Print this articleDuring these security posts I want to emphasize some of the posts I have already published. I plan on doing a summary at the conclusion of the security series that will "beat a dead horse." A good functional anti-spyware program is one of the necessary software packages to keep your computer secure and running effectively.
What is a firewall? Let me use a phone analogy. A phone sits there waiting for a call. It uses a communication port that is doing nothing but waiting to receive a call. The phone rings when it receives a call. You answer the phone and the communication line is then fully established and in use. A computer also has ports for communication, but it has 65,535 ports (actually 65,536, but port 0 is reserved). A common computer port is port 80. It is normally used for web page requests. A computer that is setup as a web server sits and waits for requests through port 80 (default settings). When it receives a properly formatted request, such as you trying to access a web page with your browser, it answers the "phone" and the web page is returned for viewing in your browser. This was a very basic explanation; there is no need to get any more in depth. Other common ports: port 21 is used for FTP, port 23 for telnet, and port 110 for pop3 email services.
So, what about the firewall? The firewall blocks ports or restricts access to certain ports. A firewall could be used in many different configurations, but its most common use is to restrict access to only the ports that the firewall administrator wants people to access.
There are two types of firewalls: software based and hardware based. If you have a router in your home, you may have a firewall built into the router. It is a good idea to turn it on if you do have one. Hardware firewalls are usually more secure than software firewalls. If you don't have a router, a software firewall will work fine. There is no need to run out and purchase a router if you don't have one. A router presents its own security issues if it is not configured correctly (this will be covered in a security post at a later date). If you simply have one computer in your home there is no real need for a router. If you have more than one computer, a router is necessary to simplify the process of getting internet access to all of them.
Why would you want to restrict access to ports on a computer? It is another first line of defense if you are connected to a network. Some worms (a type of self traveling virus) will actually look for specific ports to move from one computer to another. How do they do this? Usually, they probe for a computer that has a security flaw on whatever port they may use to travel (this is why Windows updates are so important). When they find the port open that has the flaw, they easily move to that computer, infect it, and look for the next one to infect. I have a great personal story about this that I would like to share.
I was transfered to a new position for the same employer. The position I was taking started before the building was even finished being constructed. I had to wear a hard hat and steel toed boots to get into the building and work on technical issues. A team of us had to un-box 435 computers, put software on them (image), and be prepared to put them in place when the rooms were finished. The software installation took place in a single large room and only 30 computers could be worked on at one time. After completing 30 computers we would stack them along a wall and do the next 30. The process took several days. Not the ideal solution, but we had limited space and network connections at the time. The computers that were imaged were lined up against the walls until they could be installed in the various offices and labs. Weeks later the rooms were complete and we started installing computers in the offices and labs. The process to install the computers also took several days with about 10 people doing the installations. After everything was installed, Murphy's law went into full effect. We sent a wake on lan (WOL) call and booted all 435 computers at the same time. So, 435 computers that had been turned off for several weeks all started at the same time. We booted them all so that they would start downloading updates and we could push more software to them. They never had time to update. Someone noticed that several of the computers rebooted...then some more...then some more. Everything was now rebooting, over and over. We noticed a shutdown message appearing before the reboots. A quick Google search let us know that 435 computers had just been infected with a worm! The whole process for a complete infection of every stinking computer in the building took less than 10 minutes. We didn't know whether to laugh or cry. I wish I could remember the name of the worm, but several years has passed since this occurred. Thankfully, the building was not in use yet so we had time to re-image all of the computers before employees showed up, but all of our previous work was in vain.
Another reason to use a firewall is because hackers will also try to exploit these same flaws and use compromised ports to gain access on to a computer. That does not mean to use the firewall, but then forget about computer updates. Both are important.
The Windows XP and Vista firewalls are simple. You may occasionally have a program try to gain access through a firewall, such as when you first run a game, and Windows will pop up a message asking if it is okay. If you allow it, Windows will never ask again in the future when you run the same program.
To see if the firewall is running on Windows XP, go into your Control Panel and look for the firewall applet. Double clicking it will let open the program to control turning it on or off. In Vista, also go into the Control Panel, but then you also have to open the Security applet; the firewall applet is in there.
Windows 2000 does not come with a built in firewall. There are several free software based firewalls that you can install, but most are not as easy to work with as the ones built into the newer operating systems.
Keep in mind that some of these firewalls can take a little getting used to. Most are much more strict than the standard Windows firewall. They may query you about information leaving your computer and information coming in. Some may be very "busy" bombarding you with information during the first few days of running it. Don't panic, it is usually just the firewall telling you it is doing its job or asking you if it is okay to allow a program to access the internet.
Here are two free firewalls. You can certainly search for others, read reviews, and maybe find one that is more to your liking. If you choose ZoneAlarm, only download "basic ZoneAlarm protection." They offer other software bundles, but they really aren't necessary.
Now I am going to stray slightly off subject, but I think it needs to be said. Considering that Windows 2000 is 7 years old, almost 8, at the time of this writing you may want to consider upgrading to Vista. This, obviously, will depend on finances, because Vista is a resource hog and requires more memory, video capabilities, and processing power than previous versions of Windows; it may not run on the same computer you are running Windows 2000, or even Windows XP. This is entirely a personal choice, however. If you keep Windows 2000 updated, practice safe computing, and it does what you need it to, you should be able to use it till your computer decides to stop working or Microsoft stops supporting it. The only reason I mention an upgrade is because Vista does a better job with basic computing protection than previous versions for the average home user. My wife has it on her laptop and she loves it, because of how it looks, not how it operates. I like her having it because it is easier for me to maintain. Vista has a firewall and anti-spyware software built in. XP has a firewall built in. Windows 2000 has nothing built in. Windows Vista is by no means perfect, but if you have a computer that can run it well, it is better than 2000 and XP. I am sure that last statement would cause hours of discussions with other computer geeks. But I would stand my ground: for the average home user, Vista is the best choice, but your computer has to be compatible and have the horsepower to run it (fairly new).
Anyways, back on subject: make sure you have a firewall and it is running if you have an internet connection.
First let me start by telling a story. The story is about a personal computer that I had to work on.
A friend of mine was having computer problems and wanted me to look at it for him. No, I won't give you his name. He was having performance issues and could not figure out what was causing the problem. He was actually fairly knowledgeable about computers. He kept his computer up to date, he had it password protected, he had up to date anti-virus software and he ran a firewall. He invited me and my wife to dinner (our wives were friends also) and asked if I could look at it. When we arrived at his house I immediately asked to see the computer. He led me into the den, pressed the power button on the computer, and said he would be right back. The computer booted to a login screen. It was asking for a password. The first thing that occurred to me is, "smart guy." The second thing that occurred to me is, "I wonder if I can guess it?" Both of us were in the Army at the time. I was in armor (M1A1 tanks) and he was in the mobile infantry (Bradley fighting vehicles). It was that easy to guess his password. Huh? I just told you his password. It was "bradley." My first guess let me log into his computer. I didn't even check to see if the password was blank, which is usually the first thing I would try. When he came back in the room he went into shock wondering how I had guessed the password. I then shared with him the information that I am about to share with you.
If you have any information on your computer that is valuable to you, you must follow some simple rules to, at the very least, provide a first line of defense against someone that may try to obtain that information. Do you leave your house or car unlocked? Sure, someone can still break in, but you lock them to make the task more difficult. If a thief tries to gain access to your car and it is locked, they may simply move to the next vehicle and see if it is unlocked. It is the first line of defense against anyone who would want to take things that belong to you. You could also install a car/house alarm (intrusion detection software), park in a garage (firewall), etc. You can always take it levels above the normal protection. Right now we are concerned with the simple first line of defense that most home users need to be aware of.
You think you don't need a password because the only people that use the computer are you and your family? You trust them. Well, what if someone breaks into your house and takes the computer? Regardless, if your computer is connected to the internet and it does not have a password, it is at greater risk than if it had a password. How concerned you should be about this depends on what information you have stored on your computer.
Passwords are important. Passwords that aren't as easy to guess as "bradley" are even more important.
So, what are the guidelines for passwords? Let me give you a list of guidelines for password formation and give a brief explanation for each one.
- Choose a password as long as possible with an 8 character minimum. Why? It has to do with mathematics. Everybody loves math, right? Each character you have beyond 8 characters will increase the security level many times over. A 16 character password is far more difficult than just twice as hard to crack as an 8 character password. 14 characters is considered to be optimal right now.
- Do not use dictionary words, even words from a foreign dictionary. This has to do with dictionary based attacks. A password cracking program can simply try every single word in a dictionary looking for a match.
- The password should not be something that can be related to you (kid's names, dog's name, license plate, etc.) Does "bradley" sound familiar?
- The password should be a random mixture of special characters (*,&,^,%,$, etc.), upper and lower case letters, and numbers. Not one or two of those suggestions; all of those suggestions. This is a complexity issue. By including variations of all these characters you are increasing the protection many times over. "*Br4dL3y!" is far more complex than "bradley".
- The password should be changed at regular intervals. If somebody is trying to use brute force attacks against your computer for any period of time and you suddenly change your password, you just set them back to square one. 90 days is a fairly common interval, but if you ever suspect someone may have discovered one of your passwords, change it immediately!
- When you change your password it should be COMPLETELY different than your previous password. If you consistently just change one letter, or one character, of a password, it is essentially the same as not changing it at all. You are still leaving a signature that is very similar to what was already there. If someone happens to stumble across an old password of yours, they now have a much greater chance of obtaining the new one.
Actually, there are some exceptions to not writing passwords down, but it is always the absolute best practice to keep them stored between your ears. Password management can become very difficult, depending on the amount of passwords you may have. You could keep the passwords in a safe. There are also programs which encrypt passwords and store them so only you, with the proper password (go figure), can gain access to them (I will provide a link to the program later).
Do the wife/husband or kids need access to the computer? Give the kids a separate account, preferably a restricted account so they can't install anything. Better yet, give them their own computer. Does a wife/husband need access? Well, that one is up to you. I tell my wife the password to my personal computer. There, you know now - I break this rule on my home computer. Actually, there are situations where it is acceptable. If a server has several administrators, they all may know the root or administrator password, but they should all have separate accounts to administer the computer. It is always best not to share a password with anyone, but there are some situations and trust relationships where it happens and it may be necessary. I will say this, however: at work, never give anyone your password. Ever! Don't even tell it to the technician responsible for working on your computer. If he is a good technician, he will have an account with administrator privileges on your computer. Home computers are slightly different, unless you have documents or anything from work on it. I think my wife would be offended if I did not tell her my home computer password, but I would never share a password that I use at work with her. It really is a common sense issue. I will let you decide what is best for your particular situation.
You should not be using the same password for everything. You do not want to use the same password for your online bank access, credit cards, bill payments, PayPal, eBay, etc. If someone was to obtain your password they could wreak havoc. Of course, there are exceptions to this also. It is acceptable to use a single password for non important things, like online newspapers. Nothing is really at risk here, so a less complex password can be used and possibly used for other low/no risk access areas.
So, if "*Br4dL3y!" looks difficult to remember, how should you choose a password? There are different methods for choosing passwords, but I have always liked the pass phrase. I will make up a phrase and then break it down into a password, usually using the first letter of every word to form it. Here's an example: "I really hate it when people do not have strong passwords". So, take the first letter of every word, including the quotes in this example, and we get: "Irhiwpdnhsp". You are simply turning the phrase into an acronym. So far so good, but it still does not include special characters and numbers. So, lets fix that: "!Rh1wPdnh$p". So, let's see if that password we made is secure. Go to Microsoft's password checker, type it in the box, and see what it says. Strong! Well, we have 13 characters in the password, so lets make it better (we're shooting for 14 characters). Add any other character to the end of it. I added a 3: "!Rh1wPdnh$p"3. Now it is considered a "best" possible password.
Think of a phrase. Use the first letters from the words to get an initial password formation. Manipulate the letters with uppercase letters, numbers, and special characters. Shoot for 14 characters for the best possible password. Again, this will depend on what you are trying to stop people from accessing. 8 characters and limited complexity is fine for the New York Times password. 8 characters and limited complexity is not fine for your online banking password.
Here is a link to the program that I promised: http://keepass.info/
It is called KeePass. It keeps your password lists encrypted. Please don't forget the password to KeePass. There is even an installer for KeePass that lets you run the program from a pen drive so that you can keep the program with you at all times.
Now I am going to present you with some bad news. Many people can do exactly what I am about to tell you if they have the know-how. If I have physical access to your computer (Windows 2000, Windows XP, or Windows Vista) I can bypass your local computer passwords and gain access to the computer in about 5 minutes. It doesn't matter how complex your password is. This is not me bragging, just making you aware that a strong password is only part of the equation for securing a computer and your data. This ease of access to a Windows computer has to do with the nature of how Windows stores passwords and how easy it is to modify the passwords using specialized programs. I CANNOT find out what your password is in 5 minutes, but I can blank the password or change it to allow myself access to the computer. Trying to find out what your password is could be an almost impossible task if you have a strong password, but clearing or changing the password on a computer running Windows is simple, but I have to have physical access to the computer to do it this quickly. The majority of knowledgeable geeks know how to do this and have been called on to do it at one time or another for users that forgot their passwords. Think of it this way: even if you lock the doors to your house or car, there is someone who knows how to bypass that first level of security. A knowledgeable thief, or a locksmith, would get through a locked door in no time.
Do not let the above information hinder you from smart password practices. Just because a thief may be able to open your car lock with ease does not mean that you stop locking the door. It means that you lock it and park the car in a well lit public area, park in your garage, install an alarm, etc. Most computers are kept inside buildings and behind locked doors, so that would require a locksmith and a geek to gain physical access to the computer.
When you need to compose a document you start up Office, or WordPad, or whatever program you prefer to use. When you are done composing your document you shut down the program you were using. When you shut down the program, you reclaim the RAM (memory) it was using, reduce the processor workload, and stop the hard drive from accessing any files related to it. You have added performance back to your computer to be used for other tasks.
What many people don't know is that your computer runs some programs all the time. These programs that run in the background are sometimes called "services" (depending on how they are launched), but they can be a real disservice if you don't need them running in the first place. Some are absolutely necessary services and others are optional. These services use up memory, they use processor power, and they can make occasional hard drive accesses. Some of them need to be running, like anti-virus software, but others do not need to be running. I will give you an example. If you install QuickTime, it will install a service called QTTask.exe. All this program does it provide an icon in the lower right screen of your computer (task tray). It is simply there for ease of use. The problem with this icon is that most people don't use the icon to start the program. It doesn't need to be there. Most people click a MOV file on a webpage and the program starts automatically. So, this is a non-essential service and it can be turned off.
Note: MSConfig is easy to use, but you must be careful what you turn off and which tabs you work with. While working in MSConfig, if you have a doubt about whether to turn something off or not, leave it on or do some research on it to see if it is safe to turn it off. I don't consider this an "advanced" skill to know, but you should feel comfortable about doing it. This site is meant to help you, not cause you stress.
To run MSConfig click on "Start" and then "Run". In the Run dialog box that appears, type in "msconfig" (no quotes) and hit enter. Along the top of the MSConfig program, there are several tabs. We are only going to be concerned with the ones labeled "Services" and "Startup". Don't mess with the other tabs. Click on the Services tab first.
First thing to do is to check "Hide All Microsoft Services". This will help ensure that we don't turn off something we need. We are simply going to be concerned with turning off the most obvious services that we do not need. If you notice in the screenshot above, I only have one service turned off here. That service is related to my video card (Nvidia). I don't need their little icon in my task tray to monitor my video card temperature, change screen resolution, etc. I decided to turn it off. The top 3 on the list are my anti-virus program so I certainly want those on. I could give you explanations of the others, but it would be wasted time. The NVIDIA service was the most obvious and I did not need it. The important thing to remember in the "Services" tab is to hide the Microsoft services, and if you have any doubts, leave the service on.
Next we are going to click the "Startup" tab. These are the programs that start immediately after Windows boots. Isn't that services too? Yes, it is. So, what is the difference? Well, the Services tab shows programs that are supposed to be running regardless of which user is logged in. The Startup tab shows the programs that will run for the user that is currently logged in. Both are services, but when they run is determined by how the program was installed or runs by default. Some programs allow you to install for all users or just the current user; this would determine if it shows up on the Startup tab of another user.
If you notice I only turned off one service (above), but I have several "Startup" tasks turned off (below).
This is where you may have to do some work. Each and every one of these programs needs to be evaluated as to whether it is safe to turn them off. Some are easy. The first program in the list is my anti-virus. Obviously, I want that running. Message.vbs is a script I run to remind me of things. QTTask is the QuickTime tray icon I don't want or need. But what in the world is "ALCMTR.EXE"? I had to Google that one. Well, it is related to my audio. Matter of fact, they said it is non-essential, but I should NOT turn it off. I did anyway. I'm crazy like that. I turned it off because I know if I have any audio problems - it is probably related to this and I can turn it back on. I have never had a problem. The point is, I saw this "ALCMTR.EXE" and thought, "huh?" I plugged the name into Google and I found out what it was. "Dumprep" is that program that runs when Windows crashes and asks if you want to submit an error report. "Cftmon" is part of the Office language bar (I actually turned it off during this write up). Even after working with computers for the past 25 years, I still have to look things up. I learn something new everyday.
Out of the 11 items in the Startup tab, I only left 3 running. About the only dangerous thing you can do in the "Startup" tab is turn off your anti-virus or anti-spyware software. If you do, just turn it back on. Most other programs do not need to be running, unless you want it running.
I suppose if I have to give any advice here it is this: if you are nervous about tinkering with things in MSConfig, just leave it alone. You will regain some resources (memory and processor power) by tweaking what services are running, but it isn't enough to make you say, "wow, it is like I have a new computer!"
After you select which programs you don't want running, you can click "OK". It will ask if you want to restart or not. I would suggest restarting immediately. The reboot will stop those unselected services and keep them from restarting. Also, you will get a message about the fact that you made changes after the first reboot. Just choose to not show the message again and click "OK".
Every once in awhile, depending on how much you use your computer, it is always a good idea to clean temporary files from the hard drive and defragment the drive so that the OS can read the files faster.
A disc cleanup should be done first. The reason for this is that it is kind of silly to defragment your drive and move files around that you plan on removing anyway. The cleanup process will remove temporary files from the computer and help to clear up some space. The amount of space it saves depends on many things: how long since the last disc cleanup, how much you use the computer and how you use the computer, and what you select to remove.
To start the disc cleanup click on "Start", "Programs", "Accessories", "System Tools", and finally "Disc Cleanup". The program will immediately start scanning your drive if you have only one hard drive, otherwise you must select the drive to scan. The scan process may be very quick, or it could take several minutes. Be patient if it takes a while, as this may be the first time you have ever ran it. Future scans should be much quicker. When it is done scanning and tells me what it found, I usually select everything except "Compress old files". If you are low on disc space, buy a new drive. Compressing files makes them slower to read and the amount of space saved is not worth the performance hit. Also, keep in mind that if you have Office installed and the setup files are listed, you may NOT want to remove them. If you do remove them, any updates you receive for Office may require you to put the Office CD in the drive. It really depends on your situation. I usually leave the Office files intact. Once you select the files you want deleted click on "OK". Depending on how much you are removing, the process could take a few seconds to several minutes.
Now that we have done a scan and cleaned up the drive a bit, let's do some spring cleaning before we defrag the drive. Open the Control Panel and click on "Add or Remove Programs". Yeah, we are going to look and see if you need everything. Ensure that you do not remove any Window's updates, but browse the list of installed software and evaluate if you really need it or not. Is there a program that you installed 6 months ago, but haven't used it since then? Remove it to clear up some drive space. Use your best judgment and remove anything you don't need or don't want.
Finally, let's defrag the drive. The "Disc Defragmenter" option is located in the same place as the "Disc Cleaner". Launch it and choose to defragment the drive. Analyzing just tells you if you need to defrag the drive. There is no need to analyze it if you have never done this before and just removed some programs.
What does the defrag do? It takes the data that is located on your hard drive and lines it up closely together so that it is faster to retrieve the data in the future. If data is scattered all over the drive it is more time consuming for the hard drive's read/write heads to find the data. If the data is lined up nicely (contiguous) it is much easier and faster to retrieve.
How often you should do the cleanup and defrag really depends on you and how you use your computer. If you just browse the web and check email, you may only need to do it every month or so. Maybe longer. If you are constantly installing and uninstalling programs, playing games all the time, etc. you may need to do it weekly. Run an analysis every few days and see what it tells you. The analysis doesn't take very long and it will give you an idea of whether you need to defrag or not.
If you are running Windows Vista you already have anti-spyware software. Make sure you keep it up to date. For everyone else, here is a listing of several free anti-spyware programs that you can use for free.
There are several more available, but these are the most common ones. Usually one of these programs is sufficient, but I have seen instances where one program may miss something and another will pick it up. Unless your computer is severely infected with spyware, one program should be good enough to initially clean your computer and keep it clean in the future.
The key to these programs, as with anti-virus software and your operating system, is to keep it up to date. All of them can be set to automatically update. Ensure that you configure them to do so if they are not already. They can also be set to automatically scan your computer at a time of your choosing. I usually do it manually, because I hate programs running while I am trying to do something else. The choice is yours. Poke around the program and become familiar with its options. Configure it to best suit your needs.
Once you download and install the program of your choosing, the first thing you want to do is start the program and have it check for updates. This ensures that you will be scanning your computer with the latest detection methods available. After the update, make sure you configure it to update automatically in the future (as stated above). Now, it is time to scan your hard drive. The procedure is slightly different between the various programs but they usually have a "scan and clean" or "check for problems" button somewhere to start the process. The process could take some time, depending on how large your drive is, how many programs you have installed, how much data you have, and the speed of your computer. When the scan is done it should give you a display of what nasty things it found on your computer. Choose to remove, or delete, everything that it found. Reboot your computer and scan it again to ensure that nothing reactivated itself (some spyware is like cancer).
If your spyware program keeps detecting the same problem over and over after reboots, the situation can get tricky. The best bet in this scenario is to Google (or whatever search engine you prefer) the culprit program that keeps showing up and do some reading about its removal. Some spyware can be an absolute headache, even for people with numerous years of advanced computer experience - I have pulled my hair out before. At times I have been forced to reinstall everything just to get a dastardly program off the computer. I think the anti-spyware programs have advanced enough now that this is no longer necessary.
Let me give you my final thoughts. The ideal situation is prevention, not removal. If you have spyware on your computer, you may have installed a bad program, gone to a bad webpage and quickly clicked on "okay" to install something you shouldn't have, or you may have just been unlucky. As your experience builds, you will get better at discerning whether you need something installed or not or whether you should trust a certain website. I can honestly say that I can spot a suspicious website from a mile away and have the ability to know if a program is suspect or not. The reason I can do this is because I have made so many mistakes in the past and I have learned from them. Experience is the best teacher.
Get a spyware removal program. Check your computer. Remove the bad stuff. Keep the program updated and check your system every once in awhile to ensure you are okay.
You never know when you may have a hardware failure, such as a hard drive crash, or some other situation that would cause you to lose the ability to retrieve the data from your computer. If that was to ever happen and it was a hard crash, meaning the hard drive read heads actually hit the drive platters, it could be very expensive to get data recovered from the drive. Also, there is no guarantee that data could be fully retrieved, because if the heads hit the platters some data may be unrecoverable. This is one of those "worst case" scenarios, but it is meant to scare you. It does happen from time to time. Mechanical and electronic devices fail all the time. If your data is important, you will want to ensure it is safe.
I have had to help people with data loss many times in the past. Sometimes I can connect the drive to another computer and retrieve the data, sometimes they are simply out of luck. I tell them they can send the drive away for recovery at this point, but I also explain it could cost hundreds, possibly thousands of dollars. I have never had anyone send a drive away. They simply took the loss of data with a heavy heart. I am always delighted when I tell them their computer is kaput and they respond with, "it's okay, I have it backed up."
The easiest and cheapest method of doing backups is to burn the data you want to keep to a CD or DVD. There is no specific rule-of-thumb for how often you should do backups. It depends on a number of factors: how often does the data change, how important is the data to you, and how easy do you want the recovery process to be should you lose everything?
For those with large amounts of data on their home computers, external drives are incredible. However, one problem with external drives is that people will save their data to those drives and not have a copy on the source computer. Then if the external drive fails, you are in the same predicament. It is always a good idea to keep your data in two places or more. If we really want to get technical, and the data is important to you, the backups should not even be stored in the same physical location. Let me give you an example: you are a photographer and make regular backups of your work onto DVD. You store the backup DVD's in a case on your computer desk. Your house burns down. Now you have lost the backup data and the original data. Does that sound extreme? We never expect it to happen to us, but houses do burn down. So, to be really safe it is best to keep backups in a separate physical location. A safe deposit box is always a good idea, but it can add extra cost and inconvenience. If the data is extremely valuable, this may be a viable option. If you don't want to spend extra money, you can always keep backups in a locked desk drawer at work or at a family member's or friend's house (if you aren't worried about privacy of the data). I'm not accusing anyone's friends or family of being dishonest, it is just something you will have to keep in mind.
Other options are tape backup systems that can automate the process of backups, storing data online through various sources, or using Microsoft's built in backup software. I don't use Microsoft's program because I like to be able to easily browse my backup data on my DVD's, but it does allow you to automate the process, which is nice. It all depends on you and what you think is best for your situation. I have found that most home users can easily store their data on CD's or DVD's. Most, but not all, home users do not have the amount of data necessary to purchase backup systems, such as a tape device.
Personally, I use DVD's and keep a copy at work. The only data that I am concerned with is financial information, personal information, email, and all of those pictures of my family, vacations, etc. I can usually get everything on one DVD.
Another thing to consider is how you keep your data organized on your computer. This has an impact on your backups in terms of efficiency. I always tell people I work for to consolidate all of their data in one location. Ever heard of "My Documents"? What a perfect place to keep your documents! If you keep everything in one place on your computer it helps in two ways:
- When you do a backup, you simply copy everything from within a single folder. You don't have to go searching for data that may be scattered all over your hard drive and possibly miss something. This means keeping EVERYTHING there: your email, bookmarks, pictures, financial information, etc. all in the "My Documents" folder. Another folder is fine, just ensure it is all located in the same place.
- If your computer does crash and you need to recover the data from the drive, again, you only have to look in one place. If a drive is failing and someone has to get data off of the drive, the quicker they can do it, the better.
A reliable anti-virus program is essential. Usually when you buy a new computer it will have a pre-installed anti-virus program, usually a product from McAfee or Symantec. While these products do what they are supposed to do, they usually expire after a period of 90 days; meaning you can no longer get updates for the program. An anti-virus program that is out of date only provides security against old viruses and worms. It is important that you keep the anti-virus software up to date so that it can catch the latest threats. You could pay their fee and keep using their program, but why would you do that if you can get anti-virus software for free? Also, the solutions from McAfee and Symantec are usually bundled with several other pieces of software such as: software update notifiers, anti-spyware packages, firewalls, etc. While these are nice, to some extent, they hog up resources on your computer and can actually have an impact on the performance of the computer. Basically, I am saying that these packages are bloated and you can find better solutions with a smaller impact on computer performance.
My recommendation is to uninstall the entire security packages associated with these products and install a free solution that will never cost you for updates. Before installing a new anti-virus program, ensure that you uninstall the old program first. If you don't, it could possibly have some strange consequences, possibly locking up your computer or making it run very slow. I've done it before; it caused the computer to slow down significantly. Oops! If you happen to do this accidentally, uninstall the old anti-virus program immediately. Remember, only uninstall your anti-virus software immediately before installing the new version. You don't want your computer to be left unprotected for long periods of time.
There are numerous free anti-virus programs. I use AVG for Windows but that is just my personal choice. I don't necessarily think it is any better than the others, it is just what I am accustomed to using.
Here are two links to free anti-virus solutions.
There are more than just these two, but these are very popular, very effective, and the products have been around for quite some time.
Why is it important to have anti-virus software? If you don't, there is a possibility of losing files permanently, it could damage the operating system to such an extent that it is no longer usable (in which case you would possibly have to reinstall everything including the OS), it could possibly spread the destruction to other unprotected computers on the internet, or it may even cause your computer (which would now be a zombie computer) to be used in a collaborative attack on other computers. Some of those may sound unreal, but it happens.
Many times when working on someone's computer the first thing I have to do is update the OS. I then set the OS to update automatically and kindly lecture them about the risks involved with an OS that is not patched (virus, worms, etc.) Most people don't comprehend the importance of this until they receive an explanation. They just want to turn the computer on, browse the web, play a game, use Office, check email, and then shut it back down. That is completely understandable, but the computer needs little bits of maintenance every now and then to ensure it keeps operating the way you like it and to ensure it is safe from the latest exploits.
To do the updates manually: click on "Start" and choose "Windows Update" at the top of the start menu. On the web page that opens just choose the "Express" option and it will check your computer for the high-priority updates that it may need. When it finishes checking it will display a list of the updates and then you can choose to install them. The amount of time it will take to download the updates and install them will depend on: how many updates you need, the speed of your internet connection, and the speed of your computer. Once the process is complete it is always a good idea to reboot your computer to ensure that the updates are fully installed and then check the Windows update site again. If you need further updates, follow the procedures again. If you want to do your updates manually, it is a good idea to check every couple days.
To have the OS check for updates automatically: in the Control Panel is an option for Automatic Updates. Double-click the applet and set the computer to update automatically for whatever time you would like. I usually set my OS to check for updates and install automatically when I know I will be on the computer, usually in the early evening.
If you also have Microsoft Office installed on your computer you can keep this up to date at the same time as the OS, but you have to install "Microsoft Update". This will allow your OS to check for Windows, Office and other Microsoft application updates all at the same time.