Sign in with
Sign up | Sign in
Your question

Proposed security&backup regime-thoughts & ideas??

Last response: in Applications
Share
October 15, 2012 7:05:25 AM

Hello again.

I am working very hard on improving my security regime.

The work is not so much on the actual performance of the work, but much time has to be spent on software research, as well as what might be called ‘risk management’--doing one’s homework & trying to predict & avoid problems before they arise.

So, after much work, I have arrived at the following, & ask those more learned & familiar with such things as to, I don’t know, “suitability”, or effectiveness of all of this

My proposed security regime looks like this:


A. Software:


i) OS/cloning

Macrium Reflect Home Use

ii) folder & files backup

on-premise--Syncback (presently FBackup)
on-premise--USB
online--iDrive


iii) Encryption

Truecrypt

iv) Anti virus

Symantec (currently use, but on ad-hoc basis)


B.Proposed regular security regimen/schedule:

Week 1, 3—folder & files backup (on-premise, online)
Week 2, 4—OS cloning, AV update & full virus scan.


Any takers for comments on this re. software or other aspects?? Hints, suggestions, tips, things to avoid &/or that I have forgotten?

Thanks.
a b 8 Security
October 15, 2012 9:56:26 PM

I would say that on the backup strategy front, you should be doing the folder and files backup every week, at least, and maybe just do a once a month clone of the OS, if even that. Once you have a solid base image, you should be able to rebuild the rest pretty quickly, maybe just update the base image every so often to reflect security updates for the OS and other software. Once a month is probably about as often as would really be prudent unless there's some particular reason you may need to revert EVERYTHING back at a moments notice.

So focus on the files, and just make sure to keep a good base image you can use to get a system back into service quickly.
m
0
l
a b 8 Security
October 16, 2012 12:20:30 PM

Do you really need truecrypt? If you forget the password or the drive starts to fail, you may not be able to decrypt the drive/partition in order to get to the data. Of course, regular backups can help prevent a total loss.
m
0
l
Related resources
October 17, 2012 4:46:47 PM

It was a trade-off.

I have some important financial & legal data I didn't want to have placed with IDrive. They have a choice of either default/company encryption or private encryption. You & I actually communicated here on Toms about this very matter a little while ago.

So, thinking about your suggestion there, I thought that the best thing to do was to separate these very important documents into a section of their own. I could then do a complete .zip file online backup with default encryption (the company keeps the key), & not have to worry about the encryption issue there. Just in the one place-Truecrypt--and not two. I would just have to remember to delete these important documents when I go to create a new .zip file for uploading to the online backup.

Of course, the risk is that I forget the Truecrypt password, & then I have really screwed myself. With a written copy of the password placed in a safe place, I am not entirely sure where I am going to safely keep it, & I worry I might forget where I have placed it, while avoiding leaving a note to myself in my documents in my rig. This would defeat the purpose.

This issue of password is important, & I have yet to wade through the numerous documents/articles I have about techniques for creating stronger passwords. This is a subject I have been building up to for quite some time now. So far, I have been lucky, but it is not good risk management to leave things as they are.

The drive/partition issue is therefore taken care of in this process, by not being encrypted.
m
0
l
a b 8 Security
October 17, 2012 6:28:50 PM

Put a portable copy of keepass on a USB drive and use keepass to store your truecrypt password along with any other passwords you need to store.

http://keepass.info/
m
0
l
!