Data Security and Backups

Sunday 24 July 2011

10 Tips for safer WWW surfing

How many times have you came across your mail box having weird emails like "click a link as you have a cheque ready"  or "asking for your banking information" having exactly the same type of logo of your Bank and we get tempted to find what it is? Many people have given their personal information, only to find out later that they should have avoided.
In context to this post, I came across a situation with one of my colleague and I would like to share his incident with you. One fine day he received an "Urgent Action required Email" from his Bank stating to go to link and re-validate his account for security reasons, as it stated security reasons he clicked on the link and was asked to enter Bank card number and password, he entered the same and thereafter there was a link to click as Bank was giving promotion for valued clients. He found something suspicious, so he stopped there. After a couple of hours he received a call from Bank, stating he had just completed a huge banking transaction and his account has gone past overdue, which was unusual for the Bank looking at his account history. The Bank had called to confirm the same, and my colleague stated he hasn’t done any transaction of that amount.
He went to Bank right away and stated he had received an email regarding validation of account for Security reasons. The Bank declined for any such email being sent, and changed all his Banking cards and password. After investigation, they found out some one was sending emails to its clients with exactly same logo of Bank and the website almost the same type with some Changes. My colleague got easily carried away as the website was of the same colour as original Bank website.  The Bank did reimburs his money as was due to fraudulent activity  on his account.

Looking at this scenario, I thought let me list some safer Internet usage tips which can be helpful.


Tip #1 Don't click e-mail attachments
Some emails may contain viruses and worms when they arrive on your PC in the form of email  attachments from strangers. You must keep all your Software’s updated to almost nullify to be  effected by such viruses. Some of the file-name extensions that can be dangerous  include .bat, .com, .exe, and .pif. Virus authors may enclose their codes in .zip or .rar archive file.   


Tip #2 Do not share passwords
Passwords should be strong and keep them private. Never share your passwords, even with friends, family, or computer support personnel.


Tip #3 Do not click on random links
There are lots of attractive offers when you are surfing on internet. You might see a message coming up "You are the winner for today" or "Your IP address has been selected to win a Device". Do not click on those links, you might feel it is just a normal webpage opened, but some websites shall put their link on backend and which can cause serious problem like your personal information might be monitored or transferred when you are on internet.

  
Tip #4 HTTPS websites are safer than HTTP
HTTP is a non secure website, meaning if you enter your credit card info into it or doing online purchasing, it could be seen by someone you most likely don't want it to be seen by. HTTPS is secure (hence the S). This means it's an encrypted connection, so (theoretically) the data cannot be read by anyone except you and the intended recipient (the server). Check for secure  transaction info. The best companies will have many security devices in place. You may see a  gold lock at the bottom of the page to indicate a secure site.


Tip #5 Remove unnecessary programs
Check your programs installed in your Operating System . For Windows or Mac confirm the programs you have installed are the one’s which you have installed. Verify and confirm no unknown software is not running on your PC or Mac. 
For Windows Check in Add/Remove programs if you have XP, or Program and Features in Vista, or Programs section of your Windows 7 to remove unwanted software’s.
For Mac Check in Application folder and send them to Trash also check in Libraries sub folders.


Tip #6 Get a good anti-virus and turn on the firewall
Use a good anti-virus and regularly update the anti-virus software. Updating anti-virus is a  critical element of security protection.
A firewall is like a security guard that stands between your computer and the Internet. It examines all traffic routed between your computer and the Internet to see if it meets certain criteria. If it does, it is allowed in. If it doesn't, it is stopped.


Tip #7 Don't let the computer save your passwords
Never save login information on a shared computer or a work or public facility computer.  When you check your emails or any other website which requires username and password, computer might ask you if you want to save the information, never save them.


Tip #8 Logout / Lock your computer
You must logout of your computer even though you are going to be away for a moment.  Forgetting to log out poses a security risk with any computer that is accessible to other people (including computers in public facilities, offices, and shared housing), because it leaves your account open to abuse. Imagine, you are in process of  sending an email and suddenly you had to move from your desk, someone could sit at your computer and have access to your personal information. Always logout from your computer. Make sure you always backup your data using Online Backup or any other media.


Tip #9 Say no to Pop-Ups
Pop-ups are generally a new window opens on your computer when you are using internet. They are generally advertising, but they can also be malicious software that can be potential virus. Sometimes the pop-ups will look like a security warning like "Your computer is at risk and is having following files infected", it might tell you to download a program. Don’t rely on such messages. These messages are fake messages that encourage you to download "security software" , which can steal your personal information from your computer. You should click on “X” on top right corner of that screen without clicking on link, and thereafter turn off your internet and run your anti-virus.


Tip #10 Change your passwords once every set period of time
Make a calendar to change passwords frequently. Changing passwords constantly make it difficult for people to hack into your accounts. Try not to repeat the same passwords more than once. Make your passwords hard to guess, like make it mix of letters, numbers, it might be hard to memorize, especially if you have a bunch of logins. There are several software’s available through which you can manage your passwords, whereby you have to remember only one login information or you can also maintain a Excel Sheet and protect the same with password.

Till next post, Enjoy Safe Surfing.

Sunday 10 July 2011

6 Best Practices for Computer Security

My today’s post is regarding Computer Security.

True, Internet has made world small and you can get every information by going to WWW. The major issue that has created problems is Security of your Computer. Improper usage can leave you in trouble and if you are in networked environment where there are hundreds of users connected it can be a nightmare.
By following basic security principles we can lower or avoid security issues. Let me discuss with you a interesting incident that had happen to one of my clients. As I have done Software Implementation related to financial part of companies, I generally discuss with them what Security of data plan they have in place.
This customer had decided to keep separate network of 5 computers for implementation, detaching them from rest of the network. So, mainly the data we had was about the Software that we were implementing. The IT in charge use to do backup of data. We were almost about to complete the implementation with all the data feed in after 2 ½ months of hard work and we had reached the stage of closing the project. One fine day, as usual our project team started to work and all our data was lost, there was virus on the server which knocked out the system. We were all stunned, the IT people of the company worked hard and stated they shall have to format the Server. We were relieved that backup was there but the department had missed backup for last 2 days in which we had inserted 2000 entries of inventory products. We had  another backup plan, wherein  we as implementers, use to take backup on own devices, which helped us to reinstate the data back and saved 2 days of repeated work and advance the  closing of project successfully. The IT department found the virus had came from one the emails received by a user to install an application.

This prompted me to write this blog regarding Computer and data security.


Top Six things you can do to protect your computer

ü  Use Security Software

ü  Maintain current software and updates

ü  Windows Security

ü  Backup regularly

ü  Use strong passwords

ü  Don't install software from untrusted sources

Use Security Software: The most important thing you can do to keep your computer safe is to install and maintain security software, which protects your computer from viruses and spyware. Such security programs perform two general functions: scanning for and removing viruses and spyware in files on disks, and monitoring the operation of your computer for virus-like activity (either known actions of specific viruses or general suspicious activity). Most software can perform both of these tasks.

Install an antivirus application, and keep your virus pattern files up to date.

In general, it's not a good idea to have more than one antivirus program installed on your computer. Each program may interpret the actions of the other as viral, therefore giving you false warnings about virus-related activities.

For antispyware for Windows computers, use Windows Defender.

Maintain current software and updates: Use a secure, supported operating system. Keep your software updated by applying the latest service packs and patches. For Windows, you can schedule Automatic Updates to automatically download and install available updates.

Windows Security: Login as a Standard user most of the time. You can browse the Internet, send e‑mail, and use your applications, all without an administrator account. When you want to perform an administrative task, such as installing a new program or changing a setting that will affect other users, you don't have to switch to an administrator account; Windows will prompt you for permission or an administrator password before performing the task. I also recommend that you create standard user accounts for all the people who use your computer.

Back up regularly: This goes for your important personal files and your system files. You should have an automatic backup schedule, so that you don’t miss any of your important data. You should have your data residing at a different location like if you are using laptop, you should your data somewhere else too.

Use strong passwords: Strong passwords should be longer than six characters and a mix of numbers, letters (both upper- and lower-case), and symbols. Strong passwords should not contain your name or family names, birthdates, or addresses.

Don't install software from untrusted sources: Don't just download any file or program you come across through an internet search, unless you know it can be trusted. Download software from reputable sources, and then check the newly downloaded software thoroughly, using reputable virus detection software on a locked disk, for signs of infection before copying it to a hard disk.

You can also refer to data protection – best practices in my previous blog which shall give you more information regarding which backup strategy to go for.

Friday 8 July 2011

Top 5 Online Backup Myths

Today I shall discuss regarding Online Backup -- Its Myths and Solutions for the same.

I have came across many situations where backup is almost at lower priority, which unfortunately is the most important part of any organization.
Not only taking backup is important but to test it whether when required to restore is available is of greater importance than that.
For Small and medium size businesses, there is always a task to take backup and store the same at a safe place. Like large corporations, they may not have dedicated people assigned for the task, so in this situation going thru backup using DVDs, External Drives, USB Drives or any other form of backup does not do much. Firstly, they are not offsite, so if anything goes wrong [i.e. fire or any natural calamity] data is almost lost. Secondly, it is not available anywhere or everywhere, and in today’s internet world you require data instantly and third and the most important they are not secure as they can tend to broken / misplaced / lost or error prone. The most safe, convenient and affordable solution is online backup.

The following are top 5 myths about online backup:

Myth #1 - Online Backup is Insecure.

Considering my data is stored on some external Service Providers Data Server, causes panic to many people. Understandable, but now-a-days the kind of security provided by these Online Backup Service Providers are excellent. Following are some of the most common features present in a good Online backup Service Providers Data Center.

ü  128 or 448 bit encryption
ü  security cameras
ü   personnel access controls
ü   backup electricity generators
ü   using multiple ISPs
ü   high-end firewalls
ü   clustering and mirroring techniques
ü   fire suppression

You can get enterprise class Data Secure Storage at affordable Cost. And you are the only one who has access to your data which can be accessed from anywhere.  Your data is fully encrypted while in transit so no one can access the same.

Myth #2 - Online Backup is Expensive

When was the last time you had a data crash or unable to restore your important data and you had to pay considerable amount to try to recover data and still unable to get what you wanted? Online Backup is not costly, it stores your valuable data and you have access your data from anywhere. You get complete peace of mind when your data is backed up.
You do not require a IT specialist to do your job, you can free up IT time. Freedom from routine backup and restore tasks allows redirection of staff time to value-driven projects with greater impact on productivity and profitability.

Myth #3 - Daily Backups are difficult

Doing a manual backup can be a task and that’s the reason people tend to forget to do backup whereas, Online backup most providers have a piece of software installed on your computer and you have to set up once, stating the files to backup and shall do automatic data transfer. Some do scheduled backups while others are continuous which means that is stored as soon as saved.
So set it….back it up.  

Myth #4 - Online Backup is Not Reliable

Thinking USB Drives or CDs drives shall last forever. USB Drives are small and handy but they have a limited capacity. Imagine you have to backup large files. USB drives are the most vulnerable to be lost and you can tend to forget and misplace. Get any old CD and try to play the same, I bet you shall not be able to play the full CD, simply because these technologies are temporary solutions.
Online Backup keeps your important files and folders saved forever.

Myth #5 - How much data can I store?

How much data would like to store? Online Backup is the only one where you can store unlimited data for the life. All other resources have a limit to store.  No additional hardware required at your end. Access your data from anywhere. Your data is with you all the time no matter where your laptop or PC is. No matter, how old files you require you get them instantly. Online Backup provides the best security, flexibility at an affordable cost, no other technology comes close to that.
So, go ahead. test online backup and get your data to be automatically backed.

Tuesday 5 July 2011

Data Protection Best Practices

Things to consider, avoiding data catastrophes from occurring in your organization.
This blog discusses regarding how businesses must develop an appropriate strategy, decide the right backup type from different backup options and to protect your PC.

Assign a Password to your PC
Password protect your computer to prevent unwanted access. Change your password at least every alternate month or every time you want to prevent someone who may know it (i.e. former employee) from using it.

Secure Your Email
Use a spam filter to filter unwanted email. Never send confidential information (i.e. passwords, social security numbers, credit card numbers) via email. Always verify a website's URL before submitting your private info.

End user desktop and notebook backup scheme
§  Desktop, notebook environments
§  Application programs
§  Application settings
§  Data files
§  Address books

Type of Backups – Select the Best Backup


Backup Type
Pros
Cons
Full Backup
Complete backup of entire targeted data set
Restores are simple
Takes up most space
Full Backup + Incremental
Full backup made, followed by backups of only the data that has changed since the last full or incremental backup
Restores are complicated requires all backups and all incrementals
Complex Storage requirements
Full Backup + Differential
Full backup, followed by a backup that captures all changes made since the last full backup
Data may be [probably will be] duplicate throughout the backup sets.
Recovery requires last full backup and last differential


Protect your PC
Use antivirus and firewall software, and enable Automatic Updates for Windows Security. Make sure to have your antivirus signature file updated, as new viruses keep coming.

Protect Your Data Properly
Never rely on external/flash drives, CDs, DVDs, etc. to protect your mission critical data. They can easily fail, get lost, stolen or mishandled. Also, you can miss manual backups.

Password Safety, Your Data Safety
Remember, only you have access to your password, and without it you cannot retrieve your data. Write down the password you created during setup, and store it safely in two places.

Consider File Retention Strategies
For longer retention, create archive files and back them up. For example, create a monthly zip file with the date in the filename.

Check Backup Log Files
Periodically check the log files on your backup account to make sure all your files are backing up properly.