- 3 Different copies of your data! 1 on your workstation, 1 somewhere else on the internet, 1 stored on a long-term storage located ideally miles away from the primary copy so a single catastrophic even doesn’t wipe out both copies.
- 2 Different forms of Media! I’ve known people that thought they had a backup because they had 2 copies of their data but the second copy was on a different partition of the same hard drive, if the hard drive dies both copies are gone forever. It is best to have backups on at least 2 different forms of media so it is less likely both copies will fail simultaneously. Remember hardware WILL fail, it’s just a matter of WHEN, sometimes you get lucky and go 10 or more years without a hardware failure but that is just plain luck! Sometimes you are a year in on a new laptop and the hard drive goes bad, the manufacturer will replace the hardware under warrantee but they won’t do anything to help you recover your data.
- 1 Copy stored offsite! To protect you from theft, fire, earthquake, flood it is best to have a copy of your data residing in a different physical location than the primary copy. If you have 2 copies of your data but they both reside on your desk and your house burns down in an electrical fire both copies of your data are now gone. You can always get new hardware but once data is lost it is gone forever and many times impossible to re-create.
KEEPING SOFTWARE UP-TO-DATE
(Unless it is a new release)
PASSWORD MANAGEMENT
- If 2 step verification is an option use it! Yes, I know it’s a hassle and slows you down having to perform that extra step but it is also putting a nice layer in between a hacker and your data. Many services such as email and banking sites now offer a second step to verify your identity such as sending a text to your cell phone and you putting in the code that was sent in addition to your password if you log in from an unfamiliar computer/browser. If two step verification is enabled the hackers can’t access your account with brute force cracking of your password if they don’t also have access to your cell phone or other second step option.
- This is a great site to check the strength of the password you are choosing and to get educated on password choice strategies: https://www.grc.com/haystack.htm
- Use a password manager or even a little black book because human brains aren’t capable of remembering secure passwords. Using the same or similar variations of passwords across multiple sites is how most people are able to remember passwords but doing so is not secure. If one site gets breached and that password is stolen it makes it easy for the hackers to get to other sites and guess your password. Changing passwords after a known breach of a service you use is also a good idea but if you always use randomly generated passwords or passwords that are very dissimilar from site to site that is the best security.
INFO ON SCAMS
- Telephone Scammers have become increasingly aggressive – don’t fall for their ploys! – Telephone scammers are now calling landlines and cell phones claiming to be Microsoft, Apple, your Bank, etc. If you ever get a call from someone out of the blue ask for their information and then tell them you will call back, check the phone number they gave you against the one you already have in your records, call the number you already have on file to check if the agent really works for that organization before giving anyone information over the phone and remember the IRS, Microsoft, Apple and many other organizations will never call customers without them calling the organization first.
- Telephone scammers have figured out a new trick, instead of them calling you they run ads on legitimate webpages that pop up with scary error messages they hope will trick you into calling them first. – Don’t fall for that either! They are the same scammers in item number one above just tricking you into calling them first. Usually just closing your browser and reopening it will get the scary message to go away. If it doesn’t call someone you know in real life that you can trust to look at the problem – if you let the scammers remote into your computer they can steal your data or just steal your money claiming they are fixing things when at the beginning they were the ones that caused the problem! Another layer of defense is to run an Ad blocker to block these and other kinds of annoying ads, your antivirus can’t block ads.
- Remember the good old adage, “If it sounds too good to be true it probably is!” – don’t click on email links or Facebook ads that claim you will get the latest $500 device or a $500 gift card to a big box store for $50, usually it’s just a ploy to steal your personal information.
- Watch out for adware or other downloads piggy backing on legitimate programs you are installing. Many software companies have revenue sharing agreements where they have an auto-checked box authorizing the simultaneous download/install of another program you may not want slowing down your computer. Read carefully all download instructions looking especially for checked boxes you probably want to uncheck before clicking ‘continue’.
- Phishing scams as they are called use social engineering to trick you into installing illegitimate software or giving away your personal information. Don’t click on one line links in email even from people you know, don’t click on attachments you weren’t expecting either. Phishing emails or phone calls often use images of legitimate companies you may have a relationship with to trick you into giving them your personal information or by offering a ‘free’ download or a new version of something you know and love. The only trouble is the new software either doesn’t exist or is a knockoff working with the scammers to infect your computer with spyware. Never download software from an email link and never give away personal information by replying to email especially for banks and similar services. If in doubt call the company or go to their website to see if the new offer is legit. Go to the manufacturers website on your own by typing the address into your browser or using a previously bookmarked page to make sure you are accessing a legitimate download site, if doing a web search for the company scroll down till you get past the paid ads and make sure you find the one that say it is the “Official Site” of the company that you are searching. Also, look at where the email came from, if it’s a scam the address will not be from the company you were expecting, here is one I received 3/24/12: Dear valued customer, Adobe is pleased to announce new version upgrades for Adobe Acrobat Reader http://www.2012-adobe-software-download.comNew Version Features – Open virtually any PDF document – Edit PDF files like they are Word docs – Convert PDFs to and from Office files – Create completely original, unique PDFs – Print PDF files with a single mouse click – Save time by creating PDFs quicker – Design professionally crafted documents HOW I KNOW IT’S A SCAM: 1) It comes from a non-adobe address: [email protected] 2) The download site isn’t adobe.com 3) it claims to let you edit PDFs with just adobe reader and free! Adobe sells their Acrobat suite for a pretty penny so I don’t think they are going to start giving away that functionality. 4) when you follow the link it clearly says they have no affiliation with Acrobat. 5) I was suspicious of this email because Adobe’s Acrobat Reader download doesn’t require you to enter an email address so I knew there was no way Adobe was sending this to me since I’ve never given them my address. 6) When I looked up the software on Adobe’s site they had a security message confirm the above email is a phishing scam. I’ll end with a favorite saying “Just because you are paranoid doesn’t mean they are not out to get you”, it doesn’t hurt to have a healthy level of skepticism when on the internet.
