What Should I Backup?

What should you backup is a personal question and I can’t answer it for you definitively, but you should backup any information that is important to you. Any data that you created, obtained, hard to find, contact lists, bookmarks, passwords, etc.

On a daily basis I backup the following:

  • “My Documents” folder
  • “My Images” folder
  • “My Downloads” folder
  • Internet Browser files such as a bookmarks, plugins, settings
  • Email files such as files and settings

I also have a system setup for monthly and yearly backups which involve a different set of lists. You want to create a system to reduce the risks you identify (you can see a sample list of scenarios in my Why Backup Your Data post).

Why Backup Your Data?

Your data is the most important asset of in your computer. Hardware and software could be replaced, but if you don’t have a backup of your data and something were to happen to your computer, you will likely be in a lot of pain from the data loss. You would need to recreate all that information, and likely some of the data was irreplaceable and couldn’t be recreated.

There are multiple reasons for why you want to have a backup, here are some of the most common events:

  • Accidental deletion of files. (I’ve done this multiple times!)
  • Hard drive failure – The computer can’t read anything anymore.
  • Computer is lost or stolen – You are completely out of reach to it.
  • Environmental issues such as a fire or flood – Similar to a hard drive failure, your data is just no longer accessible.
  • Viruses and malware – Destroys your system and you don’t have access anymore.

This is why it is essential that you always back up your data and have a plan in place for recovery.

How to Know When New Security Patches Exist

While the built in tools are made to help you get notifications of new security updates, you might not notice them in a timely manner due to various factors. One way to stay up to date on when security patches are released is to subscribe to security notifications from the vendors or utilize a service that aggregates all the security information.

This is not a complete list, but a simply a list of the top vendors you should be aware about as the attack surface with those products are incredibly high.

Email or RSS based security notifications:

Where to Find Software Patches?

This will vary to what operating system and applications you are running. Based on the most common software products in use for Microsoft Windows based machines, Adobe Reader, Adobe Flash and Oracle Java are the top products have frequent updates for security patches.

Microsoft releases their security updates every second Tuesday of the month. This well-known release schedule for security updates will help you plan their deployment updates accordingly. On occasion, Microsoft will release a fix out of the standard schedule when a critical vulnerability has been identified and likely being exploited in the wild. Using the Windows Update control panel will take you through that process.

Adobe has adopted the “Patch Tuesday” Microsoft model to release their security updates on. This originated from customers wanting a single patch cycle to make it a bit easier to maintain a fully patch system. Adobe has a built in update tool with their Flash and Reader software. The Adobe Flash Player Distribution page and Adobe Reader page have direct download links.

Oracle releases Java updates three times per year in February, June and October. As the updates are concentrated in batches, they likely include a large number of security fixes. On occasion, Oracle will release an out-of-band security fix for high impact vulnerabilities. Using the Java control panel will take you through the update process.

As a good practice, I would make sure your computer is running the latest software every month.

Why Should I Apply Software Patches?

One major factor to your computer’s state of security is what software you are running. The more software in use, the more potential issues could be leveraged from an attacker. The top cause for a computer to get exploited is from running older versions of software which in turn have known vulnerabilities in them. This is why it is incredibly important to keep your devices up to date with updates. From operating systems, to applications, to browser plugins, you should maintain your computing environment to have the latest security updates. Vulnerabilities are identified frequently in products, which is why vendors put out patches to address them.

Password Management Tools

If you have come to the same conclusion that I have and you need strong random passwords on all your accounts, how will you manage all of them? You know you shouldn’t write them down or keep them in a plain text file, so what to do? Thankfully there are several password management solutions out there, from online solutions to stand-alone offline solutions.

The main difference between the two types systems is if you want access to your passwords online (and do you trust a vendor with all your passwords).

  • LastPass has a both a offline and online solution for your password management needs.
  • 1Password is the other top password management tool competing against LastPass. They only have an offline solution.

My personal favorite though is KeePass as it is open source software, free, and cross platform. LastPass and 1Password are cross platform as well, but they are proprietary closed source solutions. Any of these options will work fine for the majority of use cases, so don’t spent too much time debating which one to go with. Just remember to use a strong password to gain access to all your other passwords!