This is a phrase I find myself repeating every time someone asks me what they can do to protect themselves from hackers and malware.
Sure, there are things you can do to minimize your risk. Keeping your software up to date, install an antivirus, don’t visit sketchy websites. But there is nothing you can do to ensure that you will never be attacked.
Recently, a vulnerability in our Content Management System allowed a hacker to inject malicious code into our website.
Thanks to our disaster recovery planning, we were able to get back up and running within minutes of discovering the attack and with minimal loss of data.
You can apply these same methods to your home computer.
Backup: Keep a local backup on an external hard drive and use a service such as Carbonite so that your data is available even if the local backup is compromised.
Segregation: Keep guests on a guest network. If possible, have separate computers for work and play.
Updates: While Windows allows you to automatically update, it does not properly alert you when updates fail. Spot check by manually running updates. Also be sure all your other software is kept up to date.
Vigilance: Check your anti-virus’ status regularly. It can often give you clues when it’s not doing its job properly, such as repeated detection of the same malware. Also, don’t dismiss warning signs of infection such as unexpected pop-ups, frequent crashes, and slower than normal response times.
If any of this seems too cumbersome, Hey PC Guy’s Protection Plus subscription paired with a cloud backup service can manage all of this for you.
Regular backups stored in geographically separate locations ensure that even in the most dire emergency, we only lose the content created since the last backup.
By keeping our data systems separate from each other, we can isolate systems and apply stronger security measures to those systems with more sensitive data without impeding our customer’s use of our website or other public facing services.
Out of date software is the most common avenue of intrusion. Once the intrusion and vulnerability were discovered, we immediately applied a patch to prevent the hacker from using the same method to access our site.
By frequently looking for problems, we are able to react to them quickly.
Have you visited our website recently and are concerned that you may have gotten an infection from this security breach?
We have thoroughly scanned all of our subscriber’s computers and saw no indication of malware originating from this attack. However, if you are not a subscriber and would like to double-check, simply email us at firstname.lastname@example.org with your contact information and we will contact you to determine if you were at risk. If you were, we will provide a free virus removal service.