[thanks to Dennis Houseknecht for this post]

–This is part 1 of a 2-part series on backups, an important element of security–

The word “backup” gets used in a lot of ways. There are several ways of “preserving” data, but the purposes are not the same. The first step in protecting data is understanding the risks and how we manage them. In general, there are two bad things that can happen to data:

1. It can be exposed to individuals who are not authorized to view it.
2. It an be lost or damaged.

Number 1 is a security issue which has been discussed in many other Security Corner articles.
Number 2 is what backup and disaster recovery planning are all about.

There are two ways in which data can be lost or damaged.

1. The hardware used do store the data can be lost or damaged.
2. The actual data can be deleted (intentionally or accidentally), overwritten, or corrupted.

Data Replication protects against hardware failure. The most common example is a RAID system that writes the data to multiple disks simultaneously. If one disk fails, the data is preserved because it was written to one or more other disks. In some RAID systems, more than one disk can fail and the data is still preserved. Data Replication DOES NOT protect against data corruption or deletion. If the data is corrupted or deleted from one disk, this error will be replicated to the other disk(s).

A Snapshot is exactly what it sounds like. The state of the system is “frozen in time”. This is done by setting a restore point and then recording all changes to the data which occur after that point in time. The system can then be “restored” to a previous state by removing snapshots that occurred after any particular recovery point. By themselves, snapshots protect against data corruption or deletion, but DO NOT protect against hardware failure. If the hardware fails, the restore points will be lost.

A Backup is achieved by copying files to a different location at some point after their creation. How well a backup protects against either hardware failure or data corruption / deletion depends upon how it is implemented. If the backup is copied to the same hard drive, it does not protect from a disk failure. If it is copied to a different disk at the same location, it does not protect from fire, flood, or theft. If it is copied to the same location every night, it only provides protection from data corruption or deletion for one day.

So how DO you protect valuable (or invaluable, as the case may be) data? Simply “backing up” by copying files is not enough. You need a Backup and Recovery PLAN that is based on your needs, your available resources, and the amount of risk you are willing ot accept. For true protection, a backup plan should include some sort of “versions” or “restore points” (similar to snapshots). This can be done through the use of differential backups (a full backup + subsequent backups containing all changes since the last FULL backup) or incremental backups (each incremental backup contains only the changes since the last INCREMENTAL backup).

In part two of this series, we will look at different types of backups (image backups vs. data backups), archiving and data-retention strategies (how many restore points should you retain), and features to look for in backup software (file level vs. block level backups, proprietary vs. standard file types, compression, encryption, etc.)

As a security precaution provided to all our clients, our hosting security system checks the security of our client’s sites once a week. What it is doing is looking for files and folders that are set to world-writable settings, or 777 as it’s known in the Linux world. Files or folders that are set to 777 are invitations to the entire world to write/save/delete anything they want in those folders, and of course, add any new code they want, such as porn, spam mail servers, phishing sites, etc. So, our system resets any files and folders it sees that are 777 down to a proper security level. This is the equivalent to at least closing and locking the door, while leaving files at 777 is equivalent to leaving the door actually stand open in a bad neighborhood.

If a website is hacked, very frequently the hackers will make their first order of business to change the permissions on a folder to 777 so that they have a back door to your website from then on. Our security system catches this and fixes this for our clients. Does your current hosting company do this free of charge for your company?

If your website depends on world-write permissions, please contact our Nerds Development Team, and they’d be happy to consult on re-working your website to use proper security procedures. http://www.nerdsisp.com/contact-us.html

Nerds On Site is always finding new ways to reduce our client’s IT costs, and today we are announcing a further price savings for all our clients and future clients. Effective immediately, Nerds On Site has dropped all .ca pricing by 19%.

Contact our team today to take advantage of these great new prices by switching to Nerds On Site! You can call our team at 1-877-696-3737, or contact us online here: http://www.nerdsisp.com/contact-us.html.

[a post from Nerd Kevin Lloyd]

On almost every client service call we have had over the past year, we have installed Dropbox on their computers. It takes only moments to setup, it’s free, and once we explain the benefits, every client has expressed excitement about the service!

The concept of Dropbox is simple, and I always give a practical example to my clients. I have three computers, one of which is a laptop. I have Dropbox installed on each of them. Dropbox creates a folder, like any other, on each computer, and anything I put into that folder on each computer, appears on each of my other computers within minutes, automatically, providing there is an internet connection, or, as soon as there is one.

In addition, you can log into your Dropbox account on dropbox.com and access my files there as well.

The free version comes with 2GB free, and 50GB is only $10 a month. I have a couple of friends that use it reguarly praise how useful it is! In addition, you get 250MB free for each person you refer Dropbox to (using your referral link)

If you’re interested, check out their website!

[Thanks to Nerd Dennis Houseknecht for this post.]

Many of us have wanted “put a bullet” in a server or workstation from time to time – at least figuratively. This Salt Lake City employee had too much to drink and LITERALLY shot the server. This might be amusing, except for the costs involved – not to mention the danger of injury.

My first thought, of course, was how this sort of loss figured into the employer’s risk management plan. You might think that such a risk could never be anticipated or included in a risk management plan, but not so. The specifics of this incident may be unusual (or even bizzaare), but two categories of risk that should be included in any risk management plan are “intentional damage caused by employees” and “unintentional damaged caused by errors and omissions”.

Intentional damage by employees is a very real risk that is often underestimated. How do we deal with ths risk? The same way we deal with any risk. We have four choices:

- The risk accepted – that is, we just take our chances and do nothing
- The risk can be avoided – in this case that would mean having no employees
- The risk can be transferred – that is covered by insurance. This is where is pays to read the fine print. Does the city’s insurance cover intentional damage or acts of sabotage by employees? Are there limitations?
- The risk can be mitigated (but never completely eliminated) – some mitigation measures in this case might be:
- Hiring policies that require background checks (this employee may have had a history of erratic behavior)
- Policies prohibiting certain actions (well, in this case, the actions were criminal, but other, less dramatic, acts of intentional damage might be deterred by policy)
- Physical security – the article does not address the question of how this person gained access to the server, whether he required access as part of his job, or whether there was any physical security at all.

We cannot anticipate every possible risk, but every needs assessment should include some discussion of risk management an the types of risks small and medium enterprises face. The possibility of intentional damage, sabotage, or theft of property (or sensitive data) by employees is often an uncomfortable subject, but one that should not be avoided. A thorough evaluation of physical security is an essential part of ANY needs assessment.

We’ve just had a tremendously enjoyable ReBoot conference in Cape Town, South Africa with a number of our team members joining us from Durban, Johannesburg & Pretoria. On the eve of our first stay, they organized a Bowling event, and at that event, one of our Pretoria nerds, Conrad, contributed to the enjoyment of the party. (Yes, we have his permission to share this video online):

[this post comes from Nerds Dennis Houseknecht]

For the past couple days, I have been trying to figure out how to best summarize this newly-revealed security issue. Fortunately, Steve Gibson and Leo Laporte explain the details quite well in this weeks issue of Security Now. Here are the highlights:

- This problem is a result of the way Windows loads any .dll files that are required to help a program run. Windows goes through a complex series of steps to locate the required .dll files, but starts with the program’s working directory.

- Some programs, when loading remote files, change the working directory to that of the remote file. There are at least 200 programs that do this, making them vulnerable to this exploit. Apple has patched iTunes, but other vulnerable programs include Firefox, uTorrent, Powerpoint, Wireshark, Microsoft Moviemaker, and many more.

- If an attacker can get a program on your computer to load a remote file and then supply a malicious .dll file from the remote location, your computer could be compromised.

- This is a component of both SMB (Server Message Block – used for sharing files on a local network) and WebDav (used for sharing files over the http). Therefore, this vulnerability can be exploited over local networks or the internet.

- There are no known exploits in the wild, yet, but we can expect to see many attacks surface in the coming days and weeks.

- Microsoft will not be issuing a patch for this because changing the way Windows loads .dll files would cause many programs to break. Rather, the vendors of the vulnerable programs will need to issue patches.

- Microsoft has released a security advisory. You can get information here, and here, and here.

- Here is additional information from Rapid7.

When choosing a new hosting company for your corporate website, knowing your needs is crucial. So say all the blogs that attempt to help you find the perfect web host. But, what if you don’t know your hosting needs precisely? What happens if you don’t KNOW what your hosting needs will be next month, next quarter, next year? What happens if your business explodes? Will you have time to understand your new needs, and find a new hosting provider to meet those needs? What happens if you just don’t understand hosting, and just want to get back to running your own business?

Nerds On Site has a solution: Unlimited Hosting. Unlimited hosting is much simpler than it seems – in fact, it simply means that you no longer have to worry about overage charges, upgrading plans, or switching providers because you outgrew your current provide. Unlimited Hosting means you’re with a company that is ready for your growth spurt, that understands that getting listed on Digg shouldn’t mean your site goes down for the rest of the month, that wants to help you grow your website traffic but doesn’t want to charge you more when you are successfull.

Contact our team to learn how we can take web hosting off of your ‘worry list’. http://www.nerdsisp.com/contact-us.html

With hard drive as large as they are nowadays, and growing, keeping all of your data on a single hard drive is a scary thought! Many people use external hard drives that plug into a computer via USB. It’s a great solution, but it takes time, and people often forget to keep the backup current. Not to mention that if the worst were to happen…fire, flood, burglarly, or power surge, having the backup sitting beside the main copy is dangerous, since both could be lost!

The best kind of backup solution is the kind your don’t have to think about. With off-site backup, a small program will monitor changes in the folders you choose and upload them securely (and encrypted) to an off-site set of redundant servers (backups of the backups)! So long as the computer is left idle a couple of hours a week, your backup will be kept up-to-date automatically!

Nerds offers a service called Nerds Backup, and for $2 per 1 GB of data, you’ll have peace of mind for those files you simply cannot afford to lose! There are other services, such as Mozy and Carbonite,  that range in cost. Choose the one that best suits your needs and budget. An added benefit is being able to login and access your data from anywhere with an internet connection!

The peace of mind is perhaps the most important benefit to off-site backup, knowing your data is safe no matter what! As your Nerd about it today or call us at 1-888-696-3737!

It seems that our friend (mascot) Niles the Nerd was having a great time at the London, Ontario Dragonboat Race today!

Thanks to Anthony Berot for providing the internet at the event! We received this picture from one of our Nerds Backup gurus, James Keenleyside-Richter, who was kind enough to bring Niles to the event!

It is always GREAT to see a few red shirts, better still when one of them is our friend Niles!

Great job James and Anthony!