[time-nuts] While we're discussing backups...

Neon John jgd at johngsbbq.com
Tue Aug 26 13:10:09 EDT 2008

On Tue, 26 Aug 2008 03:34:11 +0000, Mark Sims <holrum at hotmail.com> wrote:

>Pointless overkill?  Ask those people in New Orleans what happens when originals and backups are kept in the same city.  I know of several (ex) businesses that wisely kept their backups in different buildings there...  all were lost. 
>Ask my friends in Jarrell, Texas (or what's left of them after a tornado leveled the city)...  one friend kept backups at his and his parent's house...  a lifetime's work lost...  not to mention a lot of friends and family.  
>All legitimate disaster plans specify that backups (and contingency operating sites) are not to be kept in the same geographic area.  Failure to do so in a corporate setting would expose you to major liability claims.

It's a big old world out there and if you look hard enough, you can find
something to justify most any plan, regardless of how outrageous, if a single
occurance is acceptable justification.  Of course, by that standard we all
should walk around wearing Kevlar helmets.  After all, there has been a single
instance of someone being hit by a meteorite in recorded history.

If I'd lived and operated a data center in NO even before Katrina, I'd have
considered flooding to be a high percentage risk and done something
appropriate about it.  If I lived in the high desert, I'd not worry too much
about flooding.

The silliness in your "advice" is that you offered up one of the most extreme
"solutions" as generic advice and said that anything less was no backup at all
or something to that effect even though you don't know my or any other list
member's circumstances.  Let's see how your advice and its associate expense
fits my situation since I'm the one you replied to.

I'm retired so total loss of my data would have no financial impact.  A huge
sentimental and legacy impact, in terms of both my writings, designs and
digital photos.  Interestingly enough, all those types of data are backed up
multiple ways including on a set of DVDs resting in a friend's safe who lives
a few miles away.  My past design work is completely static, my photos mostly
static and my writings a little less static so updates to that collection need
be done only a couple of times a year.  They'd only be needed if my cabin and
its contents suddenly and completely disappeared somehow.

I live in a cabin on gentle sloping ground about 200 feet above the Tellico
river.  Short of The Great Flood 2.0, water on the ground cannot reach my
place.  Period.  That takes NO-style flooding off the table.  The basement of
my cabin sits on bedrock.  The combination of the gradual slope and the mere
skim of topsoil takes land slides off the table.

In my basement there is one of the largest gun safes made, one that I can
stand up in.  It is set through the concrete block wall, back into the soil
bank behind my cabin so that the door is flush with the wall.  In other words,
like a vault.  The safe itself weighs about 2 tons.  The bottom few inches are
filled with another ton of concrete and the foot of the safe is embedded in
about 3 yards of steel-reinforced concrete, some of the steel welded to the
safe's body.  

The lockworks are US government crypto-certified.  I paid a bunch extra for
that quality of lockwork. The combination lock is a Sergent and Green
crypto-grade unit and the key lock is a Medico high security one.  Both locks
must be manipulated to open the safe.  Inside the safe is another smaller
"valuables" safe, also secured with a S&G crypto-grade combo lock.  It was
intended for jewelry but I use it for backup media storage.  

Even sitting in the open it has the highest UL fire rating available.  Set
back in the dirt bank, it is impervious to fire.  The safe is both alarmed and

(certain immaterial-to-this-discussion have been changed for obvious reasons.)

I installed this safe years ago when I traveled a lot to protect my gun
collection.  It makes a damned fine data safe.  So let's evaluate the risks

Risk             Covered?
Fire             check
Earthquake       check
general flood    NA
local flood      check*
explosion        check
land slide       NA
B&E              check**
Tornado          check
Riot             check
Nuclear attack   check***
Nosey neighbors  check

* broken water pipe, etc.  The basement is drained by gravity plus my alarm
system has a leak detection facility that kills power to my well pump.
** adding to my protection against breaking and entering are all my heavily
armed and dangerous neighbors.  We put teeth in the term "Neighborhood Watch".
*** of any nearby strategic target such as Oak Ridge.  Can't imagine anyone
nuking Tellico Plains :-)  Even if they did, I'm still 25 miles and a mountain
range away.

My lights-out server sits inside the safe with the power and ethernet cables
brought out through suitable secure penetrations.  I put the server in the
safe after the experience of a previous fire.  My backups were good but the
hassle, time and cost involved in setting up a new server made using available
space in the safe for this one a no-brainer.

Also sitting in the safe is another laptop just like this one.  I stay on the
trailing edge of technology so buying a second one cost me almost nothing.
This totally eliminates the risk of even an hour of down-time if I break this
laptop or it just quits.  I swap them occasionally to equalize the wear and
tear and to keep the capacitors in the power supply well-formed.

There is a small CO2 cylinder in the back of the safe equipped with a spring
loaded, solenoid tripped valve.  The valve came directly out of an Ansul
automatic fire protection system.  If triggered by an external thermal
rate-of-rise Fenwal switch, it provides a steady flow of inerting gas, good
for a couple of hours.  

This setup is a lessons-learned from my house fire when steam and acidic smoke
got past the "air tight" gun safe seal and damaged thousands of dollars worth
of guns, even before the fire was completely out.  I had the safe open even
while the firemen were watering hot spots and my guns were already corroding.
Insurance paid OK but some of the guns were literally irreplaceable so I still
suffered great loss. 

Ansul systems can't be reused so the valve setup is a throw-away item at most
any used restaurant supply company.  The CO2 bottle is an off-the-shelf 20 lb
soft drink dispenser cylinder.

So.  Given my setup, tell me what risk I'm exposed to that would make shipping
backup media a hundred miles away and paying someone to store them make
economic sense?  I think that I have a very well thought-out and complete data
security system but I'm always open to second opinions.

John De Armond
See my website for my current email address
http://www.johndearmond.com <-- best little blog on the net!
Tellico Plains, Occupied TN
I don't speak Stupid so do speak slowly.

More information about the time-nuts mailing list