From the Kindle book

Understanding Personal Data

Security

Personal Data

Part 2

Security

NAS Review

In Personal Data Security, you learned that a NAS is centralized storage with multiple drives

— It achieves centralized data archival/access

— It involves data redundancy (which = security)

Upgradeable

—When a drive crashes, you can replace it

—Saves the expense of purchasing a new NAS

—Zero downtime of data access

Two Types of NAS

Fixed Disk — The least desirable, least flexible

— If one drive dies, the unit is toast

— Entry-level; one and two drive models available

Open Bay / Swappable Drives —When a drive dies, simply swap out for new

—No need to purchase a new NAS, only a new drive

—Models offer 2-8 bays; 4 bay recommended

—Some sold pre-populated and configured

RAID & RAID 1

Redundant Array of Independent Disks

Available only in multi-drive NAS units

Many different levels of RAID; do RAID 1

—RAID levels 2-6 are performance-oriented

RAID 1

—Employs data mirroring (onsite backup)

—Data mirroring = data written to multiple drives

—The more drives, the greater your security

Reputable NAS Models

Buffalo

—Low-cost leader for NAS units

—LinkStation 210: $120 for 2 TB

—LinkStation 220: $210 for 2 TB; $275 for 4 TB

Qnap

—Professional, rugged styling, higher prices

—TS-220: $210 for two-bay diskless model

—TS-220: $470 for two-bay 3 TB pre-populated

Reputable NAS Models

Seagate —Two models: NAS 2-Bay and NAS 4-Bay

—Both feature Seagate’s NAS-optimized drives

—NAS 2-Bay: Diskless, $175; 4 TB, $300; 6 TB, $390

—NAS 4-Bay: Diskless, $360; 4 TB, $600; 8 TB, $830

Synology —Enterprise-level quality; can get expensive

—America DiskStation 4-bay: Diskless, $400

—America DiskStation 4-bay: 12 TB, $1,200

Reputable NAS Models

Western Digital (WD) —Wide selection, consumer prices, good quality

—2-bay model, 2-20 TB, RAID 1 preconfigured

—2-bay: 2 TB, $250; 4 TB, $350; 8 TB, $500

—4-bay: 4 TB, $500; 8 TB, $700; 20 TB, $1,300

Wrapup —If you’re a business, look to Qnap or Synology

—If you’re a consumer, look to Buffalo, Seagate, WD

—Seek models prepopulated with drives and RAID 1

Disk Imaging vs. File & Folder

Disk Imaging (disk cloning) —Backup copy of complete drive and computer

—This means everything, including the operating system, hidden files (goes beyond personal data)

—Method to preserve a full computer, not just data

File & Folder Backup —More common and what is recommended

—Backs up specific files and folders, not the OS

—Way to preserve personal data, not a computer

Full vs. Incremental Backups

Full Backups —Must be performed the first time you backup

—Copies each and every file you specify

—Can take a long time (sometimes multiple days)

Incremental Backups —Copies only the files added or changed since

the last backup

—Much faster than a full backup

—Always run an incremental backup

Local vs. Cloud Backup

Local Backup

—Redundant physical copies, onsite or offsite

—Copies you make using a spare drive in a NAS or a USB 3.0 external hard drive

Cloud Backup

—Involves a service, like CrashPlan or Apple iCloud

—Upload files to “the cloud” (an internet server)

—Freemium pricing model; storage a consideration

Backup Services & Software

Cloud Backup Services

—Amazon Cloud Drive, Mozy, Backblaze, Carbonite, Microsoft OneDrive, Livedrive, Google Drive

—Can be very slow, especially during peak usage

Backup Software

—Apple Time Machine (Mac OS X only)

—Second Copy (Windows only)

—Windows 7 Backup and Restore

A Word about Offsite

Remember the 3-2-1 Backup Rule —Three copies of your data, with one offsite

Offsite = out of your neighborhood

Not truly secure until current backup is offsite

Why? Natural disasters and theft —If all of your backups reside in your home, how

likely is a fire, flood, or theft?

—How about other natural disasters, like tornadoes, hurricanes, and typhoons?

Password Review

Generally speaking, longer is better

“Strong” passwords have common traits:

— Complex (mix of letters, numbers, and symbols)

— Random (no personal details or patterns)

— Unique (no patterns or repeats from others)

Must have diff password for each account

Must update all passwords every six months

Must tell no one; as in no one

Passwords: How?

Unique passwords on each account and updates every six months seems impossible —Nearly no one actually does this

—This means you and most others are vulnerable

Must employ password vaulting & generators — Vaulting app = memorize only a single password

— Vaulting app stores all of your strong passwords or long passphrases in a single place

— Password generators great for random & unique

Password Generators

Web sites, applications, or mobile apps

—Web sites are risky; not recommended

—Mobile app in your smartphone is best route

Reputable password generators

— Norton Identity Safe Password Generator

— random.org

— Strong Password Generator

— PC Tools Password Generator

Password Vaulting Apps

Practice of storing many passwords behind a single, very strong “master password” — Sometimes called password managers

— Because same password on multiple accounts is a serious security vulnerability

Reputable password vaulting apps — LastPass (free or premium accounts)

— Password Genie ($15/year for desktop; mobile apps)

— Dashlane (free and $30/year versions)

— RoboForm ($10/year, includes auto form filling)

Password Strength

Complicated math behind calculating resiliency

— You already know the basic rules: longer is better, should be random, complex, and unique

Howsecureismypassword.net

— Helpful tool for testing password strength

— Don’t use one of your actual passwords

— Submit passwords similar to one of yours

— Great tool for educating yourself

— Compare short, simple passwords with long, complex

Malware / Virus Review

Use caution with freeware/shareware

—Freeware often carries adware, spyware, and other forms of malware

Either avoid freeware or do your homework

— Download only from reputable sources (like CNET’s download.com)

— Even Oracle’s Java software tries to install adware

— Carefully read the install screens of freeware install wizards (most schemes are opt-out)

Cleanup Only Anti-Virus

When the poop hits the fan, what to do?

—If your virus definitions become out-of-date (because your anti-virus subscription expired)

—If you really screw up and have no anti-virus software on a particular computer

Malwarebytes Anti-Malware 2.0

— $30 on Amazon, with lifetime subscription

— Won PC Magazine’s 2014 Editor’s Choice award

More About Phishing

Phishing = fraudulent attempt to get your account info, including password and SS #

Most phishing attempts masquerade as eBay, PayPal, or your bank

Best way to avoid being a phishing victim: Don’t click the link in the email lure

To learn more, visit onguardonline.gov

—Forward phishing email to spam@uce.gov

Advice about Malware

Remember, when it comes to viruses and malware, the best medicine is prevention

Always run anti-virus software on every computer in your home

—Single unprotected PC on your home network could act as a gateway for hacking or infection of all other computers and connected devices

Keep anti-virus subscription current

These slides are derived from the Amazon Kindle book

Understanding

Personal Data Security

by Curt Robbins

Other Books by Curt Robbins

Home Theater for the Internet Age

Understanding Cutting the Cord

Understanding Digital Music

Understanding Home Theater

About Curt Robbins

Blog: Middle Class Tech

Flipboard magazine: Middle Class Tech

Twitter: @CurtRobbins

http://amzn.to/ZGfnBD