I'm working on what I call 'hit by a bus' files for disaster recovery. This includes all critical info like passwords, private keys, 2FA codes, and addresses for my clients in case something happens to me. Currently, I print everything and store it in a locked filing cabinet, and I don't keep any digital copies. If I need to send this info to clients, I use an encrypted PDF and tell them to delete it after printing.
I'm wondering, do others do something similar? How do you ensure your clients have what they need in an emergency? I'm also considering burning the files onto a CD-R or using a USB thumb drive for storage. Is that a bad idea considering I want to minimize digital risks?
Just to clarify, this is about my disaster recovery processes. If I'm unable to access my systems due to loss or theft, I need a way to get my TOTP codes or private keys back quickly. I don't store any of my client's personal passwords; they manage those themselves. Any thoughts or advice on best practices would be appreciated!
4 Answers
Consider using escrow services for sensitive documents. They securely hold credentials and can release them when needed, providing an added layer of security. Also, using role-based access where clients manage their own passwords means less liability for you, ultimately simplifying disaster recovery.
Escrow can take the pressure off you completely. Just make sure it’s a reputable service.
Using a USB drive seems reasonable, just make sure it’s kept in a secure place. I use a password manager that allows sharing with designated backups, like my coworker. For sensitive client info, keeping a detailed procedure guide can be a lifesaver if you can't be reached. It's all about minimizing risks while ensuring continuity.
Great advice! I also recommend setting up a contingency plan for clients, so they know what steps to take if anything happens.
Procedural documentation is key. Everyone should know how to proceed in emergencies.
A lot of what you’re doing isn't bizarre at all. Many people use similar methods to manage sensitive info. Maintaining a balance between security and access is tricky, but it sounds like you've got it covered. The encrypted USB is safer than local storage, just ensure you remember your password and keep it written down in a secure place.
Absolutely, keeping it secure is vital. Also, check in periodically on those files to keep them updated.
Remember to do a test run! Like actually trying to retrieve documents or keys to make sure it all works as planned.
Honestly, it sounds like you're on the right track with keeping things offline and only sharing what's absolutely necessary. Upgrading to a fire safe for your files is a smart move! Having a backup accessible by a trusted person, like your CFO, makes sense too. Just ensure they understand the importance of keeping that info secure as well.
That's a good point! I also think having backups in physical format is still relevant today.
I agree with redundancy. Having someone who knows how to access critical info in emergencies helps cover all bases.
Totally agree! Clients should own their own secrets, and a solid recovery plan is essential.