Tag: security

I already have a backup, why do I need another?

.Reading time 3 minutes.

A common question, and I’m glad you’re aware you have backup and its importance!

With so many backup systems and options, it can be easy to get overwhelmed. So I’m going to break it down to the basics in order for you to make an informed decision!

The general rule of backups is to have at least 2 backups, one on-premise, and one offsite.
I won’t get into the details of best practices in this post, this more of a general understanding, we’ll dig in to the dirt later.

The main purpose of an on-premise backup system is for what is called a “rapid recovery”.
It’s cheap, relatively easy, and once the upfront costs are done, that’s it, no further investment, barring storage failure or upgrades.
These type of systems tend to store a lot of data, and can be very fast to restore a little, a lot, or all your data relatively quickly!
Relative to what? That will make sense shortly.

Now why wouldn’t you just want to go with the on-premise backup which is usually a “set it and forget it” type of system?
It’s the physical nature of it, it’s just as susceptible to risks mentioned below as your main systems.

The second kind of backup you’ll need is an off-site backup for the most dreaded type of restore, “disaster recovery”.
In the event of the worst happening to your equipment, let’s say a fire or natural disaster, your on-premise system went out along with it.
This has also helped out when the office is offline for an extended period, let’s say a week or more of power loss, but with just a little data you can keep afloat from home.

So why bother with on-premise, why not an off-site only option?
Sure it’ll cost more but now I don’t have to worry about losing my data anymore, right?
Eh, not exactly.
In the event of a large data loss that will require a lot of it to be restored, this can take a VERY long time depending on your setup.
Instead of the few hours an on-premise can have it done, it could take days to restore from off-site.

There’s also one other reason to have multiple backups.
No single solution is perfect.
Either system could experience a failure of some kind, or worse, become corrupted/infected.
Having different systems in place can negate that risk.

I’ll be creating posts in the future going over on-site and off-site backup systems, best practices, and other details.
Stay tuned!

Sonicwall Mobile Connect on Mac with 4433 open

.Reading time 1 minute.

Ran into a funky issue today. And yes I’m aware of the large risk, but like every rule there’s an exception.

Client has a Sonicwall with SSL VPN enabled on 443, and management port open on 4433.
It would appear that the Mac Mobile Connect client has a hard coded check for port 4433, as the VPN client kept asking for wrong certificate.
Setting the :443 port on the server name resulted in the client asking to redirect to port 4433, default port for SSL VPN.

On a hunch I changed the management port and now it’s working perfectly.

It would seem the Mac version is hard coded to check and try port 4433, as NetExtender and the Windows Mobile Connect didn’t have a problem.

“I’m always careful, I’ll never get infected”

.Reading time less than 1 minute.

I hear that all the time from my customers who refuse to get good antivirus or run without any at all.

Well, no matter how careful you are, servers DO get hacked.

A post from ESET shows that yet again you cannot say you’ll never get a virus.

Common security practices I wish I never saw

.Reading time 3 minutes.

I see these day in and day out.

The practices that would would make any computer security expert scream and pull out their hair.

To be fair, many consumers just don’t know and aren’t really told about these.
Read More

Please stop telling your friends/family/customers to fly blind

.Reading time 1 minute.

I have a request for all of those who fix PCs, or are otherwise involved in the PC business.
Stop telling people antivirus isn’t required, or telling them to use a cheap/free ineffective product.

Can some people survive without it? Yes. But the only people doing that should be professionals.

I’ve heard countless people who are NOT tech savvy at all tell me friends and “computer guys” tell them not to use antivirus.
I would stop listening to them immediately and never get help from them again.

A lot of people are easily fooled into downloading bad files.
Many download off unprotected P2P networks, open every email they get, visit weird websites, and aren’t pros who can see something coming.

You can teach them as much as you can, but they aren’t the pros you are (or claim to be).

You’re doing them no service and are only putting them in harms way, for who knows what reason.