Why Not Rocket Science

I’m still fairly new to the whole blogging thing, and one of the things I’ve read since I started this was that the blog title should be simple and relevant to the content.

This blog is all about making computer security simple and accessible to non-technical computer users. But it just occurred to me that it may seem like I’m saying that computer security is a simple area. That’s not the case at all. In fact there are layers and layers of complexity and specific areas of expertise within the overall “computer security” field.

The idea that you will make your computer or your network completely secure is nothing more than a pipedream. Sadly, there’s no such thing as Total Computer Security. What you can do though is implement security measures that provide an optimal level of protection. This idea of “Optimal Security” is discussed in more detail on my secureyourbusinessnow.com site, (see the blogroll), but basically it means looking at what you are trying to protect, the threats you are trying to protect from, and then deciding on the best security solutions for your needs.

So the optimal security level will vary from one company or even 1 PC to the next. If you have a PC used for your accounts, payroll, client details, etc, it is more critical than a PC used for web-browsing. That doesn’t mean you don’t implement security in some cases. There is a base level of security that should always be in place on any PC, (and unfortunately often isn’t!!!).

What it means though is that you don’t need to be a technical guru to protect your computers to a level where they are relatively safe from attack. In economic terms, you reach the point of diminishing marginal returns, where spending more money, time or effort will not give you sufficient return to make it worthwhile. It’s up to you to decide where that point is, and you do that by understanding your needs, the threats, and the solutions.

All of which doesn’t have to be that difficult, once you remove the hype and jargon, and focus more on SECURITY and less on COMPUTER.

Clear as mud??? Let me know

Recovering Deleted Files – The Outcome

Well, I went to my client site today armed with a couple of software tools to try to recover the deleted folders and files. Unfortunately, I was unable to get them back.

There are a couple of reasons for this, (and lessons to be learned for next time this type of thing happens).  

Firstly, some of the files had been recovered from the tape backup. This was great to have but restoring the files to the same drive that they had been deleted from considerably reduced the likelihood of recovering the ones that the backup hadn’t got.

Secondly, the server had been rebooted before the recovery tools were run. Again, this goes against recommended practice. The process of shutting down and restarting the computer will write files to disk and increase the likelihood of the “deleted” files being overwritten.

And thirdly, it’s much easier to recover files from a proper backup than trying to use these tools to “undelete” them.

It is possible that the files and folders are still recoverable, but I think at this stage it would take an awful lot of time, effort and of course money to do it, so it’s probably not worth it. However, as I’ve said before, this is not my area of expertise so if anyone knows of a cheap and easy way to get them back I’d love to hear it.

Recovering deleted files that were Not backed up

I mentioned last week about how important backups are, because I have a client who has lost almost 3 years work when someone decided to do a “tidy-up” job on the server.

Well, unfortunately for my client, they hadn’t got all their data backed up. I ran a restore job and recovered a lot of the missing data, but they are still missing some important files and folders.

Tomorrow I’m heading in with some data recover tools to see if we can “un-delete” these files, but I’ve never used these products before. My message to the client was that this is a long shot but we’ll give it a go and see how we get on.

Tune in tomorrow to see how we get on. Same Bat-time. Same Bat-channel.

BTW the two products I’m trying are File Scavenger 3.1 and Stellar Phoenix (FAT & NTFS) 2.1

How To Battle Spam

I just checked my spam filtering service, and according to their website, 70% of emails passing through their scanners is identified as spam, with a further 3% flagged as viruses. MessageLabs, a leading player in this field has the number slightly lower at around 55% & 0.5% respectively.

Other industry sources, (probably with a vested interest), often report spam figures up around 90%, but even at the most conservative, it’s reasonable to say that at least 1 in every 2 emails sent is spam.

For some people, (the lucky few), this never becomes a problem, but for the rest of us it can be a real pain. So what can you do about it. Well, the easist way to combat spam is to avoid it in the first place. You can do this by being careful with your email address. Don’t put it on forms, (written or online), don’t share on the internet, don;t give it to people unless you know them very well, etc.

Great advice but not always practical. So what else can you do? Here’s 4 simple steps that can help reduce the problem.

1. Do NOT un-subscribe from an email you receive. It just lets the spammer know you exist so you will be inundated with mails

2. If you do have to fill in your email address online, check out the privacy statement on the website.

3. Read the small print before you tick (or leave blank) the box. Some of these forms are very sneaky. Like when they have two paragraphs with tick boxes. Paragraph 1 says ticking the box means you agree to receive mails etc, and paragraqph 2 says ticking the box means I do not want to receive mails. Unless you take the time to read properly you will be added to the list.

4. Implement a spam filter. It can be either a local one, (on your PC or server), or an external one, catching mails before they hit your network, or both. There are pros and cons to both options but at least use something. You will need to monitor it, particularly in the early days, but once it’s been running for a while the amount of monitoring required decreases.

Spam is becoming more and more of an issue for computer users, but there are answers out there. Don’t sit and moan, do something about it.

No 1 most critical tool for protecting your computer?

Maybe I’m biased here because I just got a panic call from someone who’s lost a whole load of critical information, but…surely the most important security tool is not anti-virus software, or firewalls, or anti-spyware. It’s got to be backups.

There are any number of threats out there, and any number of technologies available to protect you from them, but at the end of the day, the warm cozy feeling of knowing that no matter what happens, all your critical data is nicely secured offsite is priceless.

That’s not to say you don’t need all the other stuff. Anyone who doesn’t have proper virus protection and a decent firewall in place nowadays is just crazy. But even with all these measures in place, bad stuff can still happen. Properly implemented and properly executed backups are the magic wand that will save the day and leave you looking like a hero. (The downside is that poorly implemented backups, that have missed out on some key information, or that haven’t been checked,  could cost you your job, so make sure you get it right.)

Gorbachev Pleads For Microsoft Mercy

I never expected this blog to spend so much time talking about teachers, but following on from last weeks story about the conviction of a teacher in Connecticut after what appears to be nothing more than spyware, it looks like Russian teachers are not safe from the law either.

Apparently Alexander Ponosov, a headmaster in a remote village in the Urals, is facing up to five years in a Siberian prison and a fine of 266,000 rubles ($11,580) for copyright infringement. It seems that Mr Ponosov, purchased a computer containing pirated software for use in the school. It was unclear from the reports I read of the incident whether it was the operating system that was illegal or whether  there was other software installed on the PC.

The latest intervention has come from the former Soviet leader and Nobel Prize Winner Mr Gorbachev, who has appealed to Bill Gates to withdraw the complaint aginst Mr Posonov. Gates response appears to have been that this was not a Microsoft issue, it is a Russian prosecutor issue. Given that the current Russion premier Vladimir Putin has also criticized Microsoft on this it will be interesting to see what happens next.

Like I said before, who’d be a teacher.

PS. To read more about the Connecticut spyware case check out :

(http://simplecomputersecurity.wordpress.com/2007/01/25/spyware-as-serious-as-it-gets/)

How Viruses Spread

Nurech.A is a worm that is currently being spread through a mass-mailer. This is not a new virus but it does look like this is a new outbreak of it.

The virus is sent out through a mass-mailer to as many email addresses as possible, with subject titles designed to encourage recipients to open them, (in spite of the fact that they know they shouldn’t).

So the current outbreak has titles like “Together You and I”, “Everyone Needs Someone”, or “CyberLove”, and has a female name in the sender field. Of course with Valentines Day on the way this email is more likely to be opened.

It’s interesting to note how often viruses are being circulated at the moment using events such as this, (or current news items), to try to entice readers to open them.

Brewing up a STORM

I wrote recently about the storm worm that was doing the rounds. According to recent reports it has now infected 1.6 million PC’s, making it one of the most widespread infections experienced to date.

The main victims so far have been home users, and that trend is likely to continue as corporate spam-filters, virus protection and firewall solutions continue to ensure most businesses are safe.

In truth there’s no excuse for people getting infected with this as the technology is well able to deal with it. The real danger is those pople who haven’t implemented or maintained the proper security solutions and practices. Sadly, there are plenty of those type of potential victims out there, so we probably haven’t seen the last of this storm.

Impact of Cybercrime on business

Results have just been published of a survey of businesses in Ireland, asking about internet crime. I haven’t seen the results first hand, (they’re only being fully released tomorrow), but according to the media reports they show some interesting results…

98% said they had been the victim of some form of Internet fraud
20% said this had cost them more than €100,000
40% say that employees have experienced harassment of some form on-line.
90% have been affected by viruses
66% have had hardware or software stolen.
40% of the companies have either fired an employee or had one resign following an incident of cybercrime.
25% of the companies have contacted the police, with half of those cases resulted in a prosecution being brought.
50% of companies reported that employees had been the victimes of phising attacks.

I would have thought more that half would have experienced phishing attacks, but then maybe the other 50% just didn’t report or recognise them. And interesting that only 25% have contacted the police about these crimes. 

For many businesses, (particularly SME’s), there’s still a huge gaping hole in their understanding of comptuer security, and the impact it can have on their bottom line. I think many business owners still adopt the ostrich approach, “If I keep the head down and ignore the problem it will go away”.

Well, guess what guys. It ain’t going nowhere. If you want to learn more about securing your business check out http://www.secureyourbusinessnow.com/

Anti-Virus Software V Internet Security Products

There’s a big debate going on in the computer security world at the moment about whether you are better off running different software vendor’s products for different security functions.

For example, should I use F-Secure anti-virus and Zone-Alarm firewall, or should I select a single product from F-Secure or Zone-Alarm that will do the whole lot.

The advantage of a single-vendor is that you can be sure that different products will not conflict with each other. For example, either of the two companies I referred to above operate Internet Security products that include virus protection, spyware protection, firewalls, etc. You would have no guarantees that one companies AV product will run smoothly alongside another’s Anti-Spyware program.

On the other hand, if you put all your eggs in one basket, you are at risk too, particularly as malware writers have been known to target specific security vendors.

I don’t think there is an easy answer to this. I use a mix of products I know well and trust, but many people don’t have the space and time to spend looking at different options. On that basis, I would recommend going for the Internet Security package, rather than a combination. Both F-Secure and Zone-Alarm are excellent products, though there are other good ones out there.

For info on the best security products check out the link below. Some of these are free and some are not but they are all good products that should do a decent job for you. http://simplecomputersecurity.wordpress.com/2007/01/22/best-free-stuff/