Compucare Blog

Email!

Our inboxes function in a world riddled with viruses, ransom-ware and malware. It would be great if every malicious attempt came with a clear warning, but they don’t. The warnings tend to be more subtle. Yet, they become more obvious if you know what to look out for.

It is cheaper to teach your staff how to spot malicious attempts than to deal with consequences of a successful cyber-attack via e-mail. We created a simple guide to help you stay safe in cyber-space. Please share it with your team and encourage them to read it. This guide consists of 7 simple steps which will help you identify a malicious email. Be encouraged. You don’t need to be an IT expert to be able to do that.

Click Here to Subscribe & Receive your Free Guide Now.

 

Online data backup is of crucial concern to many businesses, and for some, their ongoing trading depends on it. IT support, London, can be expensive at the best of times, particularly if you are employing your own IT staff. But by outsourcing your IT needs, you can access a multitude of best practice techniques and solutions that can make sure your business is forever live and is running the smoothest it possibly can. For those people who want the industry’s best IT support instantly, Compucare can deliver the best solutions.

As well as the capital, we supply IT support to Surrey, which comes with a full data back up system. All of this data is stored off site which can free up space on your premises and reduce maintenance costs. All of our backup systems are fully automated, but also offer the maximum in security and validation. What this adds up to is a service which will provide fail safe backups to many different imperative services such as Microsoft Exchange Server and Mailboxes, Microsoft SQL, MySQL Database, Oracle Database, Lotus Domino and Notes as well as offering In-File Data and volume shadow copying.

The reliability of our system means that we can offer you Business Continuity Data protection services as well as backup schedules and state of the art encryption algorithms. Our storage solutions are therefore a fantastically economical solution which can provide your business with the data protection it needs. And the price doesn’t change if you require IT support in London, or elsewhere.

Common Network Security design flaws

Network Security is a critical function of your business’s Information Technology. However businesses still overlook and fail to implement both easy and simple security Network design practices. Common mistakes that compromise a business’s IT Network defences are as follows:

1. IT security threats are evolving 24/7, 365 days a year, and because of this your IT security architecture must evolve also so that it is upto the challenge. Therefore, best way to accomplish this is to evaluate your IT security needs ongoing and test it to find the flaws. And then invest in those areas.

2. However, as you know the economy has been in recession over the last few years, and company profits have been challenged. Therefore, there is more pressure to utilise existing server resource. Based on this, it is sometimes tempting within business to maximise resources and host multiple applications on one server. Whilst this is not negligence, it is well known that as the source code within applications increases, your IT Network becomes vulnerable to exploitation if capacity isn’t increased in line.

3. I recently completed a proposal, and in this I was asked what was the biggest threat to any company’s IT Network security. I didn’t have too think too long about this as my answer always has been desktop PCs. As companies focus their attentions on securing their Network Servers but then fail to spot their Achilles heal being desktop PCs.  Unless desktop PCs are given adequate security measures, their users/employees will be prone to unauthorized software installations (malware/spyware) and new viruses which will result in considerable downtime.

4. A Website needs SSL encryption so that any website visitor wanting to make a purchase and enter sensitive information, such as their username, password and credit card details. However, many organizations make some bad decisions when it comes to securing their Web portals. The security flaw I see most often is including insecure content on a secure page. When this happens, users receive a prompt asking if they want to display both secure and insecure content. This gets users in the habit of giving Internet Explorer permission to provide insecure content.

5. A less obvious but even more common problem is that organisations fail to encrypt critical pages within their Websites. Any page that provides security information, security advice or tips, or detailed contact information should always be SSL encrypted. It’s not that these pages or even emails are really sensitive. Only that the SSL Certificate used by the encryption process guarantees and reassures all users that they are gaining access to a legitimate, unharmful Website rather than a page that is implicit and part of a phishing scam.

6. Another Achilles Heal is using only Self-Signed Certificates. Whilst self-signed certificates can be best described as better than nothing, they are certainly NO valid substitute for a SSL Certificate from a well respected and trusted SSL Certificate authority. Self-signed certificates are intended to initially help ensure a product/s or service/s security until an IT Administrator can secure it. A self-signed certificate will provide SSL encryption, but users will receive warning messages in their internet browsers because their PCs do not trust the certificate – we have all seen it, and because we see it rarely chance the website visit just in case.

7. We all recognise that it’s important to log all events that happen on your IT Network, as not doing so can have dire technical consequences to your IT Network. However, it’s also important not to go over the top and undertake excessive and pointless logging. Excessive logging can make it hard and difficult to locate and pinpoint the IT security events that you are really and clearly interested in. Therefore, rather than logging everything, focus on logging the events that are significant and relevant to your daily IT Support activities.

8. Virtual Servers are most commonly situated on host servers, and also by their activity and performance.  To give an example, a higher demand Virtual Server may be on a host with a few lower demand Virtual Servers. Based on activity and performance levels, this is not the worst idea, but overall the approach isn’t the best idea from a security angle.  In such a situation, we usually suggest using dedicated virtualization hosts for any Internet facing Virtual servers. In other words, if you have 4 Virtual servers that provide mission critical services to Internet users, it would be sensible to consider grouping these Servers on a virtualization host, but it is also sensible not to put Infrastructure servers on the host. We suggest this because your odds and chance of succeeding against a hack or attack are improved if virtual machines which are exposed to the Internet, share a virtualization host with similarly hardened Web-facing servers.

9. Another suggestion we make is and always try to avoid is, try not to place any member servers in your DMZ. The DMZ is a firewall configuration for securing local area networks (LANs). If this becomes or gets compromised, a member server will reveal information about your Active Directory.

10. Alike many, you probably depend on your users to install updates. A common and sometimes overlooked security flaw depends on users to properly add these security patches. Previously I have seen IT Network deployments that use Microsoft Windows Server Update Services to patch their network workstations. Unfortunately, these deployments sometimes rely on the users to click the option to install all the latest updates. However, as we know from our own experiences, the problem with this is that we all know that the updates process is going to require them to reboot their computers. Therefore, if any of the users are embroiled in their work, have deadlines to meet and don’t want the hassle, some users will or may delay their updates indefinitely – this can open a can of worms. In order to resolve this work practice and relying on end users, use a patch management solution that pushes through security patches automatically without giving your users the choice.

Simon Elias – Technical Sales Director, Compucare Systems Ltd

Web: www.compucaresystems.co.uk

To receive ongoing news and updates such as this, please add yourself as one of our followers via Twitter.

Whilst tape backup systems have been used by organisations for well over 25-30 years, the amount such Tape Backup systems are used today is decreasing fast. The reason for this varies from slow speeds of the tape backup devices, to the overall reliability of the device used – as in it breaks down and backups fail.

Whilst Tape Backup systems capacities vary ranging from approx 8 -10 Megabytes upwards, the fact remains that this is incredibly slow and error prone, and so not exactly the most dependable method to store your organisation’s computer data.

Tape Backup

Creating a backup of just 10-12 Gigabytes to a tape drive can take easily several hours. Not only is the timeframe an issue, but these tapes can very easily be damaged by internal magnetic waves. With slow transfer speeds and increased risk of potential data loss it can be deemed sensible to review and evaluate an alternative to your old fashioned tape backup system.

External hard drives are now easily available and in fact are very much off the shelf and all come with large amounts of backup storage space, and speeds that traditional tape systems cannot compare or compete with. I mean, compare a USB flash drive to a DVD-R and you give yourself an idea. External hard drives these days have impressive storage capacities and you can very easily purchase an external drive that is capable of 2-3 hundred gigabytes of storage space. So using an external hard drive for backup purposes is not just more secure and safer, but also a lot faster. An external hard drive these days easily connects to a system via USB 2.0 or via a Network connection. All of those connection methods will deliver file transfers that are much, much faster than a traditional tape backup.

In addition to external hard drives, you can always look into buying backup file servers. These servers can easily add several large hard drives to the backup file server to enable as many backups as possible. Obviously, external hard drives and file servers cost more than tape backup hardware, but of course are more faster and reliable.

Whilst buying servers and hard drives cost more than “good old fashioned” traditional tape backup systems, they are easily more reliable, and as mentioned before hundreds of times much faster.

Given the above and how I feel, it may sound like the day of tape backup systems has been and gone, but I am still aware of a number of companies who still use and rely on tape backup systems for their data backup requirements. As alike technology in itself continues to progress and develop, the price of external hard drives will become the same price as tape backup. I think that  we have already reached that point but leave the question open.

Tape backups enable the user to periodically and as and when required copy and duplicate the content of all or an amount of data from its normal “day to day” storage device to a tape cartridge so that, in the event of a computer system network crash or disaster, the data will not be lost and a copy available to enable a full system restore. Tape backup can be done manually (don’t forget!) or, can be programmed and scheduled to happen automatically at the end of the day or business hours.

Tape backup systems enable the backing up of a hard disk and/or large amounts of storage for archiving and Disaster Recovery purposes within enterprise. For enterprise tape backup the Linear Tape-Open (LTO) is an industry standard from Hewlett-Packard, IBM, and Seagate.

Simon Elias – Technical Sales Director, Compucare Systems Ltd

Tel No: 0203 002 5008

Web: www.compucaresystems.co.uk

To receive ongoing news and updates such as this, please add yourself as one of our followers via Facebook or Twitter.

5 good reasons for effective IT Support …

1. Effective Data Management. Adequate business reporting requires the use and manipulation of various data that is generated within and throughout your organisation and it’s operations on a daily basis. Thereafter, this data can be used to forecast, project and plan for future developments. And when manipulated predict management or organisational issues before they actually cause disaster.

2. Business Cash Flow.  Accounting systems are absolutely essential in providing upto date management reports that predict your cash flow and tax reporting. Effective management of your cash flow is OBVIOUSLY a fundamental and essential process within any business. Therefore, always ensure that you have the correct software to undertake this, but also online data backups and data protection systems are also in place as well.

3. Company Inventory. An organisation that is maintaining ever-changing stock levels must have reporting systems in place to ensure that adequate stock levels are maintained ongoing – thus ensuring orders are always fulfilled and customers aren’t disappointed should their order not be delivered or actioned. The management and correctly ordered flow of stock is again essential to the cash flow of any business. As orders placed that are not fulfilled means order cancellations and an unhappy customer who is unlikely to come back again.

4. Technical Expertise. As your company IT Systems develop and grow ever larger, there is also an increasing likelihood that the company data may become corrupted occasionally. Therefore based on this possibility, having good IT Specialists who understand effective Disaster Recovery available is an essential tool for the daily running of any organisation. As you will be able to quickly rectify your IT problems as and when they arise with minimal loss of productivity.
5. Prevention is better than Cure. The most valuable resource available to any organisation is that of data loss prevention. Appointed IT Resource Teams that are assigned to eliminating the very possibility of data loss will decrease the likelihood of data loss which again threatens the very success of any business.

Overall, a Professional , multi-skilled IT Support company is the best tool a business can have.

Simon Elias – Technical Sales Director, Compucare Systems Ltd

Web: http://www.compucaresystems.co.uk/

To receive ongoing news and updates such as this, please add yourself as one of our followers via Twitter.

The latest Small Business Server 2011 Standard has updates to both the Windows Server OS and the applications that make the package such as SharePoint, Exchange and WSUS (Windows Server Update Services). Additionally, this is will not be the only Microsoft SBS offering.

In fact, Microsoft now has 2 Small Business Server products — or will shortly. SBS 2011 Standard (upto 75 users) and SBS 2011 Essentials (upto 25 users), which is due to be released in the first 6 months of 2011. Both are Windows Server 2008 R2 based, with user friendly management consoles and remote access. However, both are different in who they are aimed at and what they offer. The Essentials product is there entry-level business application of Windows Home Server, designed to be used by corporate with up to 25 users. The Essentials product focuses on file sharing and client backup and doesn’t include SharePoint or Exchange Server, and that buyers will use cloud services for email, collaboration and other SMB applications. The Essential product is also relatively cheap to implement as you only have to pay for the server, not licenses. Small Business Server 2011 Standard users also get a full copy of Exchange Server 2010 SP1 with Support for the browser-based Outlook Web Application.

The Standard product can best be described as a trusted and established server solution and is capable of handling up to 75 clients on one Active Directory domain. Additionally, it includes on-site email and collaboration servers just like Exchange Server 2010 SP1 and SharePoint 2010 Foundation. Also the Premium edition of Small Business Server has been removed, so this requires customers to have the foresight and decide whether they want SQL Server on their Network or not. But personally, I would ask why wouldn’t you want it? Based on this, there is now an add-on that enables purchasers of both Standard & Essentials to install a separate Windows server to host the SQL software and other server responsibilities such as Hyper-V virtualisation for example.

Because Standard is fundamentally based on Windows Server 2008 R2, a 64-bit hardware is required to support Small Business Server 2011 Standard. Not a big problem, but to give it some thought if you were a new customer it would be an unwelcome surprise (and cost, in today’s world) if you chose to upgrade. The essential requirements are that Microsoft suggest at the very least a Quad-Core Processor and 8GB of RAM.

For our initial tests, we undertook a new install that conformed to Windows format and this was (I am happy to say) very easy and straight forward. With the hardware re-booted we were able to start managing the server using the new console, which starts by listing the tasks that need being performed, with direct links to wizards and help tools that will be needed to complete the tasks – and all in one place very helpful indeed.

The new console makes day-to-day management of the Small Business Server 2011 Standard easy and straightforward.

How to manage the Server

As I said before, we found the SBS console very easy and straightforward to use. The help wizards also prove very helpful and actually do what they say they do. PCs can also be configured using the console, or via the browser. Backup is included within the Small Business Server 2011 Standard, only the Server data is protected and client backup isn’t supported and there is also no Disaster Recovery option available.

Daily management is handled via the Small Business Server console that includes Backup. However, only backup server data can be backed up, with limited control on how the backups are done. Restoring deleted files and folders again proved very easy and straightforward, but from my checks there is no recovery or support for tape backup or Network-attached storage, only disk. Share management proved easy, alike website management with an integrated intranet site that fits needs. A security tab is also available with tools to check/manage Antivirus & Spyware protection, although you have to purchase the software that provides that protection.

Another Essentials product feature available is the enhanced Remote Web Access tool, which is now a SharePoint application. This provides all users secure Remote Access to their network resources via a browser, including email, shared files, server-hosted websites and Remote Desktop connections. In this release, there is also access to shared files via a browser, via the Remote Web Access application.

To arrange your free IT Appraisal/Consultation and to discuss any of the Windows Server family and find out which platform is the right fix for you please contact me using the following details.

Simon Elias – Technical Sales Director, Compucare Systems Ltd

To receive ongoing news and updates such as this, please add yourself as one of our followers via Twitter.

Here we compare Symantec Systems recovery against Acronis True Image.

A drive imaging programme is a utility that creates a backup snapshot image of your disk drives, more likely your C: System drive. However, Imaging programmes are different from Data Backup solutions in that they can back up the entire Windows Operating system. Whereas, the Data backup speaks for itself, as it backs up data only.

You can use the backup image to recover from various system failures, spyware/malware infections and simple installations that have crashed and gone wrong resulting in yet more downtime. Imaging programmes can also be used to backup your data as well as your OS but are not ideal for the task. As your DR plan tends to include this as part, but is not as regular and tends to be a weekly task.

We are reviewing Acronis True Image and Symantec System recovery as they seem to be the solutions that provides all the much needed functions and features and have overall user reliability so deemed to be the best imaging programmes. But even still, choosing between the 2 is very, very hard. But Symantec System recovery is known to experience problems with corrupted images. Which to my knowledge Acronis True Image hasn’t that problem.

Installation Issues

Both Symantec System recovery   and Acronis True Image experienced installation problems, so I had to call their respective support departments. Overall, the experience with Acronis support was in my opinion much, much better. As what was discovered was that another application called Process Guard which provides basic but competent PC protection was interfering with the operation of the programs.   Once Process Guard was uninstalled and removed, the installation difficulties experienced were resolved and enabled me to investigate the 2 solutions further.

Corrupted Images

Once Process Guard was removed from my PC and was inactive, I still continued to have ongoing problems with Symantec System recovery   with corrupted image files.

Based on my experience not all images had a problem. We discovered this when we attempted to recover from an image file only to find the image couldn’t be used – which is challenging, given that is exactly what you want to do.  Additionally you get no warning or notification of the problem/issue other than log file entries. Based on this, we now suggest all Ghost users start monitoring their log files.

Symantec System recovery and Acronis True Image Product Features:

1)    Acronis True Image will run on any Windows version from Windows 98 onwards.  Symantec System recovery   requires Windows2003 and Microsoft .Net Framework 1.1.  Acronis True Image does not require .Net Framework.

 2)    Symantec System recovery  and Acronis True Image offers the ability to do full or incremental backups.  An incremental backup preserves data by creating multiple copies that are based on the differences in those data:  a successive copy of the data contains only that portion which has changed since the preceding copy was created. If you have free/available hard drive storage, we suggest you always do a full backup for all drives.

3)    It appears that versions Symantec System recovery   cannot exist on the same machine.  If correct, this could be a potential problem.

4)    Acronis True Image backs up individual files or folders.  Symantec System recovery   does offer this level of granularity and can only backup full drives or partitions.

5)    Both solutions have the ability to list and restore individual files or folders from an image backup.  However, based on this experience, Symantec System recovery   was easier and more straightforward on this process.  All you have to do is find the image archive you want and then click on the “explore” button.  Ghost has the image on a spare drive letter.  Acronis True Image does the same, but uses separate help wizards called PLUG & UNPLUG.

6)    Symantec System recovery   has a very helpful feature that enables you to run a backup when one of the following events happens:

•             A new application is installed

•             A user logs on to their computer

•             A user logs off from their computer

•             The data added to the drive exceeds the amount (in megabytes) you specify

7)    Whilst Acronis True Image doesn’t enable the option to run a backup on pre-configured events which Symantec System recovery   does, it does offer a feature named “Pre/Post Commands” that enables you to do just about any task before and/or after a specific backup runs.  Ghost does not offer a feature anything like this.

8)   Acronis True Image has additional user functions such as being able to turn off Windows System Restore and adding a new Hard Disk to your system.

 9)   Acronis True Image allows you to setup a secure and private partition called “Acronis Secure Zone” to store your backups.  To my knowledge, Symantec System recovery   does not offer this.  Additionally, used in conjunction with the Acronis “Startup Recovery Manager” you can boot into a Linux version of Acronis True Image direct without needing a boot CD.  Please note, that when the Startup Recovery Manager is activated, the normal MBR (master boot record) will be overwritten.

 10)   Symantec System recovery help file is easier to locate information than via the Acronis True Image:

a)      When clicking on the “Help” button in Acronis True Image, doing so always links you to the main Help window, not direct to the section that you are looking for help in. You then have to search through help files looking for the right item.  The help file also has NO functions for searching or printing.

b)      However, Symantec System recovery   help file is Windows based and includes index and search functionality. And so is very easy to use.

 11)   Symantec System recovery, Acronis True Image doesn’t include a menu drop down to check for new updates.

a)      Symantec System recovery   and Acronis True Image require activation/registration first.

b)      The Acronis True Image update check is a manual process.  You need to click Help-Web Support, which links you to http://www.acronis.com/homecomputing/support .  Then you have to click the “Get a product update” link.  This links you to a page that lists all the latest builds for all Acronis products.  Then return to the Help menu and check the about entry for the build you have.  Return to the product update page and check your build against what is the most latest build.  YES it takes some time to do the above and should be easier.

 12)   Acronis True Image does not have the offering to limit the amount of backups for a specific drive/partition as Symantec System recovery .

a)      With Symantec System recovery, you can set a limit of, for example, 2 backups for whatever the backup job is doing.  Symantec System recovery   adds a number sequence to each backup so that the file name is always different from the previous backup.  Therefore, when the number of backups is exceeded, Symantec System recovery   automatically deletes the oldest one of the backups.

b)      Acronis True Image cannot do the above (a) and you would have to create a script or manually rename the backups if you want or even need to maintain more than 1 version.  Please note, that if you don’t rename the previous backup you want to save, Acronis True Image will overwrite it without any confirmation or warning.

13)    Investigating Image restore capabilities for both The Symantec System recovery  and Acronis True Image.

a)      The Symantec System recovery   interface is driven by the original install CD.  Just insert the CD and reboot, you do not have to create a separate boot CD, as you have to with Acronis True Image if you are not using their “Startup Recovery Manager”. Acronis True Image’s primary restore environment is Linux based but there is also a DOS environment if the Linux version isn’t working.

 14)   Both Symantec System recovery  and Acronis True Image can backup to hard disk offsite and on premise.

a)      Acronis True Image also installs their own ASPI (Advanced SCSI Programming Interface) layer, allowing you to backup an image direct to a CD or DVD if you have suitable software installed.

b)     Symantec System recovery   backs up to a hard drive and other suitable storage devices. Please note, that when backing up to portable media.

 15)   Symantec System recovery   provides the user the option to select destinations for error messages from the event log, whether it be the System recovery  internal log or SMTP email.

16)   Acronis True Image provides a Windows based log with the option to export this log to a file.

17)   The Symantec System recovery   log viewer for completed backups provides only minimum information whether the backup was a success or failed.  No information is displayed or provided for the start time within the viewer.  You have to look up the scheduled start time to obtain that information, making the total time for a backup longer and harder procedure.

  18)   The Acronis True Image log provides some detailed information but can get a little confusing due to messages that are relating to analysing all drives before starting the backup.

19)   Acronis True Image can export a status to a text log file.  However, even though the export is in text format with a default “.log” extension, however for some reason, it displays with HTML tags which makes it harder to read.

a)      However, Acronis True Image’s log detail is much, much better than Systems Recovery.  You can view all the detail from start to finish in the standard display window. As also view the total amount of time used for the entire backup.

 Finally, I have learnt from experience that it is always best to verify their image backups or at the very least try to boot the image restore DOS program before you need it.  I cannot stress enough that it’s imperative to verify image backups.  As being left lumbered with a backup that you think is good enough but isn’t really, is the recipe for disaster and not disaster recovery. Also, always ensure that you test so that you can boot into the DOS recovery program before you need it. Finally, to really improve your escape route you should create a copy of your Hard drive, then try a test restore from an image backup external to Windows, and check that everything works so that you are familiar with the process and so that you are ready when a real error occurs.

Conclusion:

Whilst both Symantec System recovery and Acronis True Image have their own unique features, the functionality of both programmes means to me that there is no clear winner.  However, based on user experience, Acronis True Image’s overall functionality, reliability and user interface is in my opinion easier and clearer to understand. And so for that reason, my personal recommendation when moving forward for a disk-imaging programme is Acronis True Image.

To arrange your free IT Appraisal/Consultation and to discuss your current IT requirements please contact me using the following details.

Simon Elias – Technical Sales Director, Compucare Systems Ltd

To receive ongoing news and updates such as this, please add yourself as one of our followers via Twitter.

We do not need to list the companies who have had their Network Security compromised and their customer subscriber details hacked and stolen.  

So based on this near ongoing churn of similar news reports, all account holders/subscribers will have then been instructed to change their passwords/login information. And as some tend to use the same login password details for other websites that they use, they will have to change others as well or risk their account being hijacked or become the victim of idendity theft.

What this means is that you should log in to your account  and create new passwords that are new, not been used before and are more secure — especially as some users have done is use the same password to log in and use lots and lots of different websites. Based on this, we have created a simple checklist and tip sheet on how best to achieve this and protect yourself:

1.       Always choose a strong password

A bad password is the “safe cracker” password, which is easily cracked and broken in to.  So given that it is easy to find out, the question to ask yourself is what makes the strongest password. Based on this, here follows a list of which ones you should avoid, such as:

abc123 – not that difficult to memorise is it?

12345, 123456, 1234567, 12345678 and 123456789 – most can count to that.

 Password – not that hard to forget either is it!

And finally…..  iloveyou, princess, rockyou 

All of these passwords are weak and for every hacker, easily cracked.  With ‘password’ in my opinion,  the absolute worst of the bunch. Most online accounts have usernames and passwords that use nicknames, slang abbreviations or dictionary words as their passwords. The easiest password to break  apparently is ‘123456’.

The first things hackers test when trying to break into an account is try an account who use their username as their password. 

2.       Passwords that are worth avoiding

As well as those Passwords already mentioned and using your username as a password (which most accounts no longer allow as part of their security measures), there is a numerous array of other passwords that you should always try and avoid. For example, bin weak passwords like nicknames, company names, favourite holiday destinations or the name of your favourite football or rugby side.

You should also avoid any dictionary words as simply using a dictionary word with a mix of numbers  – for example, ‘m4rs’, ‘jup1ter’, ‘pl4net’ or even ‘3ngland’. As this password type is incredibly weak as well.

The reason you need to avoid passwords like these is because they are common and so alike all the other easy passwords easier to crack. As any password that contains words and letters can so easily be guessed – as in “1 is an I” and “3 is an E”. A hacker has their tools just like a “carpenter has his saw or hammer” as they use automated programmes to systematically and efficiently check one dictionary word after another until they find the right one that’s the password.

Or they may use a methodology called ‘exhaustive key search’ otherwise known as a ‘brute force attack’ whereby a vast array of the same word are attempted until the right one is found. This is why passwords like ‘m4rs’ are ‘jup1ter’ aren’t deemed secure passwords.

3.       The Dos and Don’ts for creating passwords

There are simple ways to help ensure your passwords are always as strong as possible.  

  • Use a different password for each account you create, or the hacker will only need to guess one password and thereafter the hacker will have login details access to all your accounts. Obviously, this will play havoc with your memory, and so without a secure place of recall make it easy to remember. Do this, by adopting some of a payment gateways processes (Paypal or Worldpay) such as use the website’s name within your password. For example, always make the second letter of your password the first letter of the website’s name or whatever sequence you are best comfortable with and so on. This means and ensures it will always be different for each password, but also easier for you to remember for each website just using your memory. Also:

Always change your password on a regular basis.

Always use more that one of the following non-alphanumeric characters within your password:  

[ ] ( ) { } / < > ‘ ? & *, @ ~^ % ” ! .  Also if you are able to add spaces within your password do so.

As already mentioned, do not use simple sequences such ‘12345678’ or ‘ABCDEFGH’.

Do not choose a password that relates 100% to you, such as your date of birth, your house number, your partner’s name or the name of your pet dog or cat.

Do not choose a short password. Use at least 8-10 characters, and the longer the password the better it is for you and not the hacker. According to experts, a 15-character password that used only random numbers  and letters is thousands and thousands times stronger than a simple eight character password which contains any characters from your keyboard.

Never choose a password that can be found in a dictionary. These are easily cracked.

Never  recycle or repeat your password in any way. So avoid ilovelife1, ilovelife2, ilovelife3 and believe it or not ilovelife4.

Never write your passwords down for prying eyes to find.

Never tell anyone your passwords. It’s not sensible.

4.       How do I choose my perfect password?

This is best guaranteed by expert advice and when searching online to find this you will then find a strong, secure and easy to remember password.

Creating a sentence that you can remember will help form the basis of your strongest password. So using an easy to remember sentence, such as let’s say “I love Christmas and the New Year” then convert this to a password by using the first letter of each word within the sentence that you’ve created to come up with a new password. Using the sentence above would give you a password of: ilcatny

You can also mix this password using lowercase and uppercase letters within the password.

Finally, but this is where it gets tricky add special characters within your password such as symbols that look like letters to help you remember them. And then test your newly created password using an online Password Checker that tells you just how strong, or not strong, the new password you’ve created is. If it isn’t strong enough then keep tweaking and revising until it is. As the best and most secure passwords aren’t words at all so include and combine letters, numbers and punctuation marks to make that highly desired secure password.

1. When creating a Disaster Recovery plan, it is best to start with the basics and agree with Management what is essential in ensuring that the business always remains operational at times of conflict and crisis. Therefore, email access/retrieval and database back-up is at the top of the list. 2 other key areas to decide on is, who decides that a disaster has happened. And how will employees, and just as importantly its customers, be notified that a disaster has occurred.

2. Once your Disaster Recovery plan has been created, it’s essential that you ensure all areas of are implemented both correctly and effectively. As any plan is, “only as strong as its weakest part”. A Disaster Recovery plan should be recognised as essential as a company’s profit margin and should be updated ongoing. In addition, proactive monitoring such as online data back-up and data snap shot replication can result in far fewer IT issues and significantly less downtime if a crisis occurs.

3. Test, Test and Test your Disaster Recovery plan. Far too many companies fail to test their Disaster Recovery plans. An under-tested plan fails to highlight any potential pitfalls, as the ability of any Disaster Recovery plan is so that it is effective in emergency situations and can only be assessed if rigorously tested. Therefore, the testing phase of the plan must contain realistic tests so that to demonstrate that the plan stands up to the most disruptive and challenging events.

4. Perform ongoing offsite online data back-up. Any disaster that threatens to close a business is also likely to make access to on-site data back-up hard to achieve. The concerns for data back-up is security, easy access following the disaster, and ensuring that the back-up is stored in an offsite data storage centre. Also, the RPO (Recovery Point Objective) is important, based on company tolerance levels for data loss etc. Every company should back-up its data daily, typically overnight, but more frequent back-up is well advised.

5. Using tape back-up for data storage has been part of IT operations for decades, however it has long been proven that this form of back-up isn’t the most reliable. However, Disk to Disk systems are fast increasing in popularity. With both types of system, the back-up software and hardware on which it sits needs to be checked ongoing to ensure and confirm that the data back-up is completing successfully and that there are no underlying issues with the IT hardware. Good practice is, if companies use Tape Back-up, companies need to store the tapes in a secure off-site location. Whilst Disk systems need to have an off-site replication in place if the back-up is not run off-site.

6. Although the usual company policy requires its employees to store all it’s data on the company’s network, it is not deemed sensible to believe that the policy is being adhered to. Users store files on local systems for various reasons, including wanting to work on the files whilst travelling and so have the need to protect sensitive data from prying eyes. Backing up all company laptops and desktops ensures that all critical data isn’t lost in the event of a stolen, lost or damaged workstation.

7. Establishing redundant servers for a company’s critical data and providing an alternative method to access this data is paramount to a company’s disaster recovery planning. Redundant Servers in place at a secure, offsite location can bring your disaster recovery time down to the bare minimum.

8. Make investment in theft recovery and data delete solutions for laptops, as laptops are increasingly replacing desktop PCs. Whereas Desktop PCs are static, Laptops however can be lost or stolen. Based on this, it is sensible to secure data deletion and theft recovery options for their users’ laptops. Theft recovery solutions can locate, recover and return stolen laptops. Whilst data delete options can enable companies to delete data remotely from lost or stolen computers so also prevent the release of any sensitive Corporate information.

9. Always ensure regular virus definition updates. Companies do not always focus on email security until they are hit with a virus or spyware or malware does its’ worst on employees’ computers. Companies need to ensure it protect its data by installing regular virus definition updates as part of their Disaster Recovery planning. If done correctly, this will perhaps ensure or simply help prevent a disaster from occurring.  

10. Consider outsourcing to an IT Solutions provider. For a large number of SMBs it is often considered too costly to create and implement an adequate Disaster Recovery plan. As these organisation types lack the technical knowledgebase and IT Professional to achieve this. IT Solution providers have over the years become strong and proficient in performing this Corporate responsibility. IT Solutions providers have the IT skills and personnel to design, implement and manage Disaster Recovery projects. In addition, IT Solutions providers have all the IT infrastructure in place to manage a professional and credible Disaster Recovery plan. Costs are also easier on the IT budget and make certain Disaster Recovery services such as online data storage and mutually redundant servers available to SMBs. IT Solutions providers also have shared IT infrastructures that host multiple companies on the same IT Hardware and Network equipment which again helps ensure that costs are affordable and to its custombase.

Businesses nationwide are totally dependent on the data stored on its PCs, laptops and of course servers.  Because data loss disasters can occur at any given time, a business will need the very best backup solution and plan of action available to them. Below are various reasons as to why businesses should consider an online backup solution rather than the aged and problematic in-house tape or disk backup solution.

Cost – There is NO initial cost. In today’s cost sensitive world, nearly every business wants to avoid large capital expenditure. An online backup solution is operated and offered on a SaaS (Software as a Service) basis meaning you just pay an easy to manage monthly subscription fee. And the set-up and start-up is immediate. This is achieved by installing a backup agent on each device you wish to backup and then the backup scheduling begins. With traditional backups, such as tape or disk, there has to be manual input to ensure the backups have worked, and the relocating of the tape or disk, so that it is secure offsite. No manual input is needed with an online backup solution.

Backup Security – Disk data storage is held within a number of highly secure data centres. Additionally, Tape backup is accused of being unreliable and so also experiences failures when the backup process is happening and the software that drive the tape isn’t always encrypted. Also, tape media should always be removed offsite and often isn’t this can cause a serious breach of security especially if your tapes are misplaced, lost or stolen in a bag you are carrying them in. Online backup solutions offer higher levels of encryption which secure the data whilst it’s being transferred and stored.  Overall, for reasons of security, the only people who should be able to access your sensitive data are those members of staff you trust.

Scalable upon Demand – All Online Backups can be increased or decreased “as and when” required so you don’t have to schedule or plan for the future.  When using a tape or disk backup solution you need to find out how much data you may have in 2 years time.  This means purchasing additional hardware capacity which may or may not be required for 2 years.  Using an online backup solution you can start your Backup with only the amount of data storage you need to meet your initial requirements and you can increase and upgrade as your data requirements increase.

BackUp Availability – Disaster never strikes at a time you want it to happen – that’s why it’s called a Disaster after all. So given this, your data should be available for restore at any time 24/7 whenever and wherever you are. Using an online backup solution your data is accessible and can be restored to it’s original location or any other number of devices anywhere in the world.

Easy Restore Availability – Data loss occurs for various reasons, not just a few, such as the deletion of files or folders in error, viruses or hardware breakdown.  So with Online Backup and whatever the reason the recovery process can be started with immediate effect via its backup software.  At the time of disaster an Online Backup solution would be able to restore and use your data with a just few clicks of your mouse. Rather than disk delivery via courier, which could take hours.

Automated – Once a Backup software is configured the data protection process is fully automated.

Technology – Online backup offers improved and ongoing levels of functionality which can be specifically tailored to meet the requirements of ever changing business processes.  

Organisation Compliance – In today’s world of legislation and regulations such as HIPAA and SOX to name just a few that has to be adhered to. Such legislation is primarily in place to ensure the privacy and correct retention of information.  Only a reputable provider would and should comply with such legislation and therefore will offer its customers total peace of mind knowing that their data is securely stored for as long as is needed.

Energy Efficiency – The more hardware based and used on site, the more energy your organisation will consume. And as energy prices continue to rise, your costs will also increase. Online backup is virtual and minimises power usage, so your costs are significantly reduced and easier to control.