Friday, February 15, 2008

Everything I need to know, I leared from enterprise-level computing systems

OK, not really ... but there are some important lessons I've learned.

    1. Backups. Unless you're using your computer to browse the web and very little else, you really should have a backup solution. I have a hard drive fail about once every 18 months, give or take. Sounds like a lot, right? Well... consider that, until recently, my laptop would go through airport security around twice a week. And while the x-rays are probably not an issue (though I'd be interested in the long-term effects), the shock is. Taking a computer out of the bag, putting it in the tray, having it slide down the conveyor, then rattle down the exit chute is probably not a great thing. In any case, though, you ought to be backing up. Frequently. Think about everything you used your computer for in the last month, everything on your hard drive, and what you would do if it was gone. With a 500GB external drive hovering just above the $100 mark, it's crazy NOT to back up. Another alternative is Carbonite, which I've heard great things about, but never used personally. The idea is that Carbonite runs in the background, quietly uploading all of your data to their VERY VERY SECURE servers. It does this while your computer is idle and connected to the Internet. You have a problem, you go to their website and you can download everything you lost. Great idea, but the prospect of my data living somewhere else makes me nervous.
    2. Encryption. Yes, I'm serious, especially if you have a laptop. Check out TrueCrypt, which is a nice, easy-to-use, well-documented, open-source (that means free) encryption product. Think of TrueCrypt as a way to create a locked file cabinet in your hard drive. Bank statements, credit reports, all that stuff that you wouldn't leave lying on the kitchen counter.... if it's on your hard drive, and your hard drive is on the kitchen counter, it's just as bad. Many laptop thieves don't care about the actual physical laptop -- a used laptop just doesn't fetch that much money -- but are MUCH more interested in the data on the laptop. Bank statements, social security numbers, all sorts of goodies. So if you have sensitive documents on your hard drive, get TrueCrypt, set up an encrypted volume, and put the good stuff in there. It'll take you an hour, and give you peace of mind if anything bad happens.
    3. Sanitization. Ah, so you're thinking of upgrading your hard drive, or maybe your whole computer. Great! Now, what are you doing with the old hard drive? There are a few options:
      • Do Nothing. Just give away or sell the old hard drive. Advantage: Quick and easy. Disadvantage: All the data on the hard drive goes with it. Are you SURE you got rid of all of those compromising pictures?
      • Delete Everything. Great ... but if someone is really motivated, they can still get to the data.
      • Delete Everything, then scrub the drive with a DoD-style 3-pass erase. You just need to go grab Eraser and use it to "scrub" your hard drive. I won't bore you with the technical details, but deleting a file doesn't really delete it. Eraser really erases your drive, so that NOBODY can get to anything on it.
      • Electromagnet. Find someone with a VHS tape eraser (or, better still, one of those car magnets that you see in junkyards) and do a few passes over the drive. It'll probably scramble the drive, but the drive will also probably never be usable again. So if you wanted to give away or sell the drive, don't do this.
      • Physical Destruction. A hammer is a pretty good way to destroy a drive. Only sure you REALLY kill it. You don't just want to dent the case, you want to make sure that the case has been completely compromised and that the physical disk inside has sustained significant physical damage. Advantage: Fun stress release Disadvantage: Time and energy consuming; messy
OK, that's all for now, kids. I gotta go clean my tinfoil hat.

No comments: