AlterTechnica
Security

When the cloud says no

2 min read · 392 words backupsresiliencecloudexportsofflineopsrisk

Cloud services are great until they are not: maintenance windows, regional outages, mistaken suspensions, or a policy change that locks you out of your photos, mail, or notes. The uncomfortable truth is that “synced” is not the same as “yours” unless you can read and move that data without permission from a dashboard.

Stylized cloud with a blocked or error state

When the control plane disagrees with you, APIs and exports are where ownership becomes real.

This article walks through a simple mindset: assume interruption, keep local or second-provider copies of what matters, and prefer open or exportable formats so recovery does not depend on a single app’s good mood.

Prove you can leave

Pick one bucket (photos, documents, passwords) and run an export this week. If the export is painful, that is signal: you are more dependent than you thought. Automation helps once you know the path.

A boring rsync pull to external storage beats a perfect plan you never run:

#!/usr/bin/env bash
# Snapshot documents to a mounted drive, adjust paths.
set -euo pipefail
SRC="$HOME/Documents/"
DST="/Volumes/BackupVault/docs/"
rsync -a --delete --human-readable \
  --exclude '.DS_Store' \
  "$SRC" "$DST"

Pair that with a verify step: occasionally list the destination or checksum a sample file so you are not backing up into a silent failure.

The 3-2-1 sketch

Three copies, two kinds of media, one off-site is the cliché because it maps to independent failure modes: theft, fire, and “we changed the Terms.”

Diagram of three stacked layers: off-site, different medium, working copy

Layers are about correlation of risk, not how many thumb drives you own.

You do not need enterprise gear on day one. You need non-overlapping failure domains: cloud + local disk + a friend’s house, or object storage + NAS + encrypted archive in a drawer.

Policy as code (even if it is just a comment)

Write down what “good enough” means so future-you does not debate it during an outage. A tiny machine-readable stub is enough to align scripts and humans:

# backup-policy.yaml, example only
version: 1
critical_paths:
  - ~/Documents
  - ~/Photos
schedule:
  incremental: daily
  full_verify: monthly
offsite:
  provider: any-two-independent
  encryption: required_at_rest

Even if you never parse this file, naming the rules forces tradeoffs into the open.

Start small, then widen

Start small: one directory, one recurring calendar reminder, one test restore. When the cloud says no, the people who cope are not luckier. They already knew where the bits lived without asking a web UI for permission.