When To Back Up the Windows Desktop (And When To Skip It) -- Redmondmag.com

When To Back Up the Windows Desktop (And When To Skip It)

It goes without saying that data should be backed up, but what about the OS? The short answer is, it depends.

By Brien Posey
02/04/2019

Last week, someone asked me a question that I hadn't given much thought to in a long time. The question was whether or not you should back up the Windows desktop operating system.

It goes without saying that data should be backed up, but what about the OS? Roughly 15 years ago, I sat on what could only be described as a very heated panel discussion in which the panelists debated this exact topic. Compelling arguments were made on both sides, and no real conclusion was ever reached. Today. however, I believe that this question can be definitively answered.

So should you back up the desktop OS? The answer is...it depends on the situation. Let me explain.

Let's start by talking about corporate environments that use managed desktops. In those types of environments, I would recommend not backing up the desktop OSes. Yes, you read that correctly: Don't make a backup. There are several reasons why I say this.

First, consider the resources that would be required for backing up a large number of desktops. While it may be true that deduplication could prevent all of those backups from consuming an excessive amount of space on your backup target, there are still issues to consider with regard to network bandwidth consumption, the cost associated with licensing the backup agents and, of course, the cost of managing and supporting all of those backups.

Another reason for not backing up managed desktop OSes is that you probably already have a backup. Large organizations typically deploy desktop OSes from an image file. In a manner of speaking, that image file is your desktop OS backup. If something goes wrong with a desktop, you can simply reimage it.

It is also worth noting that user-level customizations such as wallpapers and the Start menu layout are stored within the user's profile. Most organizations redirect the user profiles to a network location that is already being backed up. Hence, even if a user's desktop hard disk were to fail, the user's profile remains intact and available for use.

Finally, there is the issue of consistency. Active Directory contains both user accounts and computer accounts. Just as there is typically a password associated with user accounts, there is also a password-like mechanism that is used to secure computer accounts. When an OS backup is restored, there is a chance (depending on timing) that the computer account credentials stored in Active Directory will have been updated since the time that the backup was created, thereby resulting in a mismatch.

Active Directory does not actually expire the computer account. Instead, the desktop initiates an Active Directory credential update. If the backup is created before this credential update occurs, then restoring the backup will cause the machine to try to authenticate into Active Directory with invalid credentials.

(While I am talking about consistency, I should also mention that depending on the age of the backup, the backup copy of the OS may be missing critical patches.)

Earlier, I said that whether or not you should backup the Windows OS on desktop computers depends on the situation. While I do not recommend backing up the desktop OS in managed environments, a case can definitely be made for backing up unmanaged systems.

Every few weeks, I make an image backup of the PC that I am using right now as I write this column, even though my PC does not contain any data. The reason why I back up the OS is simple: If my hard disk were to fail, it is way faster to restore a backup than to reinstall Windows and all of my applications.

I have done manual reinstallations in the past and it has rarely been a smooth process. Inevitably, I seem to forget to install an application, or I have trouble finding a driver or a product key or something else that I need.

So my advice regarding Windows desktop OS backups is this: If you have multiple PCs that run similar configurations, then you should have an up-to-date image file that you can use to reimage PCs on an as-needed basis. For one-off situations such as a personal PC, however, I strongly recommend creating periodic image backups.

About the Author

Brien Posey is a 22-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.

Featured

Multi-Tenant Organization Hooks Released for Microsoft 365

Microsoft Entra ID's new multi-tenant organization capabilities have reached general availability (GA).
Real-World Ransomware Recovery

Here's how I was (mostly) successful in recovering a family PC infected with malware.
Microsoft Launches Small AI Models Family Phi-3

Recognizing that bigger isn't always better, Microsoft has released its smallest open AI models to date, Phi-3.
Microsoft and OpenAI Continue Global AI Expansions

Microsoft and OpenAI each continued their global expansion this month, with the announcements of new infrastructure investments and service rollouts in new regions, like Asia and the Middle East.
Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.