Monday, June 8, 2009

The most important security advice for home users!

[Make backups of your important information. Totally erase all devices with storage before you give them away]

So, because I manage Information Security for a large organization people ask me for advice on how to protect themselves.

The first thing I tell them (stuck record time) is to do backups.

The most important thing that home users can do is backup their information. That includes photographs.

Its like smokers - the people in a restaurant most likely to complain about smoke are the ex-smokers. The people who are most likely to make good backups are those that have lost information.

Except for the fact that my wife does scrapbooking, we would have precious few printed pictures of my younger daughter. They all reside digitally. If my wife's harddrive had to crash then we (potentially) would lose every photograph of our daughter ever taken.

The thing is that hard-drives are built like everything else - to fail. So, all your precious information (and every household has some) is sitting on a device built to fail. (Read that sentence again and again until you totally understand the implication.

Now, consider that most modern PCs have CD/DVD writers and the disks can be bought quite cheaply. What are you waiting for? Disaster?

Having said all of that, my SD card in my phone was corrupted. There was nothing really important on it (and what is important has been backed up) but I thought I'd try recover what I could from the device. I found a tool called PC inspector File Recovery. It is freeware and will analyse a drive and try to restore files which can be saved onto another drive. It is very easy to use and the price is right (free).

It managed to restore files that non-free software was not able to. I highly recommend this tool.

So, yes, it is possible to get files after a drive has crashed but it is not 100% and Murphy will come to the party by making all files restorable except the one you really want. Backup!

On the other hand, delete is not as permanent as it sounds. So, if you have private information on any device (including PCs, cellphones, USBs etc) assume that the information on them is readable by whoever you sell/give the device to when you are done with it. Another good free tool is Eraser .This tool will erase everything on the disk so it can't be undeleted.

One last thing on this topic. Some malicious software (eg viruses) puts fake file recovery software on your PC, encrypts files and tells you that the files are corrupted, asking you to buy the software so it can "repair" the files. Don't fall for this trick, you will just be making the cyber-criminals rich.