age is still using traditional encryption In the vault it creates, all files are encrypted separately, which means that even if the entire vault is placed in the synchronization disk, even if a file needs to be re-encrypted after being changed, it only needs to resynchronize the changed files, which makes end-to-end encryption of the public network disk possible. After syncing the vault to another computer, it can be decrypted by opening it with Cryptomator as well.
Low-cost backup methods
If you have two hard drives
If you have two independent hard disks in your computer, not the independent of D drive and E drive, but two hard disks that can be physically detached from each other, or if you have any external storage devices, such as USB flash drives or mobile hard disks, then these two storage devices are unlikely to break down at the same time on the basis of being independent of each other.
You can use FreeFileSync, a free software, which is an open-source, platform-supported backup artifact with a Chinese interface that can automatically synchronize the contents of folder A in both directions, mirrors, or increments to the B folder of other storage devices.
Again, if you only have one hard disk, even if the partition is divided into D drive and E drive, because these two drive letters are essentially still in the same hard disk, so if the hard disk is damaged, then you will not be able to access your D drive or E drive at the same time, and these two drive letters must be on two different physical hard disks.
If you are using macOS
It’s recommended that you enable Time Machine, which allows your Mac to be backed up in increments of once-per-hour increments, provided you connect your Mac to an additional storage device such as an external hard drive or NAS.
Once you enable this feature, after entering any folder, you can browse all the historical versions of all files in this folder according to the timeline since the backup was opened, which is very cool, as shown in the following figure:
Exclude specific folders
Time Machine backs up your entire Mac by default, but you can save backup space by excluding folders you don’t need in the Settings option at the bottom right.
Set the frequency of backups
There may be people who don’t need such a high backup frequency as once an hour (like me), but the Mac itself does not provide customization options in terms of backup frequency, which makes many people have to give up such a good feature as Time Machine.
However, you can now use TimeMachineEditor, a free software, to set the interval of Time Machine backups, set once and turn off, the software does not need to hang in the background.
If you use a network disk to back up
In fact, where you can use the most common network disk service for regular (or automatic) data backup, your data security level is already far ahead of most users, after all, there are more people who store all important data in the same hard disk, once the hard disk is damaged, all data is taken away. And you also need to know that once the SSD is damaged, it will be much more difficult to repair than the mechanical hard disk.
So the question is, what kind of NAS service is suitable for backing up data?
OneDrive
OneDrive may be a relatively cheap and reliable one among several domestic network disk services. You can find a few friends to share an Office 365 home plan, on average to 50~60 per person, not only can use genuine Office, but also come with 1T capacity OneDrive.
And I also recommend turning on Office Files’ AutoSave feature when you’re using it so you can upload your files to OneDrive at any time. It should be noted that please do not buy an Office 365 account with a very low price, storing your important data on an account that may be banned at any time is tantamount to planting a time bomb.
Map the network disk to a local computer
Using the following two free software, you can directly map multiple network disks (or multiple accounts of the same network disk) to the local area, if the network speed is enough, you can directly use the network disk as a hard disk, and the experience is far better than the local disk function that comes with OneDrive when backing up and synchronizing smaller document data.
macOS: Cyberduck
Windows: RaiDrive
Seamless integration of Cyberduck and Cryptomator
I created the vault of Cryptomator in the OneDrive here, so when I use Cyberduck to open this vault in the OneDrive, it will automatically recognize that this folder is encrypted with Cryptomator, and after entering the password, you can access the encrypted vault in the nut cloud network disk locally, eliminating the process of downloading the vault to the local and then decrypting, which is really very convenient.
Conclusion on local backups
Please use at least one network drive to back up your files, OneDrive for document backup, OneDrive for bulk file backup.
If you are not confident about putting private files directly on the public network disk, you can use the various encryption software mentioned in the article to encrypt them.
Cryptomator + Cyberduck + OneDrive is a relatively convenient and sufficiently secure synchronization and backup method.
How to choose between cloud and on-premises
Obviously, all the backup, encryption, and synchronization methods mentioned above are all related to cloud notes, but local notes and cloud notes are not on opposite ends, but each occupies half of the circle, and no one is complete without it. So what strategy should we follow to choose between on-premises and the cloud?
Obviously, no cloud note service provider can give you this kind of commitment, so you should also understand that cloud notes are just a “service that requires continuous payment”, and the service either terminates on the day you stop paying, or terminate on the day of poor management.
Your data can only truly be your own if it is placed on your hard drive, so the backup methods discussed earlier can come in handy. Journals at work, short-term tasks and plans, memos with a short validity period, or anything you think will not be too much damage even if you lose them, whether it is a local document or an online document, choose the one you are most accustomed to and take advantage of.
It is foreseeable that the current mainstream cloud notes will continue to exist for at least the next 5 years, and those documents that you feel will most likely no longer be needed in five years can be safely placed on the cloud.
In this case, whether you understand the characteristics of cloud documents, whether you can have the right attitude to treat cloud documents, and whether you are clear about the risks and hidden dangers of cloud documents will largely determine your mastery of your data.
If you don’t want to use these apps by these providers any more, you can use UninstallService to uninstall them completely on Windows, and use AppUninstaller.com’s App Uninstaller to get rid of them thoroughly on your Mac. These two utilities are very well reviewed and recognized by independent review sites as the best uninstallers.
Cloud Notes, What Happens?
No installation, out-of-the-box use, and most importantly, cloud syncing are all inherent capabilities of cloud notes, but while you enjoy these advantages, you should be aware of the risks that “come with” the cloud, just as you should know that choosing local notes can also lead to problems such as accidental deletion of notes and hard drive corruption.
Definition of notes in the cloud
Cloud documents used within the enterprise that are not allowed to be exported, such as graphite documents.
Cloud note-taking software for personal use that has limitations when exporting documents, such as Evernote, Untimity, etc.
The ecosystem is limited to iOS, and can only use iCloud synced note-taking software, such as GoodNotes, Notability, etc.
The risks of cloud notes
The biggest advantage of cloud notes is that you don’t need to bother to toss and toss multi-terminal synchronization methods like those pure local online notes. After all, if you’ve tried syncing Obsidian’s iOS with the Windows client, you know how cumbersome it can be to sync Obsidian across the platform smoothly (unless paid).
However, cloud notes are still completely incomparable to local notes in terms of security and privacy.
All cloud notes have been lost in the past, but the lost data is likely to be recovered.
Almost all cloud notes do not provide two-step verification or end-to-end encryption when logging in.
Almost all cloud notes have content moderation. All cloud notes must comply with policies and regulations, and review the legality of machine-based and human-assisted content for all content uploaded to their servers.
Most cloud notes will conduct a second review of the content of the notes when sharing content, and a small number of document software will even perform “harmonious” operations on your local documents without authorization.
The above four points are facts that all cloud notes will not tell you, but you must be aware of what kind of content is suitable for the cloud.
About Enterprise Cloud Documents
This is not to teach you how to download corporate documents locally, as that would violate any corporate data security regulations. But the first thing I feel compelled to remind you of is that you should not use any type of enterprise documentation tool to record and store any personal related information.
Otherwise, once you leave the business in the future, you will immediately lose access to these documents, no matter who you call.
Cloud notes, how to choose?
Choose more open cloud notes
If you have judged from the dimension of “content validity period”, it is not impossible to put data in the cloud, then I think cloud note-taking software is actually better than completely local offline note-taking software in most cases, both in terms of convenience and functionality, after all, the cloud means paying, and paying means supporting the development of more functions.
But this does not mean that you should judge the quality of a note-taking software by “rich note-taking functions”, otherwise Evernote can probably be the first in the world, I think there are two important factors that you need to seriously consider.
One is to see whether it can be easily linked with other software, such as whether there is an API interface, whether it supports URL Scheme, etc.; The second more important thing is to see whether it is open enough (confident), whether it provides a convenient way to export, and whether the export format is friendly enough. The former broadens its upper limit, and the latter ensures its lower limit – even if it is really difficult to use, or it can’t be operated, you have a way to migrate to other note-taking software, so as to ensure that your data is always yours.
The most undignified note taking software is that whether you pay or not, it locks all your notes, fearing that once you are allowed to export, you will immediately have to move on, so weld the car door, no one will get off. What do you mean by not being confident? So if you want to choose these types of notes software, you have to do a lifetime of not migrating data psychological preparation.
Which cloud notebook is better?
Unfortunately, almost all note-taking software that works in the cloud is crippled or semi-crippled in terms of “bulk export,” with Notion doing the better, though it could have been better. Wolai is the most abundant and practical in the single-file export format, and the official also has a plan to export Markdown and HTML in the whole library, but unfortunately there is no accurate online time.
Notion’s billability
In Notion, for example, you can export your entire notes library to HTML, Markdown, and CSV formats with one click. You can’t reimport these exports into Notion, but at least all your text, images, and tables are actually stored on your local hard drive.
After clicking Export, it took 30 minutes for Notion to pack up all my notes in the cloud and send me a download link to my email address. And there’s no limit to the number of times you can export, which is money.
My notes stored in Notion over the past 2-3 years are 3.2 gigabytes in size, with over 6000 pages, and it is recommended that you choose HTML as the export format when exporting to ensure maximum readability.
I think all cloud notes should be at least as good as Notion in order for people to feel comfortable putting content that is “valid for any length of time” on them. But the sad reality is that Notion is the only one that can do that. On the one hand, I fully understand the developer’s “pain”, and on the other hand, I think we consumers are too tolerant of these cloud notes.
So do you think Noiton is doing this because of its $10 billion valuation, or is it doing this because of its $10 billion valuation?
Personal opinions on cloud notes
No need to worry too much about the data security of cloud notes, these mainstream cloud notes will at least leave time for data export before they are crashed, even if they can’t continue to operate.
The convenience of the cloud and absolute privacy cannot be combined, active snooping may not be there, but the risk of passive leakage still exists.
Cloud notes and absolute data security cannot be combined, so regular backup and export is a necessary habit.
Whether you have a good export method and export format should be one of the most priority issues when you choose cloud notes.
I hope we can all play the role of voting with our own money and monitor all note taking software developers to put pressure on unreasonable features or changes, so that we can make the ecological environment of note taking software more healthy for ourselves and the public.