How often should I back up my computer?

For most people, daily automatic backups are ideal. Windows File History can run in the background without any effort. At minimum, back up weekly and always before major system changes like Windows updates.

Can ransomware encrypt my backups too?

Yes, if your backup drive is permanently connected to your PC, ransomware can encrypt it along with your main files. This is why offline or disconnected backups are essential — keep at least one backup on a drive that is not always plugged in, or use cloud backup with versioning.

Why Backups Matter More Than Antivirus — A No-Nonsense Guide

Q: What is the 3-2-1 backup rule?

The 3-2-1 rule means keeping 3 copies of your data, on 2 different types of storage media, with 1 copy stored off-site (such as in the cloud or at a different physical location). This protects against hardware failure, theft, fire, and ransomware.

Why Backups Are the One Thing You Can’t Skip

Every other security measure — antivirus, firewalls, strong passwords — is about preventing bad things from happening. Backups are what save you when they happen anyway.

Hard drives fail. Laptops get stolen. Ransomware encrypts everything on your desktop at 3am on a Tuesday. A Windows update goes wrong and corrupts your system. Coffee meets keyboard. The question isn’t if you’ll lose data — it’s when, and whether you’ll have a copy.

Despite this, most people don’t back up until after they’ve lost something important. Let’s fix that today.

The 3-2-1 Rule

The gold standard for backups is the 3-2-1 rule:

3 copies of your data (the original + 2 backups)
2 different types of storage (e.g. internal drive + external drive + cloud)
1 copy off-site (cloud storage or a drive kept at a different location)

This protects you against every realistic failure mode. A single external drive protects against hardware failure but not fire or theft. Cloud-only protects against physical damage but not account compromise. The combination covers everything.

What You Should Actually Back Up

You don’t need to back up your entire system (though you can). At minimum, protect these:

Documents, photos, and videos — irreplaceable personal files
Desktop and Downloads folders — where most people dump important files
Browser bookmarks and saved passwords — export or sync these
Application settings and configs — saves hours of reconfiguration
Code repositories — if you’re a developer, push to remote regularly

Windows Built-In Backup Tools

You don’t need to buy anything. Windows has solid backup tools built in:

File History

File History automatically backs up your personal files (Documents, Pictures, Desktop, etc.) to an external drive every hour. Open Settings → Update & Security → Backup, connect an external drive, and turn it on. That’s it — it runs silently in the background from then on.

System Image Backup

For a full system snapshot (everything including Windows, programs, and settings), use Control Panel → Backup and Restore (Windows 7) → Create a system image. This creates a complete clone you can restore from if your system drive dies.

Why both?

File History is for quick recovery of individual files (“I accidentally deleted my report”). System Image is for disaster recovery (“my hard drive died”). They serve different purposes and you ideally want both.

Cloud Backup Options

Cloud backup gives you the off-site copy in the 3-2-1 rule. Several reliable options exist: OneDrive (built into Windows, 5GB free), Google Drive (15GB free), Backblaze (unlimited backup for ~£6/month), and iCloud (if you’re in the Apple ecosystem).

The key advantage of cloud backup is versioning — most services keep multiple versions of each file, so even if ransomware encrypts your files and the encrypted versions sync to the cloud, you can roll back to pre-encryption versions.

The Ransomware Problem

Here’s the catch most people miss: if your backup drive is permanently connected to your PC, ransomware will encrypt your backups too. Modern ransomware specifically targets backup drives and network shares.

To protect against this:

Disconnect your backup drive when not actively backing up, or use a scheduled backup that mounts and unmounts the drive automatically.
Use cloud backup with versioning so you can roll back to pre-infection copies.
Enable Controlled Folder Access in Microsoft Defender, which prevents untrusted programs from modifying files in your protected folders — including backup locations.

Critical point

A backup that’s always connected to your PC is better than no backup — but it won’t save you from ransomware. At least one copy should be offline or in the cloud with versioning.

Test Your Backups (Most People Don’t)

A backup you’ve never tested is a backup you can’t trust. At least once a quarter, try restoring a file from your backup. Verify the file opens correctly and isn’t corrupted. If you have a system image, make sure you know the restoration process before you actually need it.

Add a Ransomware Shield

Backups are your last line of defence. But you can stop ransomware before it touches your files. The Defender Hardening Console enables Controlled Folder Access and every other hidden Defender feature in one click.

Download Free Read the Hardening Guide

Frequently Asked Questions

What is the 3-2-1 backup rule?

Keep 3 copies of your data, on 2 different types of storage media, with 1 copy stored off-site (cloud or a different physical location). This protects against hardware failure, theft, fire, and ransomware.

How often should I back up?

Daily automatic backups are ideal — Windows File History handles this in the background. At minimum, back up weekly and always before major system changes.

Can ransomware encrypt my backups?

Yes, if the backup drive is always connected. Keep at least one backup offline or use cloud backup with versioning so you can roll back to a clean copy.