For Your Eyes Only!

Do you have any data on your computer that is private? Any social security numbers? Tax returns? Medical histories? Customer accounts? Credit Card numbers? Sales pitches? New product details?

Anything sensitive? Anything that could risk your identity if compromised? Anything that could cost your business or your customers if compromised.

That's a pretty wide swath of data, and chances are good that yes, there is some "classified" data on your PC.

Does it need to be protected? That's a good question. For laptop users the answer is easy: Yes. Your machine is light and portable and is frequently out and about, and could be picked up and carried off without much trouble. Then someone else has all your data. Whether or not you use a login ID and password is meaningless. That is not data protection. Neither are the password options in MS Office to "protect" files.

What if you use a desktop computer that you don't take on the subway with you? I suppose it depends on personal comfort levels, how many other people can physically access that computer, who those people are, if the computer is on a network/the Internet, etc. There are a lot of considerations, but I lean towards Yes in all cases. Better safe than sorry, and all that.

So how can you protect your sensitive data?

Encryption. It's easy and free.

En-what?

Encryption. It takes the contents of your files and jumbles them up using complicated mathematical algorithms. The best kind of encryption requires complex keys in addition to passwords to provide nearly unbeatable protection. I say "nearly unbeatable" because I don't know what kind of power the Gov't has these days, but for "normal" folk it would take a hundred years to break good encryption using the best computing equipment commercially available.

So how can you do it? There are options available. You can encrypt files, containers of files, or the entire hard disk.

For those laptop folks, I suggest encrypting the entire hard disk. This way if your laptop "walks off," it takes more than just putting the disk in another machine to read it. Your machine can only be useful if the disk is formatted and the existing data erased. It doesn't make your machine less prone to theft, but it does protect the data.

If you don't want or don't think you need to encrypt the entire hard drive, you can encrypt individual files, or create "containers" on the disk, the contents of which are encrypted. I prefer the container because all I need to remember is the one password to open the container, and not one password for each file.

My top two for encryption are Cypherix LE, and Truecrypt.

With Cypherix, you create a "vault" on the drive or USB memory stick, etc. This vault is mounted like a disk drive and you now have on the fly drag-and-drop encryption. Just take that file, drag it to your vault, and drop it in there. As soon as you unload the vault, it is as good as gone. Cypherix also allows you to create encrypted emails in a simple manner. Basically an encrypted self-extracting file is created and attached to the email. No one can read the contents without the password. There is a 25Mb size restriction on your vault, so if you have a lot of data, you may need to make multiple vaults on your media.

Truecrypt is a much more complex, much more comprehensive product. It offers the same container-style operation of cypherix, but will also do complete hard disk encryption, hidden volumes, and even hidden operating systems. Just reading the documentation is fascinating...ok, maybe just for nerdy types. If you are a laptop user or desire an offering with more options, Truecrypt may be the one to look at.

And lastly...do not go through the trouble of encrypting your data and then write the password down somewhere. That defeats the whole purpose. As a computer professional for 18 years, when I arrive to support a user and I hit a password challenge and the user is not there, the first thing I do is look under the keyboard. Then I read the sticky-notes on the monitor, then the ones on the vertical surfaces of the desk. I find a lot of passwords that way.

As always, feel free to leave comments and questions, or contact me at scott at schreibnet dot com for advice and/or help with encryption and any other issues.

Thinking About a New PC?

Hold Off!

The little IT Birdies are chirping. The scuttlebut is that starting on or around June 1, if you buy a new PC with Windows Vista, you will be entitled to a free upgrade to Windows 7. This will be in effect until January 31, 2010, according to rumor.


So if you can, hold off until this announcement is made official. You'll get free "Upgrade Assurance."

Schreibnet Technology LLC Provides Continuity Solution

Schreibnet Technology LLC has provided a custom programming solution to Christ Lutheran Church in Cleveland to assure the church's administration of data continuity in case of disaster.

The church uses a common membership management program that is feature rich in many areas, but the data backup function is quite plain. You are only allowed to backup the database to the root directory on locally attached devices. Leaving the default choice of C:\ as the backup destination is problematic, as we've discussed in a prior post. If something were to happen to that drive, the data and the backup would be lost. If something were to happen to the office, the data and the backup would be lost. There's not a lot of options for the church secretary to ensure the data is safe, and frankly, the secretary shouldn't have to worry about these things.

Enter Schreibnet Technology LLC. We wrote a small program that creates a backup of the church's membership database files and sends them off site via the Internet for safe keeping. Now there is a complete backup and data retention structure in place. Weekly backups are retained for a month, the end-of-month backup is retained for a year, and an annual backup will be retained for three years at Schreibnet's climate-controlled data center.

Schreibnet Technology LLC is a company that provides hardware and software installation, troubleshooting, custom software solutions, and many other IT services for home users and small businesses/organizations with IT needs. We can serve you in person in Northeast Ohio, or remotely via the Internet. Contact us via email to scott at schreibnet dot com.

Windows 7 Flavors Announced

When XP came out, Microsoft began offering different "flavors" of the OS. There are Home, Professional, and Media Center editions. When Vista came out, this was made more complex and confusing to the end user. You have Home Basic, Home Premium, Business, and Ultimate. You couldn't just upgrade from Home Basic to Business either. It required a complete re-install.

My question is "When I buy Vista, can't I just have Vista? Why is it possible for me to buy functionally limited software?"

Well...my question doesn't get an answer, but the choices are slimmed down into categories and a structure that make more sense. When Windows 7 hits the shelves you will be able to select from Home Premium, Professional, and Ultimate/Enterprise editions.

The editions are incremental. Home is Windows 7 with the new interface, media center, etc. Windows 7 Professional is everything that Home Premium is plus advanced abilities like joining a domain and some other stuff handy for business. Ultimate/Enterprise edition is everything that Pro is plus all the language packs, bitlocker drive encryption, and you can boot it from a Virtual Hard Disk file. High-end stuff.

The upgrade process from one edition to the next is vastly simplified: Buy the key, enter it, and the new features are unlocked.

So there's another optimistic bit of info as we look forward to the end of XP and the rise of '7.' My beta machine is still humming right along. I'm using it to develop a web application, and it's still performing very well.

Thanks for reading. Next topic is going to be encryption!

Backups

Backups. You know you should do them. But for some reason, a lot of people don't.

Think about your home PC. Think about all those pictures, tax documents, works of prose, customized settings, and all the stuff you have put on it. How much time would it take to get back all of your photographs? Impossible, right? What about that 2005 tax return when Uncle Sam is asking for "clarification?"

Now, if you are a business owner, your data has actual cash value. How long can you do business without the data on your system(s)? What would happen if you suddenly lost all your customer data?

The point is that there are many reasons to perform regular backups and no reason not to.

Backups are not hard to do, they no longer require sophisticated and expensive hardware, and they are good insurance. I'm going to discuss a couple different methods for accomplishing this very important task in the world of computers.

Going back to Genesis
In the beginning your disk was formless and void, and some nice person formatted it and put useful software on it.

Most importantly, for all computer users, is to retain your source CD's. Most new PC's have shipped with a "System Restore" CD for the last several years. This CD contains the operating system and all other software that was installed on your PC when you ordered it from the factory. There may be other accompanying disks such as driver disks, application CD's, etc. If you have a drawer or box where you keep all your computer disks, do not keep these disks in that box!

Keep these source CD's separate from the disks you paw through every day. Keep them in their original cases or sleeves, and put them away for a rainy day. If you have a safe with your important papers, put them in there. The point being that you want to avoid handling, scratching, and/or losing them altogether. These are going to be a vital part of your parachute, so keep them safe.

Home Backups
Now, for the home user, backing up your PC can seem daunting. It brings to mind images of expensive tape drives and specialized software. I'm here to tell you the good news; those days are past.

Windows XP, Vista, and 7 all include a backup utility. In XP, it's in Start, All Programs, Accessories, System Tools. The backup program starts in a Wizard mode and will walk you through the process. You can choose to have it back up your documents and settings, every users documents and settings, all information on the computer, and there is a "let me choose" option for us high-controllers out there.

If you have your source disks that came with the machine and any software you purchased and installed, then all you need to back up is your documents and settings (and those of other users if it's a shared machine with multiple user IDs). As long as you have kept your important files inside the hierarchy of "My Documents" and/or your desktop, this form of backup will get those files and back them up. If you've taken to saving your files in special folders you created like C:\Letters, C:\Finances, then you are going to need to choose the "Let me choose" option and select those folders individually.

Next you will have to tell the utility where to save your backup and what to call it. Backups should be stored on external hard drives or CD's/DVD's. Imagine a disk crash event and the feeling you get the moment you realize that your backup file was on the disk that just started smoking and threw that shower of sparks.

Ungood.

Using removable media allows you first of all, to have your data in a separate place from where the fault occurs that causes you to need it. It also allows for an easy "grab-n-go" in the event of some kind of disaster that requires you to evacuate.

I recommend a USB 2.0 external hard drive that is at least as big as your internal disk. Data transfer is fast, you won't run out of space, there's no messing with swapping out optical media every time it gets full, and you can unplug it when the backup is complete and store it with your source disks and important papers.

If you have followed this advice and find yourself needing to recreate your computer, all you have to do is boot from your "System Restore" disks and let them put all the programs and the operating system back on the new drive. Next, start the backup utility and select "restore files" and put all your documents back, and voila, good as new (and probably running faster!).

Vista (and Windows 7) users click The button previously known as Start, All Programs, Maintenance, Backup and Restore. Once it starts, click "Change Settings" to begin. This version of the utility is a little nicer. It allows scheduling a regularly recurring backup, and also has options for a system recovery disk and a disk image backup.

Speaking of images...
Disk images are the next step in data protection. Where a regular file backup requires you to install the operating system and software (and backup program if you made your backup with a third-party product) before you restore your files, a disk image creates a snapshot of the entire disk in its current condition. Basically an exact duplicate of the drive, in a file. Sure, it's a BIG file...but if you have a disk as big as, or bigger than your internal drive, it's not a problem.

Programs that create image backups often have an option to create a system recovery disk, like the above mentioned Vista/7 version of Microsoft's backup utility. The recovery disk allows you to boot from it and restore your image directly to a blank disk. Eject the CD and restart the computer and you wouldn't know the difference.

The trade-off between an image backup and a file backup is speed. Obviously the image takes considerably longer. In exchange for that headache, you get convenience of a one-stop deal. If you can schedule the backup to occur overnights, the image may be the way to go.

One important note on Imaging. A disk image can not be restored onto a hard disk in a computer with different hardware. It will only work on the same machine it was taken from because of drivers and hardware specifications, so don't make an image and then try to restore it to a different PC.

Business Backups
If your business runs on one computer with simple records kept in the My Documents folder, you can use one of the above methods to backup your data.

Most businesses don't run that simply though. At the least there is usually something like Quickbooks or Microsoft Office Accounting, or some other way of managing accounts. Complexity only grows from there. Larger outfits run databases and web applications and employ multiple machines to accomplish all their daily tasks.

In this kind of environment it is impossible to get everything covered, so you have to set priorities. #1 will no doubt be your accounting and customer relationship applications, #2, any other vital business apps, and #3, the desktop computers.

Starting at the bottom of the list, a good practice is to set up your environment to be as homogeneous as possible. Workstations should all be the same model computer with the same internal hardware. That way you can install the operating system and all the applications, then take a baseline image, and if any one of them crashes, you can restore all of them from the one image.

Moving up to business applications, often this comes down to a case-by-case evaluation. Business systems should be backed daily, at least backing up the changed data every day, and getting a full backup of everything at least once a week.

Business systems should also be backed up to multiple removable media devices that can be removed from the premises. Media should be rotated through the week and taken off site to ensure data safety in case of a building disaster. You can pay for a service to come and pick up your backups, or you can take them home with you. It all depends on your comfort level and budget, but you should keep them off site. Don't leave them in your car though.

For any business environments with centralized servers providing applications, a tape device is probably going to be the way to go. Tapes are very portable and dependable. They stand up well to the greatly increased handling that they will endure as a business backup device. They are also fast and can hold a lot of data, as tape drive technology has made advances right along all other technology.

Although I have really only scratched the surface of this deep topic, I hope this is helpful information for you. I hope you decide to start backing up your important data. It would be a shame to lose those vacation pictures...but it might provide a good excuse to go back!

Schreibnet Technology LLC can help you implement a backup strategy that works for you or your small business. Feel free to leave comments with questions you may have, or contact me via email to scott at schreibnet dot com.