The myth:
"If we install top end firewalls,
backup regularly, and don't allow file sharing, we're safe."
The truth:
Remember -
All systems fail; the only
question is when.
The measures:
Choose wisely
-
what to attempt to prevent,
-
what to back up and when,
-
how to store it safely,
-
and be ready to re-install.
First consider seriously
how much data you canNOT afford to lose. Then figure out how thoroughly
you can arrange to safeguard it, and how to get it back when it gets corrupted
or disappears altogether.
Define "afford" for yourself.
There are financial costs and emotional ones.
You probably can stand a
little heartache and you can spend a certain amount of money, but it helps
to have envisioned a reasonable response before the fact.
An honest answer to how much
of your data you need to be able to recapture will vary enormously between
users and is bound to lie somewhere fairly far into the middle ground between
the extremes of "all of it" (oh come on!) and "none of it" (why were
you saving it to begin with?)
Yes, it's depressing to suffer
losses, but they occur as regularly with computers as mechanical problems
do with cars, so plan on it -- and no utter martyrdom allowed!
When you've been hacked or
flooded out or you've done something as simple yet deadly as having tripped
and dragged the computer to the floor with you (don't laugh - it happens!)
you need to be able to go through the usual stages of gnashing your teeth,
swearing revenge, and considering beefing up future security... but most
of all you need to get up and running again - NOW!
"The best revenge is a
happy life."
-Gayle Westrate
The Trade-offs - Time & Money
In today's world we try to
secure our belongings in a balanced way. We don't want to be "insurance
poor", having incessantly tithed major amounts of our net worth to the
gods of "what if", but we also don't want to have to start over from nothing
with nothing, if a real disaster occurs.
Our online possessions raise
the same concerns.
If your computer is never
connected to the internet, its contents are still not absolutely safe.
Electrical spikes can utterly destroy your system, friendly and unfriendly
visitors and your own personal vagaries on a rough morning can wreak havoc,
and even if you live in a fortress you're still stuck with the ultimate
truth: magnetic medium itself is prone to breaking down over time.
The ultimate security? Back
it up.
And consider paper. Print-outs
and handwritten.
If you're dealing in sales,
frankly, you'd be a fool to let anyone talk you into a "paperless office".
Be sure your employees do
keep small, simple, old fashioned paper notes on what contacts they've
made. If the system crashes at 2pm they'll be able to reconstruct the business
of the past five hours. Would they be able to do that from their memories
alone?
Large companies spend a fortune
on precautions, some changing passwords several times a day. In such companies,
employees with need-to-know carry pager-like devices that produce the new
codes in a convoluted technique of randomization that would do credit to
the minds of wartime encryption experts.
While there are many clever
schemes around to thwart security breaches, please notice that even the
most major corporations do get broken into, do acquire viruses, do lose
valuable data.
What they finally all have
to resort to (and you do too) is spending a certain amount of time and
money not on fail-proofing their systems but on backing up their
data and storing it safely.
Storage - How much
Storing it safely may simply
mean getting it printed out onto paper, but consider whether you might
ever have to type it all in again by hand some day.
A step up from that is to
get it copied off from your computer onto tape or a series of 3" diskettes
or a writable CD.
For a large company, or even
a priceless personal collection, safe storage is likely to involve at least
three levels of storage --
1. copies that are kept on
premises
2. copies that are kept in
a separate building or even a bank vault (and rotated regularly)
3. secondary copies,
just in case there turns out to have been a physical glitch in the medium
that the first set was recorded onto!
If the building burns down,
you'll buy new computers, but what will you put on them if the backup information
has burned too?
And what do you do when you
go to reinstall and discover that the tape or diskette has a faulty track
and won't work after all?
If your system should pick
up a virus, you may not notice it right away, so your most recent backups
may already be contaminated, and you need to be able to go to an earlierarchive
for a clean one.
Only you can decide the trade-offs,
however it's actually not at all unreasonable to keep double and even triple
backup materials.
But you don't have to backup
the programs themselves, just the data you generate!
Storage - What to back up
Recognize that the material
on your computers divides into three foundational types:
1. the computer's operating
system (eg. Windows)
2. the programs installed
on it (eg. AOL as a browser, MS Word for word-processing, etc)
3. the data (your
accounts, your correspondence, your graphics, etc ...the material you generate)
The operating system and
the programs are almost certainly available to you on disk or CD, and you
have them tidily filed along with their warranty information and the instructions -- right beside that of the hardware (computer, printer, scanner, etc)
...right?
So the first two categories
are already backed up and they don't change (except to come out as newer
versions); you don't need to back them up any further, just be able to
lay your hands on the originals and re-install.
And, of course, you could
obtain copies of the programs and the operating system from their vendors
if you should happen to damage any of that material - or mislay it.
But the third foundational
type, your data, is stored ONLY when and where YOU have backed it up.
Storage - Gathering it in
This should suggest to you
that you really don't want your data scattered all over the hard drive.
But programs themselves are
generally designed to store the data they've worked on each in their own
program area by default -- after all they don't know what other arrangements
you'll have made.
Create for yourself a filing
area that is nothing but data, so you can grab it all in one logical
sweep.
Windows comes with a folder
called My Documents which is for exactly this purpose. Under this you can
create a series of sub-directories - just as if you were arranging manila
folders in a series of drawers in a steel file cabinet.
If you ALWAYS save ONLY within
these folders, then you can easily back up all your data in just one step,
by backing up the master folder (My Documents).
Best of all, the data will
be in your archived tape or CD in exactly the pattern you already recognize.
Storage - How often
Rational business back up
involves a daily backup of new data, and a weekly backup
of data -- which, remember, is then removed from the premises!
Companies that have proprietary
software designed just for them tend to back that up as well, usually monthly
or quarterly.
Consider too, that if a virus
should gain access it's valuable to have a close series of very recent
backups to help show WHEN it got in.
Security
warnings
There are several official
sources for updates on potential threats to computer security such as viruses
and hacker activity.
Arguably the best of these
are the CERT advisories http://www.cert.org/
You should also occasionally
(or quite regularly if you're running a business) check the home pages
of each of your hardware and software providers.
You should ESPECIALLY be checking the home page of your virus checking software for updates on a weekly basis.
If you think a virus warning
is worth passing on, PLEASE check its legitimacy YOURSELF even if it came
from your best friend or your own mother.
Include within your own letter
the URL (http address) of the official group issuing the advisory, and
encourage the people you choose to email to check it THEMSELVES before
they send it on.
If you ever pass on bogus
warnings or chain letter jokes to 10 people, threatening them that they
each must pass it on to 10 more or they'll have a year of "bad luck", it
will NOT bring you either luck or love - more likely your karma will be
in trouble because you're actually helping to create a sort of virus yourself
!
After all, a virus is by
definition an out of control organism that takes over the function of normal
cells and keeps on reproducing itself until it clogs up the whole system.
Bandwidth
issues
There are really two issues
here, the practical and the moral.
Morally, the unnecessary
use of bandwidth is comparable to leaving all your house lights blazing
just because your electric bill isn't too high for you, personally, to
pay.
In our culture, we all realize
that using excessive amounts of electricity strains the extant system,
forces more generating plants to be built in order to maintain a margin
of safety, and heads more rapidly toward the day when all this planet's
quite finite petroleum reserves are depleted. Alternative fuel for the
power generating plants may --or may NOT-- be feasible as fast as that
deadline is approaching.
What the casual new user
of computers tends not to recognize is the limitations of cyber bandwidth.
Bandwidth is simply the amount
of signalling that can be done over the existing cables, phone lines, and
airwaves.
From a practical standpoint,
there is a specific limit to the amount of "traffic" that the "Information
Superhighway" can carry at a time.
Bandwidth is increasing,
yes, but barely in keeping with the additional number of people coming
on line every month - every day!
Your own responsible actions
help encourage awareness in the people you contact.
Welcome to the cyber community! |