09.04.08
Online Security: Recovery
Often, those of us who work around computers, particularly support staffers, will give regular computer users the impression that security is about having a good firewall, a good anti-virus program, and a good anti-spyware program, and keeping those programs updated. The fact is, there is no such thing as perfect and unbreachable security. There is only harder to breach and easier to detect when a breach occurs security. Today’s article is a short and non-detailed statement about what to do after your security is breached.
What do you do when your computer is infected with Antivirus XP 2008? What do you do when every time you turn the computer on, it opens up a porn site? What do you do when your computer is sending out spam? When you suspect that your computer is infected with something that may collect your banking or credit card information and send it to someone else?
We have been discussing online security and spam recently. It occurred to me that someone might say “you just do this, this, and this, and you won’t have any problem with security”. And in fact, that is exactly what people tend to say: stop using Internet Explorer and your security problems will go away; do not log in with admin rights, and your security problems will go away; use restrictive “group policy object” settings and your security problems will go away. Each of those actions may reduce the number of potential security holes, but none of these, either by itself or in tandem with other actions, will completely eliminate security problems.
I think we have to compare it to the physical world. We think we are secure in our homes, but from time to time, we read of someone killed in his or her own home by bullets fired from a passing vehicle. We think we are secure in our local cities, but we can all recall hearing about this or that violent crime which took place in those very cities. We think we are secure because we do not carry cash, but many a criminal has stolen credit card information from unsuspecting victims. We think we are secure because of our new sheriff or police chief, our new mayor or governor, because of Senator so-and-so, or even because of our President. But presidents, governors, senators, mayors, and even sheriffs and police chiefs cannot protect us from every possible threat.
We have to accept that some threats are so unlikely to happen, or will do so little damage if they do happen, that we cannot justify taking any action to prevent them. Otherwise, we’ll build ourselves little cages to keep the danger out, never realizing that we are really just keeping ourselves in. It is important to realize that we can never completely eliminate threats to our well-being. The only thing we can do is reduce the likelihood of the most serious and likely threats and the potential damage that could happen as a result.
If your door is unlocked, you have nothing to complain about if your stuff gets stolen. At the same time, you do not need to become so paranoid that you have fifteen different locks on your door. If a serious felon comes after you, the locks will only slow him down a little–they will not stop him from entering your home.
In the same way, if you go to the ATM at midnight, especially in a bad section of town, you have nothing to complain about when you get robbed. But do not let paranoia keep you from ever visiting the bank. If there is money around, it will attract those who want to have money without working for it. You can become a smaller target, but you cannot completely stop thieves and robbers from coming after you.
And so it is in the online world. You can reduce the likelihood of a security breach and make it harder for someone to breach your security, but you can never make it impossible.
What, then, should you do about this? Accept it. Only then will you also accept the need to back up your computer’s contents regularly. Backing up, as I’m using it, means to make a copy that is not on the computer’s hard drive.
One place I worked set up daily, weekly, and monthly backups, after a user on the network accidentally erased a shared folder on a server. Oops! Who hasn’t had a hard drive suddenly fail, instantly shutting down access to everything that was on it? Usually, we have not taken the time to back the data up, so whatever was there is generally lost. This is why we need to always be sure to back up our files regularly. This is even more important in a small, locally-owned business (SLOB).
There are many different kinds of backups, and different kinds of software to make them, but that is beyond the scope of this article. I would suggest that you get a book about data backups (try Amazon or Barnes and Noble or Borders) or that you write down your operating system and hard drive size and take that information to one of the bright young “associates” at your local consumer electronics store. Whatever solution you wind up with is probably better than what you have right now.
I know a family that buys a new computer about once per year. It seems that they have a teen who downloads things and winds up infecting and destroying their computer. I believe that they would benefit from backing up their data, especially since they refuse to follow any of the other security advice.
If they had a fairly recent full-disk backup, they could sledge* the hard drive, install a new hard drive, and do the recovery. In reality, there are some complications to deal with. But certainly, it is better to have your data than it is to lose it.
Please be aware that some potential threats, such as a fire, would really require that your backed-up data be kept off-site, but a home or even a home-based business is not going to have an off-site location to store that data. Also, you should occasionally test to ensure that you can recover a file from the backed-up data. If you cannot retrieve lost information from it, it isn’t really a backup, is it?
- sledge
- v.: to break apart with a sledgehammer
Permalink Comments off
