In the famous words of Joni Mitchell, you don't know what you've got until it's gone. Unfortunately for many home computer customers, not having a reliable data backup solution is a painful lesson to learn. As we all become increasingly dependent on our digital files, having a copy, or multiple copies, of those files is a crucial element of keeping your data safe. The data on your computer or mobile device can disappear in an instant - succumbing to accidental deletion, corruption, malware encryption or theft. The best way to prepare for a data disaster event is to make sure that you have a workable, reliable and verifiable backup solution in place.
A Workable Backup Solution
The first thing that you need to do when considering backing up your data is to find a solution which works for you. People use their computing devices differently, and therefore a backup solution should work with your computing experience. Are you the type of person who prefers to control exactly when you backup your data or would you rather "set it and forget it"? Do you prefer having your data close by, say on an external hard drive, or would you rather have it available 24x7 via the Internet? Does your data reside on just one computer or on multiple devices? Answers to these questions will help you decide on the best backup solution for your situation.
4 Key Elements that Every Backup Scheme Should Have
Your backup needs to be automatic. Life is too busy for most of us to consistently remember to start backing up our data. Most backup software and services, though, can be scheduled to start automatically. Some programs even backup instantly every time a file is added or changed. Don't let it be your job to remember to plug in a storage device or to kick off a backup routine. Let your chosen solution take care of that work for you. Your backup should be verifiable. Many people have a backup plan in place, but unfortunately not many have a restore plan in place. If you are not sure whether or not you can successfully recover the files that you have supposedly backed up, then you don't have a backup plan! Part of your backup routine needs to be periodic testing to make sure your backups are valid. This may be doing something as simple as restoring one of your files or folders to an alternate location on your computer. If you can regularly successfully restore files from your backup when you don't necessarily need them, then chances are better that you will be able to restore them when you do need them.Your backup should Include versioning. It may not be enough to have just one copy of each of your files. As many who have been hit by the Cryptolocker infection have discovered, backup solutions which don't keep multiple copies of files as they are changed are susceptible to being overwritten by malware. Therefore, it is important that your backup solution allows you to restore copies of your files from various points in time in the past.Your backup should be secure. Do you keep thousands of dollars under your mattress because you feel it's more secure than keeping your money in a bank? Many people follow a similar strategy when it comes to protecting their data. Don't assume that your data is secure just because you have a copy of it on an external hard drive attached to your computer. Hard drives can fail at any moment, can be stolen or can fall victim to a virus or a power surge. However, cloud-based backup solutions are, for the most part, much more secure than onsite backups. Most offsite backup solution providers keep their customers' data in tier 1 data facilities with multiple levels of security controls, encryption, environmental protection and co-location. It is safe to say that your data is better protected in one of these "data banks" than under the proverbial mattress in your home.
Backup Solutions that We Recommend
Sarasota Home Computers as two different backup solutions that we recommend. We offer two solutions because each of them is able to cater to the different backup needs of our customers. The first solution that we offer is Carbonite. This backup company has been in the business longer than most of the others, and it has a reputation for simple, affordable backup services for residential customers. Carbonite's user interface is very easy to understand, and customers are able to determine whether or not their data is secure just by looking at the file names on their computers. Carbonite offers unlimited backup for your home computer for just $60.00 per year, which breaks down to $5.00 per month.
The second backup solution that we offer is based on SOS Online Backup and is a Managed Backup Solution. While the cost per gigabyte is more than Carbonite, our Managed Backup allows you to protect an unlimited number of devices (PC's, Macs, Smartphones, tablet devices) under the same plan. Therefore, if you are a household with multiple computers and mobile devices, this backup solution would probably work better for you and would be cheaper in the long run than Carbonite. Furthermore, Managed Backup is monitored and tested regularly. That is, we will take on the responsibility of making sure that your devices are being backed up and that your data is able to be restored when needed. The cost for Managed Backup is $10.00 per month for 20 gigabytes. Additional storage is available for just 50 cents per gigabyte.
Both of these backup solutions provide automatic, scheduled backups to a secured data center, easy restoration procedures, versioning (Managed Backup includes unlimited versioning) and 24x7 access to your files from anywhere via the internet.
Making sure that your data is backed up securely is not a difficult task in today's world. However, it does take a bit of planning and initiative on the front end. However, when a data disaster strikes, you will be glad and grateful that you have a solution in place.
There is a new malware infection making the rounds on the internet called Cryptolocker which is posing a serious security risk to thousands users' data around the world.
The program behaves in a very similar manner to many ransomware programs. That is, it installs itself on a computer and then locks the system down so that the user cannot do anything but pay the proposed fee, usually $100 or $300. The payment method demanded is usually a some type of debit card, such as Moneypak, which cannot be traced to the recipient. This particular infection, however, is more insidious, as it encrypts many common files on the user's computer, such as Microsoft Word and Excel documents, picture and database files. The malware encrypts not only files on the local computer, but also any files on attached external hard drives, mapped network drives and cloud-based storage services (Dropbox, Skydrive, etc.) Although the infection is fairly easy to remove, at this point there is no way to unencrypt the files.
How Do Computers become infected by Cryptolocker?
Currently, most computers become infected by users who open emails which pretend to be notices about customer support related issues from UPS, Fedex or DHC. The emails contain an attachment which, when opened, infects the computer. Systems are also infected by clicking on a link on a website which has been compromised or via Trojans that pretend to be programs required to view online videos.
Is There Any Way to Restore Encrypted Files After They Have Been Encrypted?
As mentioned above, there is no way to decrypt the files once they have been compromised by the malware infection. The best course of action is to restore the affected files from a recent backup AFTER removing the virus infection. There is free a tool available online called ListCrilock which can generate a list of files which have been encrypted. This can be used as a guide for deciding which files need to be restored.
If you do not have a backup of your files, then it may be impossible to recover them. However, if you have a Windows Vista or Windows 7 system, you may be able to restore previous versions of your files through through the Windows Shadow copy tool. However, if a computer system had not been configured to properly save previous file versions, this may not provide previous copies of the files.
What Can Users Do to Protect Themselves from Infections Like Cryptolocker?
- As always, it is imperative for users to have a solid antivirus/antimalware program installed and updated on their computers. While even the best security programs will not stop or block every infection, the good programs will prevent most infections.
- Users must keep all Microsoft software and third-party software up-to-date. Infections such as this often take advantage of exposed security flaws in these software programs. However, the security patches which are released by the software companies can mitigate most of these vulnerabilities. Updating software, though, can be a difficult and frustrating task for many home users. Our Computer Watchdog Service, however, handles all of the software patching automatically and is quite affordable for our home computer customers.
- Users MUST HAVE a backup strategy in place which supports versioning. With infections like Cryptolocker, it is not enough just to keep another copy of important files on an external hard drive or flash drive. If that particular device is attached when this infection hits, then those backup files will become encrypted, too. However, many backup programs offer a feature called versioning. What this means is that when a change is made to a file, the backup program will keep the older version (or versions) of the files for a certain period of time or for a certain number of versions. If this is the case, then it is fairly easy to recover files which have been infected by Cryptolocker or similar malware. Carbonite Online Backup currently keeps up to 30 versions or 30-days worth of previous files. Sarasota Home Computers' Managed Online Backup Service keeps an unlimited number of previous versions of backed up files.
- There are some additional tools and strategies available which will prevent unauthorized programs from running on your computer. Some of these tools, such as software restriction polices (for users running Windows Vista/7/8 professional) and Parental Controls (Windows Vista/7 Home, Windows 8) are included in Windows at no charge, but must be properly configured in order to protect your system. This is something with which we would be happy to help.
Should You Pay the Ransom Demanded in order to Recover Your Files?
The conventional wisdom among IT technicians and security professionals is that users should NEVER pay the ransom demanded by these infections. By paying the amount demanded, users are not only supporting cybercriminals, but they also have no guarantee that their computers (and, in this case, their files) will be free from infection and/or decrypted. Furthermore, once a ransom is paid, that user would likely be "marked" as a target for similar future attacks, as the criminals know that the user is willing to pay. That being said, it has been reported on some security forums that users, who had no other recourse to recover their files, who paid the ransom for Cryptolocker did have their files decrypted by the program, though it often took several hours. However, other users who paid did not have such a good result and found themselves with files which were still unusable. The idea of paying the ransom amount is a risky and expensive endeavor, and we don't recommend it.
Unfortunately, infections like Cryptolocker have historically been very lucrative ventures for their creators. The attackers are almost always based outside of the United States and, as such, they cannot be pursued or prosecuted by US-based law enforcement. These types of attacks will likely not be going away anytime soon. Your best bet is to have a strategy in place for protecting your data before you are attacked. Sarasota Home Computers offers two backup services, one with unlimited versioning, which will make it possible for your important data to survive this kind of attack. Please give us a call today if you would like us to evaluate your current security and backup situation and help you prepare to weather this cyber storm.
Your life is on your computer. Well, not really. However, much of your most important data: family photos, music collections, important documents are stored on one or more computers in your home. It is therefore becoming increasingly important to be aware of how to protect yourself from the many things which may threaten the security of your data. Over the next few articles we will look at several facets of home computer data security and what you can do to decrease the amount of risk to your important data.One of the biggest threats to your data, of course, is malicious software (otherwise known as malware) being inadvertently installed on your computer. "Malware" is a catch-all description of any software running on your computer that threatens to corrupt your data, steal your data, slow down your system or even completely disable access to your system. It has become so easy to infect a computer these days that a quality security product - one that includes both antivirus and antispyware protection - is essential.
Most users know that having a good antivirus program installed and running on their computers is a necessity. However, it can be difficult to determine what constitutes a "good" program. Is the software made by one of the big vendors, such as McAfee or Norton better simply because it's more recognizable? Is the software better just because you paid an annual subscription fee? Here are a few things to note about antivirus products on the market today:
The Next Level of Security: Managed AntivirusSarasota Home Computers recently began offering a Managed Antivirus solution to our customers When a software vendor sells you an antivirus product, they are doing just that: selling you a product. They have little concern or control over whether or not the product is installed correctly, is working correctly, is regularly updating or is preventing infection. They may provide limited support during the period of your product subscription, but this may or may not be helpful to you. What makes a Managed Antivirus offering different is that it is a service, not simply a product. While we use a quality antivirus product to provide this service, we are not simply selling you another piece of software. Our Managed Antivirus solution includes:
- There is no one product which will make your computer bulletproof and totally unsusceptible to malware infection. The amount of malicious software being created on a daily basis is too great for any one program to conceivably catch everything.
- All of the major antivirus software vendors share information with each other. If one company discovers a new infection in the wild and creates a signature to detect it and/or a process to remove it, they will share that with other companies, fully expecting that those other companies will do the same. This is the only way for these companies to keep up with the flood of malware which exists on the internet today.
- An antivirus product should be used as one element in a layered security plan. There are many things that you can and must do to protect your data. Running a decent antivirus program on your computer is just one of them.
We are able to do all of the above remotely, in the background on customer computers without affecting your productivity. It's like having a set of professional eyes watching your computer for you, making sure that your system is protected. Our Managed Antivirus solution is also affordable - just $5.00 per month per computer, or $50 per year. Please contact us, if you would be interested in protecting your computer or computers with our Managed Antivirus.
- Quality antivirus and antimalware software which will work to prevent malicious software from being introduced into your computing environment.
- 24/7 Monitoring to ensure that virus definitions are up to date and that the software is running properly.
- Mitigation if the software does detect anything on your system, including examination of results in quarantine, deletion of malware and initiating additional scanning when necessary.
It's no secret that one of the most important elements of computer security is to keep the software on your machine up to date. The people who write malicious software such as viruses, spyware, keyloggers and ransomeware are constantly seeking to exploit security flaws which are discovered and publicized in the various pieces of software which are used in today's computing environment. In previous years, Microsoft Windows and the software which was a part of it (Internet Explorer, Windows Media Player, etc.) were perhaps the biggest targets. While security flaws continue to be exploited in Windows, though, the bigger targets recently have been third-party software applications such as Java and Adobe Flash player, which are installed on virtually all computers. Even Apple employees were hacked in a recent attack which took advantage of a security vulnerability in Java. (Please don't believe the lie that Apple computers and devices are inherently more secure than Windows, especially as their vulnerability to attacks will likely increase proportionality with their market share.
What's one of the best way to keep your computer secure? Keep it up to date! Turn on Windows Updates and allow them to be installed automatically. However, this will only update the Windows software on your computer. What about all of the other software which is the target of malware, such as Adobe Acrobat Reader, Flash Player, Java, iTunes, etc.? Thankfully, there is a free tool available which will patch all of these pieces of software in one fell swoop. Patch My PC is a small piece of software which can be either downloaded and run one time or (better) can be saved and run by computer users at regular intervals (e.g. once a week). The program will scan your computer for 12 commonly installed programs and will determine whether or not they are up to date. If they are not, it will highlight which programs need updates and, upon your approval, will download and install those updates automatically. No longer will you have to go to each vendor's website and manually download updates for particular products. Optionally, Patch My PC can also scan for approximately 85 other pieces of software and can install updates for those as well. The tool can also help you disable startup programs which could be slowing down your computer and uninstall unwanted software applications.
While Patch My PC is currently designed as a tool for computer technicians, it is simple an intuitive enough for most home users to incorporate into an overall computer security strategy. A version of the program is supposedly forthcoming. However, with the recent highly publicized security exploits, it would be wise to add this tool to your arsenal now. Click here
to download PatchMyPC.
It's simply amazing that you can buy a used laptop with Windows 7 Ultimate on Craigslist for just $129.00, especially when the Windows 7 Ultimate operating system retails for about $170.00. What's going on here? Someone is buying that used laptop, loading it with a pirated version of Microsoft Windows and then reselling it to make a profit. He or she is, essentially, stealing a copy of Windows and then selling it, along with a piece of used hardware, in an effort to make some money.
What is Software Piracy and Why Should I Care?Software piracy is the unauthorized copying or distribution of copyrighted software. This can be done by copying, downloading, sharing, selling, or installing multiple copies onto personal or work computers. In the case of the Microsoft Windows 7 operating system, which we will deal with in this article, people usually pirate the software either to upgrade their current computer to the latest Microsoft operating system without having to pay for it or they do it to increase the resale value on a used computer, as given in the example above. Consumers should care particularly about software piracy for two reasons. The first is a general, moral reason that any illegal use of a copyrighted work is wrong; it's stealing from the company that invested, in Microsoft's case, millions of dollars to develop that product. Unfortunately, though, this not enough to deter many users from installing a cracked copy of Windows 7 or buying a computer with a pirated copy of Windows 7. The second, more practical reason that consumers should avoid an illegitimate copy of Windows is that Microsoft has put several safeguards in place to detect whether or not particular copies of Windows are genuine. The Windows 7 software regularly "phones home" to report is license status. If the product key associated with the installation of Windows 7 is found to not be genuine (e.g. activated on multiple computers), the operating system can be rendered into a reduced-functionality state and users can be denied important security updates from Microsoft. If this happens, the computer will become increasingly vulnerable to malware and virus attacks, especially if it is connected to the Internet.
What are the Legal Ways to Obtain Microsoft Windows?
There are primarily three legitimate sources to buy Microsoft Windows software: OEM, retail and refurbished. OEM (original equipment manufacturer) software is bundled with the price of new computer. When you purchase a computer from Dell, HP, Lenovo, etc., and open the box, the software that is pre-installed on that computer is OEM software. A new computer will have a Microsoft Certificate of Authenticity sticker on the side or the back of the system, branded with the name of the manufacturer, which will contain the license ID and 25-digit product key for the copy of Microsoft Windows which came pre-installed on your system. If you ever needed to re-install the operating system and re-activate the Windows license, you would use the product key on that sticker.
A second legal source for software is retail or packaged software. In other words, if you would like to upgrade your Windows Vista computer to Windows 7, you could go to a store and buy a Windows 7 upgrade license, which retails from about $100-150, depending on what specific version to which you are upgrading. A retail copy of the software will contain an upgrade edge-to-edge hologram DVD, a Certificate of Authenticity sticker and a 25-digit product key code which you will need to enter during the upgrade process.
A third authorized source for Windows 7 software is a refurbished license. These can only be obtained from Microsoft Authorized Refurbishers or Microsoft Registered Refurbishers. These licenses can only be sold with a computer which has been through a refurbishment process; the software cannot be purchased separately. When a consumer purchases a MAR computer, he or she will receive a Certificate of Authenticity sticker, an re-installation DVD and a card with the 25-digit product key.
How Can I Tell if My Copy of Windows is Genuine?
As mentioned above, it is wise to make sure that you have a Certificate of Authenticity which matches the version of Windows which is installed on your computer (e.g. if you have Windows 7 Home Premium, make sure that your COA is for the same version of Windows.) Also, it is helpful to have the 25-digit product key code which is associated with your installation of Windows. With OEM software, this code will be on the COA sticker. Retail copies will usually have the product key code on a sticker inside the packaging which came with the installation disk (Don't throw that packaging away!) Refurbished computers will be sold with a card which has the product key on it. If you are not sure what your product key code is, you can usually extract it from your installation of Windows by using a software tool such as Magic Jelly Bean. Microsoft also offers a free online tool to check the validity of your installation of Windows.
In our next blog post, we will tackle the question of what to do if you find that your copy of Windows is not genuine.
The Microsoft Windows XP operating system, though far and away the most used desktop operating system in the world, is slowly beginning to sink into the sunset. First released in 2001, XP continues to dominate the market share on the majority of computers, even after 11 years. However, Microsoft has set an of support date of April 8, 2014. What this means is that after that date, Windows XP will no longer receive software and security updates from Microsoft, leaving computers running XP increasingly vulnerable to virus and malware attacks. Likewise, many software vendors will take their cue from Microsoft on or before that date and will no longer support their products running on a Windows XP computer.
How do I know what operating system I have?
The quick, easy way to determine what operating system you are running is to bring up the System Properties window. To do this, press and hold the Windows key on your keyboard and then press the "Pause/Break" key (it's on the same row as the F1-F12 keys, to the right above the arrow keys and Page Up/Down keys). If you are running XP, the window will look something like this:
Will my XP computer Still Run after that date? Yes, your computer will still run. However, it will become increasingly more difficult and expensive to repair and support Windows XP machines after this date. If you are running Windows XP on your home computer, you should begin planning now to either upgrade your current computer to a newer operating system or purchase a new computer to replace the XP machine that you have.
Should I upgrade or replace my computer?Most home computers which have Windows XP installed are likely more than 4 or 5 years old. If this is the case, then it may be wise to consider purchasing a new computer rather than upgrading. Hardware components (e.g. motherboard, power supply, RAM, etc.) can become harder to find and increasingly expensive on an older system. However, if your computer is newer, or if you wish to install Windows 7 on your XP machine, start by downloading and running the Microsoft Windows 7 Upgrade Advisor. This free tool will help you determine if the hardware on your current machine is capable of running Windows 7 and whether or not there may be compatibility issues with the software currently installed on your machine. Keep in mind that when upgrading from Windows XP to Windows 7, all of your programs (e.g. Microsoft Office, Adobe Acrobat, etc.) will have to be re-installed; there is no in-place upgrade option available for XP to 7. In order to upgrade your computer to Windows 7, you will need to purchase a legal copy of Windows 7, which currently retails for about $120-$150. Home users, though, can purchase a Windows 7 Home Premium Family Pack, which can be installed on up to 3 PC's. Upgrading a computer, though, can be a daunting task for many folks. If that is the case, Sarasota Home Computers can assist. We have a flat rate price of $90 for operating system installs and upgrades.
If you choose to purchase a new Windows-based computer within the next 2 years, it will come pre-installed with either Windows 7 or Windows 8 (to be released this Fall). When transitioning to a new computer, the question for many home users is how to get all of the "stuff", music, pictures, documents, etc. from the old machine to the new machine. The software programs that were installed on the old computer must be installed on the new computer. It can also be a little bit intimidating to learn a new operating system, especially if you have used Windows XP for several years. We can help with this transition. Like the operating system re-install, we offer a new computer setup service which includes physically setting up the new system, transferring user files from the old computer to the new system, walking you through the basics of the new operating system and making recommendations about the disposition of your old computer.
For more information on this topic, please read our customer information sheet on When is it Time to Upgrade to a New Computer.
If you are currently running Windows XP on your home computer, don't panic. However, do begin planning now to transition to a newer operating system or a new computer sometime within the next two years.
These days all of the most critical data in our lives is often saved online - email, banking, bill paying, shopping, etc. Each of these sites requires a username and password. To be honest, this is an area where many of us become lazy, often using the same password, or a slight variant, to log into all of these sites. This is, however, a huge security vulnerability, and makes it easier for hackers and for malicious software to gain access to your accounts. Please consider implementing the following habits into your password routine:
In my next article we will explore some tools that you can use to help you create, remember and manage passwords.
- Use a strong password. What is a strong password? According to Microsoft, and most computer security experts, a strong password is at least 8 characters (the more, the better), has a combination of upper and lowercase letters, numbers and symbols, does not incorporate words found in a dictionary and does not use sequences of numbers or letters (e.g. 12345, abcdefg, qwerty, etc.). While such a password sounds difficult to create and even harder to remember, it's actually easier than you think. To create a strong password, start with a phrase or sentence that is easy for you to remember (e.g. Great people make great passwords), then remove the spaces and change or remove 2 or more letters and at least 1 symbol: Gr8peoplemak3gr8psswrds] Next, check your password strength against a password checker. (This one is great, as it tells you how long it would take a desktop computer to hack the password via a brute force dictionary attack. My sample would take about 806 Octillion years!) Once you have crafted your password, open windows notepad and practice typing your password several times. By doing this, you will help your brain and your fingers "learn" the new password. It should go without saying that you should avoid using the same password for everything.
- Your email password is probably your most important password. Though many of us may not realize it, your email password is generally the "key to kingdom". If you forget your login password for just about any site on the Internet, what is the most common way to recover or reset that password? The answer is your email account. When you initially register with most sites, you are required to enter your email address for this reason. Therefore, if someone can guess and change your email password, that person could effectively reset or get at all of your other online passwords. Consider setting a strong password for your email account. Some email accounts, such as Gmail, even offer 2-factor authentication, In such a scenario, Google would send an additional code to your cell phone that you would have to use in order to reset your Gmail password. This drastically reduces the chances of someone hacking your Gmail account.
- Don't depend on your Internet browser to save your passwords. Though this is convenient, this is not terribly secure. Saved passwords in Internet Explorer and Google Chrome are stored in a Windows registry key. Though they are encrypted, the cipher, or key to unlock the encryption, is your Windows password. If you do not use a password to log onto your Windows computer, then the passwords are effectively not protected. They can be viewed by free programs such as IE PassView or ChromePass. Presumably, if they can be viewed by these programs, they can also be viewed by any malicious software that would be running under your Windows user account. Also, keep in mind that Windows passwords are fairly easy to hack or change. Mozilla Firefox does have a built-in Master Password that encrypts saved passwords with 3DES encryption, which should be fine, assuming that you create a strong master password.
- Avoid "forever" passwords Some sites prompt you to change your password at select intervals (e.g. every 3 months), while other sites will never ask you to change your password. Passwords that never change make it easier on the customer to log into sites, but this is not a good security practice. You might want to consider scheduling a "change my passwords" day every so often in which you change all of your computer and online passwords at the same time.
- Your cell phone needs a password, too. If you have a phone, and it becomes lost or stolen, how much of a problem would it be if someone else accessed the data stored on that phone? If you have a basic cell phone, the data may be limited to names and phone numbers. However, if you have a smart phone, the data that could be compromised could include email, online banking and any other password-protected applications that you have on your device. At a minimum, you should consider password-protecting your phone in some way. For smart phones, you might also want to consider some type of remote-wiping software should your phone be lost or stolen. The same is true for tablet devices, such as iPads and Android tablets.
- No legitimate company will ever request your password. If you receive an email or a phone call from anyone requesting your username or password, no matter how legitimate it may look or sound, do not give out that information. This is known as a phishing attack, and it is designed to trick you into handing over your information. Any company which maintains a secure database of client information has the ability to access that information apart from your account.