Electronic Network & Backup of Personal Finance Data

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
Topic Author
Saving$
Posts: 2518
Joined: Sat Nov 05, 2011 8:33 pm

Electronic Network & Backup of Personal Finance Data

Post by Saving$ »

I'd like to learn what other Bogleheads do regarding networking and backing up of Personal Finance Data.

Currently, I use one computer in the house that is well protected to download monthly pdf's of investment accounts, bank statements, credit card statements, paychecks and other sensitive data for myself and other household members, and all the utility bills, etc. I use a laptop to access the internet through the wireless connection at my house. Wireless connection requires a password. I download the pdf's onto my laptop's hard drive. Laptop is protected with antivirus, anti malware and anti spyware software, and this laptop is not used in any unpredictable way (not used by guests, I don't visit untoward sites, no gaming, etc.). I have the laptop hard drive partitioned to C and D, where all data resides on D. About once per month I copy all the data on the D drive to a separate hard drive that I keep in a fireproof safe. Approximately once every 6 months I also make a copy of the data onto a hard drive that I keep at work in a locked drawer.

I've successfully gotten another household member to take some interest in partially taking over some of their own and some household financial record keeping responsibilities. I'd like a "place" we can both access the file storage. This would be easy enough to achieve with networked local data (maybe a NAS?) if I could figure out the proper way to secure or encrypt it over my wireless network. However, I'm increasingly concerned that someone could break into the locked drawer at work, steal the hard drive (or do the same in the house - steal the safe) and have access to ALL data very quickly. This is probably a good time to move to the "cloud," to get rid of my archaic backup system. I'm very wary of properly protecting the data if I do this so I'd like some advice.

Do other Bogleheads keep financial data (pdf's) in the cloud?
If so, which service do you use (I'd like to use a free one; DropBox, Amazon, Google, etc.)
If so, how do you encrypt or otherwise secure your data? Do you have links to sites that teach you how to do this?

Other suggestions, recommendations, methods, links to articles about this, etc.? I'm looking for specifics on exactly how to implement this, step by step, and for pros & cons, and for avoiding pitfalls.

Thanks
comptalk

Re: Electronic Network & Backup of Personal Finance Data

Post by comptalk »

Get a solodrive. Fireproof and waterproof.

http://www.amazon.com/Fireproof-Waterpr ... =solodrive
Sam I Am
Posts: 2062
Joined: Tue Feb 20, 2007 6:58 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by Sam I Am »

Message deleted.
Last edited by Sam I Am on Mon Oct 07, 2013 12:57 pm, edited 1 time in total.
jmg229
Posts: 373
Joined: Mon Jan 31, 2011 12:21 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by jmg229 »

Anything that is important is stored locally and on Dropbox. Obviously sensitive information is encrypted (locally, and then the encrypted file is uploaded to Dropbox). This has gotten me through lost drives and such while also allowing me to access things remotely in a few tough situations.
Topic Author
Saving$
Posts: 2518
Joined: Sat Nov 05, 2011 8:33 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by Saving$ »

jmg229 wrote:Anything that is important is stored locally and on Dropbox. Obviously sensitive information is encrypted (locally, and then the encrypted file is uploaded to Dropbox). This has gotten me through lost drives and such while also allowing me to access things remotely in a few tough situations.
How do you encrypt? Can you open an encrypted pdf from other platforms? ie encrypt via Windows laptop and open from Android tablet? Do you encrypt one file at a time or can you encrypt entire folders with subfolders? Can more than one person in the family access the encrypted files?

Comptalk: Solodrive won't solve the networked access issue. It is not NAS, and I'm not sure I want to invest in a NAS server on top of a solodrive - more layers of security than I have the skills to implement.
texasdiver
Posts: 3937
Joined: Thu Jun 25, 2009 12:50 am
Location: Vancouver WA

Re: Electronic Network & Backup of Personal Finance Data

Post by texasdiver »

Seems like there are several somewhat separate issues here.

1. Backup of financial data that is already electronic (quicken, turbotax, online bank statements etc.)
2. Digitizing of non-electronic paperwork (insurance policies, birth certificates, passports, medical records, auto and property titles and records)
3. Backing up of other non-financial digital materials (photos, movies, writings, etc)
4. Maintaining understandable records in the event of one's demise so the spouse or others can sort things out.

All three of these issues can be dealt with by some sort of consistent electronic file management scheme combined with a secure online backup. Here is a good article that goes over the various options

http://www.pcmag.com/article2/0,2817,2288745,00.asp

As for fire and flood-proof backup drives? How well are those going to work for you if your house looks like this:

http://www.ultimatechase.com/chase_acco ... ge_075.jpg
http://www.katrinadestruction.com/image ... damage_001
http://lrd.buffalohair-jage.com/wp-cont ... allery.jpg
JW
Posts: 15
Joined: Tue Mar 29, 2011 12:11 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by JW »

I download all electronic statements and store them on my laptop. For the few companies I deal with that provide only paper statements, I've recently started scanning them and storing them electronically as well.

Important files are stored on my laptop. I used to use an encrypted file archive, but recently switched to whole disk encryption (MacOS FileVault, but there are similar Windows tools such as BitLocker or TrueCrypt).

My laptop is backed up to a file server in my home. I used to use rsync, but recently switched to CrashPlan. CrashPlan keeps backups of old files, so even if I corrupt or delete a file, I can restore it using CrashPlan. The server has redundant drives (RaidZ with 5 disks, any two of which can fail without downtime or data loss). I back up the entire disk, so I won't lose data that happens to be in the wrong directory and therefore not backed up. The backups are encrypted. There is no charge to use CrashPlan to back up to my own server.

My laptop is also backed up to CrashPlan's servers via the Internet. That means that if my house burns down and I lose both my laptop and my server, I can restore my files from there. The service costs $50/year for unlimited backups from a single computer. The backups are encrypted. If I lost both my laptop and my server, rather than wait for my backups to download over the Internet, I'd probably pay them to ship me a drive with all my files on it. I don't recall the exact price for that service, probably $100-200.

The initial backup to the CrashPlan servers took a long time (perhaps three months). If you want an offsite backup more quickly, you can ship your files to them on a hard drive for a fee and then back up subsequent changes via the Internet.

I've been using this scheme for nearly a year now. Once I'm really, truly confident that I don't have to worry about losing my files, I hope to start tossing out paper originals and decreasing my need for space-consuming paper files.
Calm Man
Posts: 2917
Joined: Wed Sep 19, 2012 9:35 am

Re: Electronic Network & Backup of Personal Finance Data

Post by Calm Man »

I am computer savvy but have a primitive thought process about this.
1. Why bother downloading pdfs from the websites when they are always there?
2. One can do all the machinations one wants but everything is in the cloud from the companies that you do business with anyway.

I personally use dropbox for all my files.
Mudpuppy
Posts: 7409
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: Electronic Network & Backup of Personal Finance Data

Post by Mudpuppy »

Encryption is your friend, for both the external hard drives and any network storage you might be considering. Use something like a TrueCrypt volume in Dropbox or on the external hard drive to store the financial records. Make sure to use a very strong password (16 chars minimum using a mix of case, numbers and symbols) and then most people who might steal the TrueCrypt volume will not be able to decrypt it to read its contents.

Also, there are two types of fireproof safe. The most common type is only rated to protect paper (which can withstand much higher temperatures than hard drives). There is a second type that is also rated to protect electronics, and that's the type you want for the external hard drive. I would also recommend increasing the frequency of taking data to the locked drawer at work (once you encrypt the hard drive that is) to quarterly or monthly.
User avatar
LadyGeek
Site Admin
Posts: 95691
Joined: Sat Dec 20, 2008 4:34 pm
Location: Philadelphia
Contact:

Re: Electronic Network & Backup of Personal Finance Data

Post by LadyGeek »

This thread is now in the Personal Consumer Issues forum (computer related).
Wiki To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.
JW
Posts: 15
Joined: Tue Mar 29, 2011 12:11 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by JW »

Calm Man wrote:I am computer savvy but have a primitive thought process about this.
1. Why bother downloading pdfs from the websites when they are always there?
Because I don't trust financial institutions to safeguard my financial records.

Many financial institutions make statements available for only a limited time. Some keep them for a year, a few as short as three months, and others seem to keep them forever. I've always been under the impression that my credit union keeps them forever, but now that I look, I see that I've got archived statements on my computer since 1999, but the web site only goes back to 2002. So I think I just discovered a 10 year limit.

Sallie Mae just switched over to a new servicing company for its credit cards. Old statements were not transferred over to the new servicer. Since I receive only online statements, I have no access old statements that I had not yet downloaded. I haven't been able to reach the old servicer, since their phone and web site now forward to the new one. The new servicer grudgingly agreed to obtain copies of the old statements. It's been a couple weeks and I haven't received anything yet.

On multiple occasions I've closed an account at a bank from which I receive only electronic statements, only to find that I immediately lose access to the web site and therefore to my statements. In some cases I lose access before the final statement is issued and they send no paper statement, so I have no way to review the last month's activity without calling and harassing the company.

Three times I've had an account at a brokerage that was purchased by another brokerage. Only in one of those three instances were the old statements available after the acquisition.

Ally Bank claims that it once sent me a piece of (USPS) mail that bounced. They therefore marked my address as undeliverable. They stopped sending me mail, and also stopped making my electronic statements available on the web site. No one I've spoken to at Ally has been able to make give a rational explanation of why they would cut off electronic statements as a result of bounced paper mail. They acknowledge that they have the statements in their system, but they are resolutely unwilling to send them to me in electronic form. The are willing to send me paper copies. I've now spoken with them five times, and twice times sent me a subset of the missing statements. I'm hopeful that the third try will get the last of the missing statements.

Financial institutions don't get it. They're eager to save money by not mailing statements, but most don't then take the time to make sure that customers aren't left without access to their records, even in the face of account closures, acquisitions, bankruptcies and web site revisions. Until they get a clue, I don't see a way to guarantee access without painstakingly downloading statements regularly.

In a perfect world they'd all get together and come up with a standard for securely and automatically downloading statements on a regular basis (kind of like a secure version of RSS). But most aren't technologically sophisticated enough to comprehend the problem, much less offer a solution.

There are a few good eggs out there, like IngDirect (although who knows what to expect from them post-acquisition). There's also at least one service, Manilla, that's trying to automate the process. But as long as they do it via web site scraping, they're probably destined to be unreliable.

Maybe I don't need all my records going back forever. But I definitely need some of them. I use specific share identification, for example. I have concise records of the basis of my shares. But if I'm audited some day, I may need to provide confirmations to substantiate my notes. Loss of my old brokerage records could prove costly.

For now, I manually download all my new statements every few months.
Topic Author
Saving$
Posts: 2518
Joined: Sat Nov 05, 2011 8:33 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by Saving$ »

Several of the financial institutions I deal with only offer statements for 6 months, so I will continue to download. In addition, my pdf files include documents I have generated via pdf or scan (tax returns, receipts, etc.). So while I appreciate the suggestions, I do think I have a need to backup. I also have a need for more than one person to be able to access the backed up files and save to the backup location.

I've considered DropBox; good to see other Bogleheads also use it. I appreciate the TrueCrypt info. I really like that it is free and open source. I've done a bit of reading (nice how to article on lifehacker.com), including googling "truecrypt and dropbox" and reading the second article in the search results, and while I don't quite understand the issue, it seems there is some sort of security concern.

Is this correct?: the DropBox solution is a great off site backup, and paired with TrueCrypt, and set up properly, there is reasonable security for putting sensitive personal data in the cloud.

This does not, however, seem to solve the problem of more than one person accessing the data, especially a 2 gig dataset.
lightheir
Posts: 2684
Joined: Mon Oct 03, 2011 11:43 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by lightheir »

Calm Man wrote:I am computer savvy but have a primitive thought process about this.
1. Why bother downloading pdfs from the websites when they are always there?
2. One can do all the machinations one wants but everything is in the cloud from the companies that you do business with anyway.

I personally use dropbox for all my files.

I've been with e-statements from day one (over a decade ago).

I started downloading everything, then thought I could get away with not downloading since 'they're online.'

That worked fine for a few years, then I had an IRS inquiry a few years ago (not a full audit), that required me to pull some old bank statements. Turns out that 2 of the accounts where the information was, I had closed when I'd moved and had not downloaded the data, so it was irretrievable. Another account had pdfs that were 'truncated' and didn't have the full info i wanted, just snapshot overviews per quarter. It was a real hassle trying to get the necessary documentation to prove my position to the IRS - I ended up having to spend a few hours on the phone and more than that to retrieve a computerized paper trail to support their lacking documentation.

I'm all for simplifying as much as possible, but bank statements are one thing I do download. It's easy - I do it maybe once or twice per years, around taxtime usually, and do it all at once in .pdf format. Worth the hassle if you get a similar sort of financial inquiry (mine was about the capital gains so I ideally needed to prove that I had purchased the stock when I did.)

If you're young, and likely to move, it's even more important to download your statements, as you'll possibly change banks and lose a ton of undownloaded data in the process. Sure, it might not cause you any problems, but if you do end up needing it, it's a real pain. I'd say it's worth the 10-15 minutes per year to download those statements once and for all around taxtime.

Other things it's been surprisingly useful for (granted not often) was finding out dates of purchases for things like appliances or other things with warrantees that I'd otherwise lost track of. Saved myself some money in a few cases where a higher end piece of equipment was actually still under warrantee 3 years out.
Mudpuppy
Posts: 7409
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: Electronic Network & Backup of Personal Finance Data

Post by Mudpuppy »

Saving$ wrote:I've considered DropBox; good to see other Bogleheads also use it. I appreciate the TrueCrypt info. I really like that it is free and open source. I've done a bit of reading (nice how to article on lifehacker.com), including googling "truecrypt and dropbox" and reading the second article in the search results, and while I don't quite understand the issue, it seems there is some sort of security concern.

Is this correct?: the DropBox solution is a great off site backup, and paired with TrueCrypt, and set up properly, there is reasonable security for putting sensitive personal data in the cloud.

This does not, however, seem to solve the problem of more than one person accessing the data, especially a 2 gig dataset.
Since Google now customizes search results based on location (everyone) and Google data on you (logged in users), your second article and my second article may not be the same article. My second article doesn't raise any security concerns, so I assume we have different results. Without a link, I cannot provide feedback on any concerns raised in the article you read.

I did find another article in my search results about authentication issues with Dropbox. If that was your concern, then the whole purpose of using TrueCrypt is to guard against such security issues. If someone is able to break into your Dropbox account, instead of seeing the actual files, they get an encrypted blob of what looks to them to be random gibberish. They'll only retrieve your files if they can brute force your TrueCrypt password to decrypt the "blob". That's why your TrueCrypt password MUST be a strong password, as I said previously.

TrueCrypt is providing your security. Dropbox is just a mechanism for sharing the TrueCrypt volume with others, as you requested. You could also put the TrueCrypt volume on a website or FTP site and get the same sharing, but with having to manually push updates (Dropbox automatically pushes updates).
paulsiu
Posts: 1457
Joined: Sun Nov 16, 2008 6:46 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by paulsiu »

I do not put data in the cloud. I worry that someone will break into the cloud and get my data. I copied the data to an external drive where I encrypt important data and that hard drive is stored in a safety deposit box at the bank.

In addition, my uplink is a crappy 1/2 megabit per second, so it would take a while to upload stuff.

Paul
User avatar
linuxuser
Posts: 1107
Joined: Mon Jan 24, 2011 8:15 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by linuxuser »

paulsiu wrote:I do not put data in the cloud. I worry that someone will break into the cloud and get my data. I copied the data to an external drive where I encrypt important data and that hard drive is stored in a safety deposit box at the bank.

In addition, my uplink is a crappy 1/2 megabit per second, so it would take a while to upload stuff.

Paul
I am not keen on putting any data on the "cloud" either. Personal photos maybe, but not financial information of any kind.

Given that the USB flash drives can be gotten in capacitiies 64GB and larger, I am leaning towards putting the PDFs on an encypted flash drive and keeping in some obscure place at work.
User avatar
linuxuser
Posts: 1107
Joined: Mon Jan 24, 2011 8:15 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by linuxuser »

Sam I Am wrote: I also save a copy of the tax return and all related papers on a CD, scanning any papers not already available on-line.
Which scanner do you use? Or do you have one of those all-in-one devices?

I used to have a scanner until I gave it away two moves ago.
anjou
Posts: 164
Joined: Sat Dec 29, 2007 11:55 am

Re: Electronic Network & Backup of Personal Finance Data

Post by anjou »

Saving$ wrote:Several of the financial institutions I deal with only offer statements for 6 months, so I will continue to download. In addition, my pdf files include documents I have generated via pdf or scan (tax returns, receipts, etc.). So while I appreciate the suggestions, I do think I have a need to backup. I also have a need for more than one person to be able to access the backed up files and save to the backup location.

I've considered DropBox; good to see other Bogleheads also use it. I appreciate the TrueCrypt info. I really like that it is free and open source. I've done a bit of reading (nice how to article on lifehacker.com), including googling "truecrypt and dropbox" and reading the second article in the search results, and while I don't quite understand the issue, it seems there is some sort of security concern.

Is this correct?: the DropBox solution is a great off site backup, and paired with TrueCrypt, and set up properly, there is reasonable security for putting sensitive personal data in the cloud.

This does not, however, seem to solve the problem of more than one person accessing the data, especially a 2 gig dataset.
+1 for Truecrypt. It is very well documented. I have rarely seen open source software that is so painstakingly documented. Use strong passwords over 20 or 40 characters. Do not use dictionary words. Consider Keyfiles in addition to passwords; keyfiles are additional files that munge your password making it harder to crack. Since TrueCrypt is open source, it is easy to take the code and modify it to turn it into a brute force password cracker. For example, google truecrack. Get comfortable using encryption. There is a psychological barrier to doing additional steps before being able to access your data or wondering what would happen if you lost your password and cannot access your own data.

Evaluate the company providing you with online backup and disaster recovery. Companies go out of business or get consolidated. Cloud storage is a fantastic idea since you get automatic backup and retrieval from multiple devices. We all use multiple devices and being able to access the same document from multiple places is a must-have. When I had done the research, I felt Google Drive had the best value, though Dropbox is very good too.

Coupling Cloud Storage with TrueCrypt's encryption is a great combination.

Anjou.
jacksprat
Posts: 61
Joined: Sun May 09, 2010 3:33 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by jacksprat »

+1 for crashplan. If you chose to, one of the NO COST backup destinations can be another PC (running crash plan as well. ) ..

I back up to my son's PC ( actually his NAS ) . It's encrypted so I don't worry about theft , nor can he view the data .

Other Crashplan options cost (to their cloud service), but the free option works well, though I've NOT tested a restore(haven't had to.) :D
serocs
Posts: 36
Joined: Tue Feb 07, 2012 1:54 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by serocs »

I'd also support Truecrypt + Dropbox (I use it for all my sensitive documents). The main issue that it doesn't address is using the data on multiple computers at one time (see http://superuser.com/a/274303).

Technical details: Essentially the files can become out of sync with each other, which is not a big issue when dealing with a single document, but finding the issue within a Truecrypt volume would require mounting both volumes and comparing (diffing) the files within them. This can become a big pain since you are talking about such a large file. Since the speed of dropbox is relatively slow, dealing with the two different versions would require dropbox to download each version of the file (at 2GB+ per file) before you could determine which version to keep.

As for using this method on an Android device, it is possible but not yet user friendly. Cryptonite http://code.google.com/p/cryptonite/ is the only app that I am aware of that would do this for you, and it seems to only add command line support of truecrypt (not easy to use with no keyboard). In addition, it requires that the device be rooted. I would say that unless you are comfortable using the command line on your computer, I would not recommend trying this.

I know there are a lot of caveats with my recommendation, but as someone that uses this method, has a NAS at home, and work in the computer security field, it is currently the easiest and most secure method to do some of what you want to.

As for the security of your current method, it is not guaranteed to be secure. I don't know how likely it is that someone would steal your hard drive out of your desk, but there is a high likelihood that even with all of your security measures (antivirus, antimalware, etc.) you could still have a virus (or other form of malware). Visiting "untoward" sites is certainly more likely to get you infected, but it is becoming far more common for "upstanding" sites to get hacked to install malware as well. Far more important than any of that is how often you install updates and how often your computer is connected to the internet.

Nothing will guarantee the security of your files, and I just wanted to point that out, not dissuade you from doing what you are doing.
Sam I Am
Posts: 2062
Joined: Tue Feb 20, 2007 6:58 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by Sam I Am »

Message deleted.
Last edited by Sam I Am on Mon Oct 07, 2013 12:56 pm, edited 1 time in total.
Topic Author
Saving$
Posts: 2518
Joined: Sat Nov 05, 2011 8:33 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by Saving$ »

For scanning, I do pretty much what Sam does, except with a Brother all in one. Staples has a similar model print-copy-scan-fax machine on sale this week for $49.99. Works great, and ink refill sets are only $5. Mine scans to pdf, and then I save the file to whatever filename I want and put it in the proper folder on my computer.
Topic Author
Saving$
Posts: 2518
Joined: Sat Nov 05, 2011 8:33 pm

Re: Electronic Network & Backup of Personal Finance Data

Post by Saving$ »

serocs wrote:I'd also support Truecrypt + Dropbox (I use it for all my sensitive documents). The main issue that it doesn't address is using the data on multiple computers at one time (see http://superuser.com/a/274303).

Technical details: Essentially the files can become out of sync with each other, which is not a big issue when dealing with a single document, but finding the issue within a Truecrypt volume would require mounting both volumes and comparing (diffing) the files within them. This can become a big pain since you are talking about such a large file. Since the speed of dropbox is relatively slow, dealing with the two different versions would require dropbox to download each version of the file (at 2GB+ per file) before you could determine which version to keep.

As for using this method on an Android device, it is possible but not yet user friendly. Cryptonite http://code.google.com/p/cryptonite/ is the only app that I am aware of that would do this for you, and it seems to only add command line support of truecrypt (not easy to use with no keyboard). In addition, it requires that the device be rooted. I would say that unless you are comfortable using the command line on your computer, I would not recommend trying this.

I know there are a lot of caveats with my recommendation, but as someone that uses this method, has a NAS at home, and work in the computer security field, it is currently the easiest and most secure method to do some of what you want to.

As for the security of your current method, it is not guaranteed to be secure. I don't know how likely it is that someone would steal your hard drive out of your desk, but there is a high likelihood that even with all of your security measures (antivirus, antimalware, etc.) you could still have a virus (or other form of malware). Visiting "untoward" sites is certainly more likely to get you infected, but it is becoming far more common for "upstanding" sites to get hacked to install malware as well. Far more important than any of that is how often you install updates and how often your computer is connected to the internet.

Nothing will guarantee the security of your files, and I just wanted to point that out, not dissuade you from doing what you are doing.

I know it has been awhile since you posted this; I've been researching the issues. I'm a bit confused on the statement about using DropBox/Truecrypt on multiple computers. Is the concern about two users using the same file (I'm not at all concerned about that) or two users simply accessing the data at the same time?
User avatar
indexfundfan
Posts: 3962
Joined: Tue Feb 20, 2007 10:21 am
Contact:

Re: Electronic Network & Backup of Personal Finance Data

Post by indexfundfan »

Nobody use boxcryptor?
My signature has been deleted.
Post Reply