Category Archives: Disaster Recovery

Personal Computer Security

Personal computer security is essential – and even more so if you access administrative functions for your website. Viruses and trojans on your personal computer may lead to compromised security on your website – especially if you are not careful in your selection and maintenance of passwords.

For this reason and many others, it is essential that you practice diligent personal computer security practices. Please note that these recommendations are suitable for home or a small office, but some of them are not adequate for more than a three or four person office. Please Contact Us for a free analysis that will provide the best fit for your situation.

Full disclosure: Please note that I will be recommending several products within this article. These are products that I have selected through a long and on-going research process. I use these products myself. I have established affiliate relations with some of these companies so I receive compensation when someone clicks on those links and purchases the associated product.

Personal computer security starts with proper maintenance of your computer operating system. If you use Windows, that means subscribing to the automatic Windows security updates. There are several options within this service – we recommend that you automatically download the updates, then install them yourself. Unless there is an especially urgent security patch, it can be beneficial to wait for a day or two before actually installing the files – there have been a few patches that caused problems themselves, requiring a patch to the patch. Apple offers a similar automatic operating system update service.

Next, it is essential that you utilize an effective anti-virus program. We recommend Avast (free) or Kaspersky (not free). There are advantages to the Kaspersky program, but the Avast program is very effective as well. Anti-virus programs work in two ways – they interactively protect against viruses as they occur and they also scan the computer, looking for viruses. A complete scan should be performed at least once per week, ensuring that the anti-virus program has updated its definitions – the files that tell it how to identify viruses. The full scan can be setup to run automatically according to your preferred schedule.

A router and firewall keep hackers out of your computer. The protection is somewhat redundant, but it’s better to have two layers of protection. A router is hardware; a firewall is software. We use and recommend the D-Link DIR-655 Extreme-N Gigabit Wireless Router. We recommend two firewalls – Comodo (free) and an integrated Kaspersky package that includes anti-virus and firewall applications.

Additionally, you will want to install a good spyware/malware program as well. We use and recommend SuperAntiSpyware which is a freeware product. We have also utilized MalWareBytes which sometimes identifies and resolves malware that the other programs just don’t find. Run them both! We do. Unlike AntiVirus programs, the free versions are not real-time programs which means they won’t interfere with each other. Just don’t run them at the same time!

When all else fails – and it will, eventually – you will most definitely want a good backup! There are several ways to accomplish this – we use MozyHome backup service. It backs up the files you select to the internet and is painless to use – I schedule my backups for 1:00 AM, so it happens as I sleep. If your system fails or is damaged by malware, just restore it from MozyHome. There are some aspects of this, however, that can fail, so it’s good to have another system as a backup – contact us for further discussion. An office of more than three or four people will definitely need a more robust backup solution.

Finally and most importantly… use good password practices! Use good strong passwords with at least 8 characters including upper and lower case letters, numbers and symbols. They should not be guessable, like your family’s birthdays. Use a service such as strongpasswordgenerator.com to create your passwords and DO NOT use the same password for everything. You should have separate passwords for different categories of services – one for online banking, another for administrative functions, a third for casual surfing sites, etc. Naturally, you will not be able to remember these. Use a program that stores the passwords in a secure database. The program will automatically fill in the username and password for each website for you, making it easy. The program should allow you to export the list to a separate file. Do that at least weekly and save that file to a secure location, using encryption software to make the file unreadable by anyone but you. We recommend LastPass (free), PasswordSafe (free), or RoboForm (not free).

To further protect yourself, use SSL(Secure Socket Layer) for your e-mail connections and ftp (file transfer protocol) connections.

It seems like a lot to deal with, but the penalties for not dealing with personal computer security are far greater. Oh, and don’t forget to provide malware security for your web-enabled phones, too! Contact us for further information and/or assistance in securing your computer.

Backups

Sooner or later in the life of every site comes disaster. It’s not a matter of ‘if’ – it’s a matter of when.

A full and complete backup provides the only protection against these disasters. The details of the backup depend on the platform on which the site is built.

Simple HTML or PHP sites are the easiest to backup. Your webhost provider will offer backups – which you should use! – but you should also backup your entire site to your own local computer. Compress the entire site to one or more archives, depending on the size of your site, and download it to your PC. Then backup your PC, keeping a copy of the backup offsite. I use one of the many online services for this purpose – it happens automatically and the backup is available anywhere the internet is available. You may choose some other mechanism, but you are not properly protected until you have a verified backup stored away from your home or office.

If you are using WordPress, Joomla, Drupal or some other CMS (Content Management System), the backup will be much more complicated because you have to backup the CMS itself and the plug-ins (including the settings for the plug-ins) in addition to the content of your site. For WordPress, we recommend VaultPress. If you are using Joomla, Drupal or some other CMS, contact us for backup solution suggestions.