Written by Chris Maloney
Computer virus scams are constant and Disk Failures strike when you can afford them the least. Here are a few best practices to implement to minimize the damage when these disasters occur.
Ignorance is NOT bliss.
I recently read a news story that got me thinking about the microsoft virus scam. The story centered around a family where a younger child answered the phone. The scammer took the opportunity to walk the child through a few settings, allowing the caller to take control of the computer and remotely download software. If you are interested in the specifics you can read all about it here: http://www.turnto23.com/news/30614846/detail.html
I make this point because most of my clients are small business owners with small networks. As a small business owner we keep important financial records, contacts, and resources on our computers. Do you want some scammer to have full reign over all your business critical data? Of course not. Yet all it would take is one well intentioned (yet uneducated) employee to take the bait and allow that person through any security you may have implemented.
I have been baited by the microsoft virus scam
(see sidebar) several times. In fact recently I got two calls in one day. Fortunately for me and my business records, I knew the scam and understood what was going on, yet I shudder to think what could have happened if my 13 year old answered that call without me there. I like to think she would have recognized it for what it was, but I can’t be certain of that. I have since educated her and the rest of my family about what to do if these people call again.
Now, the million dollar question. Are your employees savvy enough to know when they are being duped?
Make sure to tell them not to follow any instructions from unsolicited calls when it comes to anything having to do with computer security. There is no way Microsoft or Apple Computer can remotely tell if there is virus activity on your computer, nor do they make it a habit to devote their call center resources to calling people about “suspicious” activity on private computers.
2. Stay Updated
You needed a break anyway
I hear it all the time. “Flash needs to update again”, “Why does it take windows so long to update”, etc. I agree, updating software is a pain and is quite time consuming but there is a reason for it.
Hackers spend their time looking for errors in software code. These bugs can sometimes be exploited to allow these people to run programs which give them access to your data. When a bug is found the software companies scramble to fix that bug and plug the hole. If you do not allow the updates to go through you are keeping that security hole wide open.
Sometimes hackers can write their own programs that go out on the internet and specifically target these unpatched systems. Even though Flash or Java is just one piece of software, a security hole in these kinds of programs can open your entire computer and possibly network up for attack. Make it a habit to update programs on a regular basis and try not to put it off.
So far we have been talking about steps you can take to protect against malicious attack. But what if those steps aren’t enough and you are hit with the latest virus that wipes out your hard drive? Or what if the fates conspire against you and those dreaded disk error warnings start showing up minutes before a total disk failure. What can you do?
3. Ghost Your Drive
Don’t be afraid, it’s a friendly ghost.
Ghosting (or mirroring) your drive is an excellent way to recover your business quickly after tragedy strikes. It consists of making an exact duplicate of your hard drive to a file or external hard drive. This exact mirror, also called a disk image, can be stored for future use. If your computer becomes infected you can completely format (wipe out the hard drive) and then use your ghost file to restore your operating system.
There are many disk imaging/ghosting options out there. Some are paid programs but there are some free alternatives such as FOG as well. I have not personally used FOG but at that price it is worth some testing.
I recommend before you make an image you install a fresh version of your operating system with any updates that are available at the time. Then, install all the pertinent software that your business uses as well as any updates for that software. Only then should you image the drive (preferably twice to different hard drives for added redundancy).
4. Incremental Back Ups
A good step
Ghosting your hard drive is great but it is time consuming. It is not something you are going to want to do every week. You need to also keep incremental backups of your recently changed files.
You can do incremental backups using built in windows software or you can buy software specifically for the task. Some external hard drives even come with backup software pre-installed. Take the time to find the files and folders that your business cannot survive without. Set them to automatically backup to an external drive on a regular basis. No matter what software you choose, make sure it is something you and your employees are comfortable with and WILL USE REGULARLY!
Most backup software will only backup those files that have changed since the last time it ran. This means the first time it runs it will take a while but subsequent backups should be a lot faster.
Where do you put these incremental backups?
If you are doing this to an external drive I highly recommend using two drives at a minimum. Backup to one daily and swap that drive out on a regular basis. When you switch the drive you can take it to a secure, off site, location and use the other for your daily backups. Then after a week or so (whatever you decide) switch them back. That way your backup by your machine is the most up to date, but should the unthinkable happen and your office catch fire or be burglarized you still have a secondary backup in a secure location. Even if it is not quite that serious, hard drives DO fail and can render data unrecoverable. (Trust me, I know from experience.)
5. Stop Reading and Do It Already
Much of this may sound like paranoia, but these are lessons that many of us (including myself) have had to learn the hard way
. It is like insurance, something you’ll never need until that one time when you need it. And by then it’d be too late.
Remember:Hard drives DO fail!People ARE out to get your data!With preparation you CAN conceivably recover from a virus or disk failure within hours!
So, what do YOU
do to keep your business safe? We’d like to hear what you have to say below.