I would tell you five.
Some years ago, I was asked to give a short talk about computer security. I was given five or ten minutes, which forced me to distill exactly what I think about when I think about computer security.
The way I approached it was to think to myself, “If somone walked away from my five-minute talk remembering only one thing, what would I want that one thing to be?”
So I gave the talk. I was invited back a second time, so I repeated the process: “If I could have you remember only two things I say about computer security, what would those two things be?”
I gave that talk, and it led me to a talk about five things in priority order relating to computer security.
Today, I want to give you that list in reverse order — kind of Top 5 list.
Become a Patron of Ask Leo! and go ad-free!
The most important thing
If you remember nothing else, let it be this: backing up protects you from malicious activity as well as hardware failures. Your backups are the foundation of your overall computer security.
5: Keep learning
I mean this in a couple of different ways.
Of course, it means to keep learning about how to use your computer and technology, but more importantly, when it comes to security, it means to keep abreast of what’s happening. Stay open to security- or computer-related news. You don’t need to understand the current threats and vulnerabilities in detail, but hearing about current tech security issues will help keep you more aware and secure.
A good example is paying attention to the various types of scams that are currently making the rounds. Just hearing about them will help you avoid them if they ever cross your path. A good resource is The Perfect Scam podcast from AARP.
4: Be patient
So many people are in a rush to get something done that when they encounter a problem, they blow right through it, often making the wrong choices when it comes to computer security.
Take the time to do a little research or ask a question and get an answer. That patience will save you a lot of grief in the long run. Spending a little time upfront can often save you a tremendous amount of time later if things go wrong.
Related
Internet Safety: 7 Steps to Staying Safe Online
Online security is critical. Here are the key steps you can take to keep yourself safe on the internet.3: Don’t panic
I see people make the worst possible choices out of panic.
They click on anything. They install or even purchase anything that even hints about solving their problem. Many times, those solutions make things worse. Often much worse.
Don’t panic; think it through. There’s very little you can do that will permanently physically damage your computer, so just be ok with it.
Take your time. Don’t panic. Calm down enough to read error messages, make notes about what happened in what order, etc.
2: Be skeptical
We all want to assume the best of humanity, and mostly, we can. But when it comes to promises made by software vendors, pop-ups, or unsolicited phone calls, absolutely question the source. Make sure you understand where the information is coming from. See if you can’t corroborate with some other information from an already trusted source.
And yes, that means you should invest some time developing trusted sources — people you can reach out to locally or online resources you know you can rely on to steer you straight.
1: Back up
The most important tip I have for computer security may surprise you. It doesn’t feel like a security thing at all.
Back up. Back up your data and back up your computer.
Things are going to happen. Hardware’s going to fail, and in the realm of computer security, you’re going to miss something. You’ll end up with malware, ransomware, or a virus of some sort. You can protect yourself against all of these things and more with a good backup in place.
For example, if you get malware or ransomware, you restore to the previous backup you took the night before, and the malware is gone. It’s like it never happened. How much more secure and stress-free can you be?
Do this
There you have it: five fairly simple concepts to help you stay safe. If you remember only one, remember to back up. Hopefully, though, you’ll remember all five. And, of course, I’ll always be here to remind you.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Related Video
Excellent advice, Leo. I think your top 5 list is spot on.
Hi Leo –
Thanks again for publishing that list. I couldn’t concur more. About two weeks ago my partner had intentionally reset his computer because it “wasn’t working right”. Unfortunately, when he did that, of course all of his desktop icons and folders went missing and a lot of data was not the same as it had been even though supposedly just “resetting” in windows 10 preserves data and programs, etc.
Luckily, I have become a fanatic about backups. I do several different kinds of back ups including an online one and one that I take off site when we go on vacation. Because I do backups, and they are full back ups with Macrium Reflect (thanks for recommending that also) I simply took the most recent back up that I had made, which was only 2-3 days old and totally restored his whole “C” drive. Everything was perfect. Since I hadn’t done anything like this in a while, I had to reeducate myself about booting to that Macrium Reflect bootable media, because one can’t restore a drive that one is currently using. Nevertheless it was a snap and saved a lot of time and work.
Backup, backup, backup!!!
Sincerely,
John J.
Thank you for the 5 Tips and I try to live by them.
Seeing as Microsoft decided to remove the auto logon feature in our email accounts and then give you a solution: True Key.
What do you know about this. I have not activated it yet but would like to know more about it.
One of my backups was to my DVD. Windows 10 does not support Windows 10 media center.
I have lost the use of my internal CD/DVD burner. It don’t write to my E: drive and it will not
read the backup DVD’s. I am left with an F: on my external USB hard drive. My C: has a copy
of the original folders and files.
Over then years I have lost or worn out several hard drives. I had backups so I was able
to survive. Will ms$ ever give us back Media Center or should I discard my CD/DVD’s
Thanks, Esley
Media Center will not return.
But you should still be able to read and write data CDs and DVDs without issue. That’s completely separate from Media Center and should just work.
“And the number one, most important tip I have for computer security, it’s going to surprise you, but it’s the one thing I want everybody to remember and that is back up.” – I’m not sure I agree with this – at least, not from a security perspective. These days, the most malware looks to steal banking credentials, passwords or encrypt data – including, in some cases, backups. Sure, you can eradicate the malware by restoring a backup – if you know which of your backups has not been compromised, that is – but, by the time, your banking credentials, passwords, etc. have already been snatched.
Consequently, I’d say that prevention is by far the most important aspect of security – and a big part of that comes down to knowledge and understanding the threat landscape (your #5).
I agree with you Ray Smith on everything said. I think once the crook is in the house every thing is up for grabs. Good luck on finding the backup to use that you feel safe with. Did your security just get updated to find this? If so how long has it been there. So what back up do you use? As you said by the time you try to come up with a safe backup you are already in trouble.
Consequently, I’d say that prevention is by far the most important aspect of security – and a big part of that comes down to knowledge and understanding the threat landscape (your #5).
There you go. I think you just read number one also but that is just my opinion. We all have opinions…
“I think once the crook is in the house every thing is up for grabs.” – Exactly. Yesteryear, the consequences of a malware infected were usually not too bad – you’d end up with a hijacked homepage, redirected searches or a quote from the Simpsons inserted into your Word documents. But that’s changed. Nowadays, a malware infection can result in your bank account being emptied. So, yeah, prevention is more important than it ever used to be.
I get that. Actually, all five are important. 🙂
My ordering was based on my gut feel looking back on the last 13 years of this and asking myself “what one thing would have made the biggest difference to the most people I’ve heard from?”. Backups win, hands down, both for security related issues as well as everything else that backups are good for.
“My ordering was based on my gut feel looking back on the last 13 years….” – Yeah, but things have changed considerably during those 13 years and the consequences of a system being compromised are now much more serious. You could eradicate old school malware – homepage hijackers, etc. – by restoring a backup and everything would good again. All you’d have lost is a little time. You can eradicate today’s malware in the exact same way but, by the time you do, somebody else could have – and be using – your banking credentials. As I said, prevention is more important than it ever used to be.
My prevention is excellent. Never had a virus or malware. I am more likely to have a hardware failure than an intrusion so backing up is more important to me. But since I am already doing prevention by nature, this discussion is just becoming pedantic.
Your backup USB or Mobile hard drives must be physically detached from your computer once the backup is completed.
The malware must first be removed..preferably by a reformat and reinstall, prior to trying to recover infected files from your back up source..
I was asked to remove cryptolocker ransomware from a Seniors’ Club computer recently.
The backup doc, docx , jpg (photos) & xls(spread sheet files) were all encrypted..including the backup drive which was attached to the computer.
It is impossible to un-encrypt these files unless an asking price of $500 USD was paid.
The factory reset stored in the hidden partition on the hard drive was also infected and not usable.
Nice earner for me ..but not the point.
“Your backup USB or Mobile hard drives must be physically detached from your computer once the backup is completed.” – I think it makes better sense to keep external drives connected in order to keep the backup process automated (there’s probably a greater risk of somebody forgetting/neglecting to reconnect the drive and then being without backups than there is of them being hit by a crypto – especially if they exercise commonsense). That said, it certainly makes sense to have an additional cloud-based backup mechanism in place as 1) it gets your data offsite and 2) services that enable versioned backups (most do) make it easy to recover from a crypto.
Thanks for your reply Ray.
My point is that the ‘Seniors Club’ computer back up USB device was attached to the computer for convenience.
When a link (disguised as a PDF)within a Postal email was clicked, the cryptolocker Ransomware was installed and encrypted everything on the hard drive ,including the hidden factory restore partition and also the USB backup 🙁
Backups’ off site are important as you alluded…implementation for the masses is the problem ….
Thanks for posting this. This is a clear example that Cryptolocker did encrypt a backup file. It’s still not a good idea (for most people) to disconnect the backup drive regularly. It’s just too hard to remember to plug it back in. The best strategy is to do everything possible to be safe online (carful what you click on…) and to regularly switch out backup drives. You then will always have a recent backup available no matter what happens.
Here’s a good article from Leo that you may enjoy: https://askleo.com/will-ransomware-encrypt-my-backups/
Now that crypto-malware is encrypting backup files, it seems that it’s now necessary to make regular backups of your backups. This can be accomplished by making a copy of the backup files to another external drive, or alternating the drives you use for backup. I also feel, at least for me, that a cloud backup solution like Dropbox or a dedicated cloud backup service is essential in addition to system backups.
“I also feel, at least for me, that a cloud backup solution like Dropbox or a dedicated cloud backup service is essential.” – Absolutely. Versioned cloud backups not only protect your data against cryptos, but also against fires, floods, hardware failure and any other disasters or mishaps that could result in the loss of the local copy.
Yeah, there is a degree of risk no matter which way you do things. Keeping the drive connected means there’s a risk of backups being encrypted; keeping it disconnected means there’s a risk of being without backups because somebody forgot to reconnect it (or the backups being encrypted because somebody forgot to disconnect it!). I believe that the former option is the least risky for most people, especially when supplemented with versioned cloud backups.
I have contributed to your news letters when it was buying a coffee do I still need to and how ?
I am over 80 and enjoy it very much.
You certainly don’t need to. In general I prefer people now purchase a book so you get something more out of the transaction. But http://buyleoalatte.com still exists. 🙂
Once again I have to praise the good job you are doing. This is probably one the best newsletters (video articles) I have listened to so far. You have hit the nail right on the head. Your 5 options summed it all up with regard to security.
Thanks again and as always keep up the good work!
I have the feeling that people (including me) need to develop critical thinking skills in order to use computers and the internet properly. There’s a lot of information and it needs to be checked, and double checked and compared. Learning how to do a little research and use Google may be valuable for people too.
I recently upgraded to Macrium Reflect 6 and so far that program works like a charm, I must say. Thank you for the constant reminders in your articles and newsletters to back up. 🙂
I would also add two words to every conversation that every electronic media user should burn into their minds…NEVER AND FOREVER.
NEVER put out anything you don’t want to share with the entire world…that includes partners both present, ex or soon to be ex, and future; parents, bosses and anyone else…….
And if you put it on social media you should expect it to be there FOREVER. PERIOD!
It’s likely “old school”, as the kids now say, but we have been successful, at least with accounting, by using the three by three method, now with plus. That is the daily back ups are done on rewriteable disks, 1,2,3, that rotate. If a harddive /program goes wonky, you can try to restore with number 1. If one is also flawed, and contains the problem, you can move with caution on to 2. Three stays in the box. Worst case you are two days behind with a clean copy. This is duplicated weekly, and monthly. Besides this archaic system, we also save individual stations to thumb drives, and there is a teribit drive on a server. (and of course, the hard drive on each machine)
Came to this article because we have been avoiding “the cloud”. There is an interesting article on BBC TV today, regarding the information collected by Facebook. A privacy advocate, who uses Facebook only occasionally, requested the materials/information they had on him, the result was a 1222 page document of a very broad spectrum of his files, contacts, activities, equipment used etc, etc. Also the article pointed to the issue that the four key players in the cloud, Amazon, Google, Microsoft and Dropbox (??) , stored their backups in multiple countries, with varying laws re who, what and when the material could be accessed, and a variety of responsibilities to the user. Apparently there is also the issue of knowing exactly where your stuff might be.
I have been very pleased to encounter Leo’s outline of utilizing available backup, in the cloud and elsewhere. Must admit to being a bit curious, and ignorant, about the use and facility of encryption, as well as its strength in the milieu of world wide storage/encryption/hacking experts? Also the issue of ownership of materials stored in the cloud has darted in and out of my attempt to keep current and to make an informed decision regarding use of the cloud. Being old school I am still inclined to keep accounting and highly sensitive data in house, and or in reach, a stored copy off site. But less sensitive data, properly and securely encrypted is a very tempting scenario.
Apologies in advance for any blatant stupidity, but as my Dad said often, “if you don’t ask, you won’t find out.”
Leo and crew, thanks for your clear, insightful answers to so many issues over the years. A very, very valuable resource.
Cheers All
I’m very happy to know my cloud storage is backed up in several countries. That gives protection even if a war breaks out in one or a few of those countries. As for security and ownership, I trust the high grade encryption of BoxCryptor to keep prying eyes away from the sensitive files.
https://askleo.com/boxcryptor_secure_your_data_in_the_cloud/
Yeah, data geolocation/sovereignty is very much a non-issue at the home user end of things. So what if your data is held in another country? A foreign government is no more likely to be interested in your data than your own government – in fact, it’ll probably be less interested. And, realistically, whether you avoid the cloud – as Mel says s/he does – or not, you have absolutely no control over where your data ends up anyway. I mean, do you know whether your bank’s data centers are located in the US or overseas? How about your insurance company’s? And do you know what information data brokerages hold about you, where that information is kept and what is done with it? Probably not.
Voor het maken van backups gebruik ik sedert een aantal jaren als volgt te werk:
Voor een backup van mijn pc gebruik ik “ToDo Back-up” van EaseUS. De hele harde (C:/)schijf wordt in één bestand geplaatst (zogenaamde .pbd-file). Bij een crash van je pc moet je vaak een harde reset van je pc uitvoeren (nieuwe installatie van Windows). Met Easeus TDBH zet je de backup terug INCLUSIEF al je zelf geïnstalleerde programma’s plus instellingen.
Bovendien kan je de zogenaamde PreOS Manager inschakelen. Ideaal wanneer je pc opstartproblemen heeft: wanneer je je pc opstart word je (indien ingeschakeld)gevraagd of je pc moet opstarten via Windows (de gebruikelijke manier) of met PreOS. Wanneer je voor die 2e optie kiest wordt meteen het opstartprobleem opgelost.
Mijn mening: zijn geld meer dan waard! Het heeft me al menig bezoek aan een computerwinkel bespaard.
Belangstelling? Kijk op http://www.easeus.com. In het menu bovenaan de pagina kies je voor “Backup & Restore” en daarna de optie “Todo Backup Personal”.
Je kan de free trial-versie gratis downloaden en installeren om de mogelijkheden te bekijken (voor Windows 7/8/10/11). Indien je de software aankoopt betaal je eenmalig $79.95 / € 76.50 voor levenslang gebruik, inclusief updates en technische support (of jaarlijks $39.95 / € 38.25). Je ontvangt na betaling dan een activatiesleutel om de software te activeren. Vervolgens wordt het hele pakket geïnstalleerd op je pc.
Verder gebruik ik daarnaast “SyncBackFree”. Een gratis programma om een backup van je data te maken op een externe schijf of meerdere schijven. Met SyncBackFree synchronieer je b.v. je D-schijf met een externe schijf (of meerdere schijven tegelijkerijd). Snel en handig, en nooit geen verlies meer van films, documenten, afbeeldingen of muziek.
Translation (via Google Translate, and my own sanity check):
For making backups I have been using the following procedure for a number of years:
For a backup of my PC I use “ToDo Back-up” from EaseUS. The entire hard (C:/) drive is placed in one file (so-called .pbd file). In the event of a crash of your PC you often have to perform a hard reset of your PC (new installation of Windows). With Easeus TDBH you restore the backup INCLUDING all your self-installed programs plus settings.
You can also enable the so-called PreOS Manager. Ideal when your PC has boot problems: when you start your PC you are asked (if enabled) whether your PC should boot via Windows (the usual way) or with PreOS. If you choose the second option the boot problem is immediately solved.
My opinion: more than worth the money! It has saved me many a visit to a computer store.
Interested? Visit http://www.easeus.com. In the menu at the top of the page, select “Backup & Restore” and then the option “Todo Backup Personal”.
You can download and install the free trial version for free to view the possibilities (for Windows 7/8/10/11). If you purchase the software, you pay a one-time fee of $79.95 / €76.50 for lifelong use, including updates and technical support (or annually $39.95 / €38.25). After payment, you will receive an activation key to activate the software. The entire package will then be installed on your PC.
I also use “SyncBackFree”. A free program to make a backup of your data on an external drive or multiple drives. With SyncBackFree you can synchronize your D drive with an external drive (or multiple drives at the same time). Fast and convenient, and never lose movies, documents, images or music again.
I dual-boot Windows with GNU/Linux on my desktop computer and two laptops. I use Macrium Reflect (free) on all three machines to create a weekly backup set consisting of one full system image and six differential images. I keep four backup sets so I can access versions of my files going up to twenty-eight days back in time. I back up all partitions on my computers except the one where I store my backup images. These backups allow me to easily recover from malware infections and hardware failures (disk crashes, etc.).
In addition to my backup regimen, I sync selected data directories to the cloud. In Windows I sync Documents and Pictures to WinDocs and WinPicts respectively. In GNU/Linux I sync Documents and Pictures to Documents and Pictures respectively. Finally, for both OSes I create a resources folder/directory and sync it and Music to the cloud. This makes all the appropriate files for each OS available on all three computers, and protects me from catastrophic events such as fire, theft, etc.
All the above protects me as far as the hardware and installed software can go. The rest depends on me and how I interact with the Internet, so I employ a paradigm I’ve named Cognitive Security (being aware), which is based on a skeptical attitude toward anything coming from the Internet. Essentially, I don’t trust strangers, and everyone on the Internet is a stranger, at least until I can confirm their identity, and I require something more than you telling me you’re my neighbor John Smith. Additionally, everything coming from the Internet is produced by strangers, so it’s all suspect until I can confirm otherwise, so I never trust any hyperlink I encounter, either on websites, or in email messages I receive. I start by examining the URL the link will take me to, comparing it with the content of the label. Being unable to decipher where the link will take me is a giant red flag for me, and if it doesn’t correspond with the label, that’s another. If I have any doubts about a hyperlink, I don’t click it. If I still want to go where it says it’ll take me, I do an Internet search in my web browser. Over the years, I’ve established a collection of trusted websites, one of which is askleo[dot]com, yet I still check the URLs of hyperlinks in my email newsletters to be sure they’ll take me to where they’re claiming they will (I check that the URL starts with “https://askleo.com”). If I see anything else, the entire email message’s a fake, and I’d close my email client immediately, and go to Leo’s website to tell him about it. This has never happened, but it could.
I hope all this helps others,
Ernie