Category Archives: Windows Security

Windows Security Articles

How To Backup Windows

Needless to say, backing up your computer regularly is very important. There are a lot of ways you couldlose the data on your hard drive. Unfortunately, people often realize too late how important backups are. Nowadays, you have a lot of different backup solutions to choose from. It can be difficult to find the best way of backing your data. Here is an overview of how you can backup data on a Windows computer.

Backing up Windows used to require a third-party tool but in Windows 7 Microsoft introduced a new backup utility. The new tool can do both image backups and file backups. Image backups are used to save the Windows operating system while file backups are used to backup user data. You can do full or incremental backups. It is also possible to do a system recovery disk which is very handy if disaster hits.

The new Windows backup utility has a lot of useful features. Backups can be scheduled, so you always have a recent backup of your data. You can also let Windows manage the space used for backups, Windows automatically deletes the oldest backup when there is no space for new backups. All in all, the Microsoft backup utility in Windows 7 and Windows 8, is a good tool.

If you want different backup cycles for files on the same drive, the Windows backup utility is not the best tool. It works best when you back up the whole drive, rather than selecting individual files. Restores, especially restores of image backups, are unnecessary complicated. At the moment, you can use an external disk or writable DVD as backup destination but not the Internet. This may be possible in later versions. But still, now you have a decent backup utility included with Windows. Make sure to use it.

But you may still prefer other backup solutions for your Windows computers. The new Microsoft backup utility is a good solution for many but there are better backup tools on the market. For many it does not make sense to pay for an additional backup utility but in some cases it makes sense to go for a more sophisticated backup solution. Software such as Genie Backup Manager, Norton Ghost, Paragon Hard Disk Manager Suite and Acronis TrueImage are excellent programs which offer much more than just basic backups but for many Windows users the additional cost is hard to justify.

Always make sure that you have a couple of image backups. It is the quickest way to restore the Windows system. It is what you need if your disk crashes or if your computer gets infected with viruses. Your personal data you should back up frequently, using standard file backups. If you have a lot of data, you may prefer to do incremental backups. But remember that restores will take longer time if you have many incremental backups. Restores from full backups are easy.

Online backups offer some advantages but you should be aware that there are also some, at least potential, drawbacks. The main advantage is that you can restore files even if you are not at home, your backups are in the cloud. This also protects your data in case of fire or theft at home. Unfortunately, some people store their backup DVDs next to their computer and sometimes thieves take both the computer and the DVDs. Many of the online backup providers have very good interface, making it very easy to back up your data.

But there are a lot of backup providers and it may not be easy to find one that fits your needs and budget. Privacy and security issues are also potential problems with online backups. One security issue to remember is that if your online backup account gets hi-jacked, all your backed up data can be downloaded. You probably don’t want to back up sensitive personal data using the Internet. For sensitive data, you may want to have a closer look at encryption solutions.

Windows Server Security

Protecting a server is very important, servers are central resources which often contain sensitive data. But at the same time as the server must be secure, the outside world must be able to access the server. A server which is not connected to the outside world is of course very safe but virtually useless. Server security very much boils down to finding a compromise between security and access. Here is a short overview of Windows server security.

Computer security is a fast moving field, new security holes are detected all the time and need to be patched. This means that one of the main principles of server security is to regularly update the Windows operating system on your servers.

The Windows operating system may look like it is full of security flaws. New security patches are released all the time. But Windows is not significantly worse than most other operating systems. It is just that Windows is the most popular operating system so it makes sense for attackers to target Windows rather than some obscure system which is not much used. To some extent, the large number of security fixes for Windows makes it a relatively safe system. This of course under the assumption that you have installed all security patches.

Server security can be divided into two main categories, internal security and external security. Internal security means that the system does not allow authorized users to do more than they are allowed to. External security means that you keep unauthorized users out of the system. With the help of firewalls it has become relatively easy to prevent the bad guys from accessing your servers. Often it is actually the authorized users that create the serious security breaches.

Firewalls are very good but don’t solve all your security concerns about unauthorized access, you also have to make sure that your server is secure. This means that all services that are not necessary should be disabled. This limits the number of potential security flaws. You should also make sure that the authorized users use non-obvious passwords and change them regularly. Secured servers are difficult to break into, due to this social engineering has been a popular way of finding an easy way in. Getting the login details of an authorized user has one huge advantage, there is no security to break.

The server administrators typically know how to protect the administrator accounts. But it is tougher to control all user accounts on a large server. The best solution is to make sure that each and every user only has the rights and privileges they need in order to do their work. Any extra privileges can be used by attackers who have managed to get hold of a user account or by a disgruntled employee to steal data or to damage the server.

Fortunately, Windows have improved a lot when it comes to auditing and user access control. In the early versions of Windows, it was difficult to assign specific rights to different users and auditing was far from sophisticated. But with each new Windows versions, things have improved. It has also become much easier to control large number of Windows servers.

Even the best secured systems can be compromised, or at least suspected of have been compromised, so it is very important to be able to track what an attacker has done or tried to do. For this you need a good auditing system and also a snapshot of the system so that you can compare if any configuration changes have been done. The bad news is that if you don’t really know what an attacker has done, the only safe option is to reinstall the system from scratch. Needless to say, this is very time-consuming and will affect the users.

How to keep your computer safe

Keeping your computer safe from viruses, malware, adware and other nuisances can be a full-time job. But fortunately, by paying a little bit of money you can keep your computer safe, against the most common attacks at least.

Most likely you already know that viruses and malware can create a lot of problems for you. In worst case, identity theft can be very cumbersome and expensive to sort out. Quite clearly, you need to protect your computer against the bad guys. Fortunately, it is fairly easy to protect you against most attacks. A little bit of money and common sense will protect you against most threats. Obviously, the specific solutions depend on what kind of computer you have. In this article, we assume you are trying to protect a Windows PC with a broadband Internet connection.

First of all, get a combined firewall and DSL router/cable modem/wireless hub. Although Windows comes with a firewall, a dedicated firewall will protect your PCs at home against most attacks and annoying scanner attempts. Connecting your PC directly to the Internet will quickly make it a target for numerous attacks and probes. Although an up to date Windows firewall should protect you against most of the attacks, the sheer number of probes can be staggering. A basic firewall with NAT, Network Address Translation, will stop all basic scanners and probes. Another useful feature is Stateful Packet Inspection, which prevents some common attacks including IP spoofing. But it is important to beware that a cheap combined DSL router/cable modem/firewall is not a full-blown firewall. It protects your PCs against basic attacks but seldom helps against more sophisticated attacks and coordinated denial of service attacks. But such attacks are generally aimed at large organizations not against home networks. Given the cheap price, it is well worth investing in a combined firewall/DSL router/cable modem.

Using anti-virus software on your PC is a must in today’s world. Although you can get free anti-virus programs, it is highly recommended that you buy one of the well-known programs, for example Norton, McAfee or Kaspersky. Note that some jokers even try to get you to download bogus anti-virus software which actually is malware. Security Shield has been around for quite some time, it pops up a window warning saying that your PC is infected. And want you to pay and download a version of infected software!

Note that firewalls and anti-virus software will not help if you are happy to open attachments that are sent to you by email. Since it is very easy to send false emails, some scammers send out thousands of emails with an executable attachment. Popular scams include emails supposedly coming from UPS, about a delivery, or IRS, about your tax return. Never ever execute the attached file. Although anti-virus program can detect common viruses, it is relatively easy to modify a virus so that it is not detected for some time.

Like everything else in computing, also viruses have become more sophisticated over time. The early viruses were made up of static code that was easy to detect, as long as you know what you were looking for. Nowadays, you have metamorphic viruses, which transform their code as they propagate. This means that the virus scanning programs have a much tougher tasks to detect these kind of viruses.

Needless to say, you need to try to keep your PC clean of viruses. Once a PC is infected, there is generally only one safe way of getting it clean, re-installing everything from scratch. This is time-consuming and may even be impossible unless you have a good backup, such as a ghost image. If you have anything really important on your PC, you should also make regular backups. Here you can learn how to back up a windows computer

Server Security

Server security is a complicated subject. Servers are supposed to be used by a lot of people, which means that they have to be accessible. On the other hand, servers often have sensitive data and are important parts of the network so it is very important that they are secure.

A server can run a lot of different operating systems. Nowadays most servers are running some version of Windows or Linux. But many other operating systems are also used. It is a mixed blessing securing a server running an OS that is not very popular. Already in the 1990s, Novell pointed out that its NetWare networking operating system was quite safe, after all it was using IPX, not TCP/IP as most other computers on the Internet. Anyone who wanted to break into a Netware server had to design their own attacks. This of course required a fair bit of knowledge about both NetWare and the IPX protocol. Attacking TCP/IP computers on the other hand did not require much skills, you could find ready-made attack methods and programs on the Internet. But if an operating system is not much used, security flaws may also take longer time to detect and to patch.

Popular server platforms, such as Linux and Windows, may have a lot of known security flaws but they quickly detected and solved. But servers have to be patched regularly. Many successful attacks are taking advantage of security flaws that have been known, and solved, several months ago, sometimes even for years. One of the biggest problem is to keep up with all new patches. This is not a big problem if you only have one or two servers. But today, a lot of places have hundreds of servers. This creates a problem, it will generally takes quite some time to apply patches to all servers. Before all servers have been patched, new fixes have been released.

As mentioned, server security is dependent on the server platform. Someone who tries to break into a Linux server trying to exploit known Windows security flaws will not be very successful. The same goes for the good guys, how to secure a server depends on what kind of server you are securing. Here you can learn more about Windows server security. The success of Linux has made it a very lucrative market. Linux solutions used to be cheap but once Linux started to become popular with large companies, the money in the Linux world has become much bigger. This is true both for Linux software and jobs. Here is more information about Linux server security.

It should also be pointed out that although most threats come from the outside world. Most of the successful security breaches are done by insiders. Today’s firewalls are very good at keeping outsiders away from your servers but firewalls don’t help against attackers that already have access to the servers. So how can you protect yourself and your servers against inside attackers? Actually, there is no simple solution that will work for all servers. But most systems have features that let you divide users into different groups with different privileges. This combined with auditing features are the best way of protecting your servers. Here is more information about insider attacks

It is especially important to keep file servers secure. One single infected file on a file server can quickly infect a lot of client computers. Unfortunately, running a virus scanner on a file server may slow it down significantly. A busy file server can seldom scan files that are opened by clients, the CPU load required for this quickly makes the server non-responsive. Therefore, many sites disable virus scanning on file servers but make sure that all clients have virus scanning enabled. It is reasonable solution, not as secure as having the file server scanning the files but the server will be able to handle all requests within a reasonable amount of time.