This article is also available to download as a word processor-friendly .RTF document at http://pc3.org/news/bytesplus/safeguard.rtf
Safeguarding Your Personal Computer
A review of the most common causes of PC failure and a few simple precautions you can take to ensure long-term, reliable service from your equipment
By Jack LaPointe
CompuSure Data Management Technologies
"A surge protector is essential in almost all environments"
"At a minimum, you should have a user account with a password"
"Faced with such an insidious foe, what can a casual user do?"
"Things that need to be to be done as regular maintenance"
"Yes, Y2K is a problem. Yes, it's going to effect a great many PCs"
"What is the value of the data on your computer?"
American Enterprise is in the midst of a change so fundamental that it rivals the transformation brought on by the industrial revolution. The day to day conduct of business is moving relentlessly toward the "paperless office" as computers takes on additional roles in more offices. The computer has become our accounting journal, file drawer, typewriter, and communication tool - the heart and soul of business operations.
With this emerging reliance on the PC come opportunities for greater efficiency and productivity. In 1960 fewer than 5% of American businesses used computers. By 1980 that number had increased to 60%. As of 1998 nearly 92% of businesses in America use computers for some business function. But, with that growing reliance come new risks. How often do we hear the phrase "my computer is down" associated with a range of problems from minor inconveniences to the loss of valuable, often critical information?
The computer can be an incredibly effective tool in the struggle to stay competitive. However, the more your office relies on PCs, the more vulnerable you become to a number of potentially unfamiliar problems. For example, power spikes and blackouts can cause file corruption or even component burnout. Intruders, both local and remote, can wreak havoc on your data. Computer viruses can render your entire system useless. Creeping chaos may bring your system crashing down. The millennium bug has the potential to introduce date errors that may invalidate many of your applications and historical records.
According to a recent study from The University of Texas at Arlington entitled, Functional Impacts of Computer Outages on Business, "by the sixth day of a computer outage, on average, companies experience a 25% loss in daily revenue. By day 25 that number is 40%. Within two weeks of the loss of computer based operations, 75% of organizations reach a point beyond which they cannot function effectively. Finally, of all companies that experience a significant data loss and have no data recovery plan in place, 43% eventually fail altogether".
Because a disabled computer can seriously threaten your company's ability to continue doing business, you need to identify potential problems before they happen and prepare for them. This document will focus on a number of common trouble spots that routinely effect small offices PCs and offer workable solutions that will protect your computer and your business.
Before we get into these issues, it is worth noting that the single most effective hedge against such problems is a functional backup. Every computer in your office should have its crucial data backed up anytime its content changes.
back to top
"A surge protector is essential in almost all environments"
When electrical power disturbances such as spikes or blackouts occur your computer may loose data or worse. A power spike can corrupt memory and files, or lead to a crash. A power failure, even a partial one, can drop an unsaved project, and possibly corrupt any files open when the system goes down. An intense power surge or even a distant lightning strike can burn out electronic components and put your computer out of service. So it makes sense to have some sort of transient protection between your PC and the power grid.
A surge protector is essential in almost all environments. It is an inexpensive form of protection, ranging in cost from $3.00 to $60.00 depending on its capacity and sophistication. All models are designed to follow the line voltage as it rises to harmful levels and shunt the spike to ground before it can reach your computer. Virtually all products on the market today offer reasonable protection. As the energy absorbing capacity and accessories, such as surge insurance, increase so does the price. One accessory that you might not immediately think of along these lines is a modem surge protector. To fully protect your computer, you must isolate it from all sources of spikes. This includes the phone line that may, in fact, present a greater threat than the power line.
A surge protector can't protect against all power problems. The most obvious exception is a power failure. Protecting against that requires an uninterruptible power supply (UPS). Such a device represents a major step up in both cost and sophistication. A UPS is essentially a power storage device (battery) coupled with a voltage inverter designed to sustain your system when the power fails altogether. UPS's come in a wide range of power capacities and include "smart" features with prices to match. The least expensive costs about $100.00 and will power the average desktop PC for 15 minutes. All recent UPS’s include some sort of surge protection in addition to the power support. If you experience frequent power outages in your neighborhood, this may be a great investment.
Despite all these encouraging comments suggesting that power problems can be managed, the truth is that some spikes are just too strong to be deflected. Nothing will protect a system that takes a direct (close) lightening strike, and under those circumstances nothing will be left to salvage. It is, therefore, worth saying again, keep a good backup and the means to restore it at hand. If all else fails, you can replace, rebuild and carry on.
back to top
"At a minimum, you should have a user account with a password"
Think nobody cares about what's on your computer? Think again. Your first thought may not be too far off, but that's not the whole story. There are plenty of opportunists out there who would jump at the chance to drop in and look around. Nothing can match the sheer mischief that a determined hacker can unleash on your system. You wouldn’t leave your wallet on a park bench. Why leave your computer wide open? At a minimum, you should have a user account with a password. Those with on line access should have their modems set to call out only - no answer.
Of course, the level of security you need depends on your environment. A small office network using an internet service provider for occasional web browsing, may be well served by Windows 95 or 98 and Microsoft peer to peer networking. These operating systems are inexpensive, easy to administer, and provide adequate security for this type of use. It is also possible to control access to your computer from your desktop by adding a password to the screen saver and from the network by setting the file sharing parameters. Security in this case boils down to recognizing these measures and taking the time to put them into practice.
Beyond these nominal security measures, there are many shareware and commercial utility programs available to extend security coverage to more specialized situations. First among these are the system utilities suites such as Norton Systemworks, McAfee Nut & Bolts, and Cybermedia First Aid. These feature a number of security checks and devises including various encryption schemes. Another type of security program that manages network interfacing with remote facilities such as the Internet is called a proxy server. One such product, Wingate Proxy Server from Deerfield Inc. (www.dearfield.com/wingate) is available to consolidate modem usage and act as a firewall between your local area network and the Internet. Another program that offers protection from Internet intrusions is Guard Dog by Cybermedia. This sort of program is a particularly good idea if a permanent connection to the Internet such as ADSL or cable has been established.
If your network has grown to the point where peer to peer networking is no longer adequate because of administrative overhead or the need to include remote facilities, then you may be well advised to consider a more sophisticated operating system such as Windows NT or Linux. These are true client-server systems, and have features that not only make them easier to administer but also add teeth to your security. You can force each user to select a password, change it periodically, and refrain from reusing it. Unfortunately, NT is considerably more expensive, demands extensive training, and requires several support programs to perform adequately. These are generally dubbed the Microsoft "Back Office" group. They are available from Microsoft in a coordinated product called the "Small Business Package". Linux, on the other hand, is available for even less than Windows 98, or may be downloaded free off the Internet. Unfortunately, all types of Unix are rather esoteric and require background and training in that area to master.
As I have said in previous sections, keeping a good backup and the means to restore it is cheap insurance. If someone steals your hardware or trashes your system, for whatever reason, you can rebuild, reconfigure, or replace and carry on.
"Faced with such an insidious foe, what can a casual user do?"
Computer viruses are a fact of life. They are generally more of a problem for large networks than for small offices, but a particularly malicious virus on an unprotected system can render it all but useless. For the average user correcting such an infection without an anti-virus program would be difficult, to say the least. To clean up an incident a worst case scenario might involve reformatting the drive and even reconfiguring the BIOS.
Faced with such an insidious foe, what can a casual user do? The answer involves a bit of faith and some plain old common sense. Get a good virus scanner. There are dozens available, ranging in price and sophistication from free to more than you really need. You may even have a rudimentary scanner built into your BIOS, but these are usually out of date by the time the system is installed. Beyond that, McAfee, Norton, and Cybermedia all offer good solid products that not only screen for viruses, but also will step you through the process of neutralizing them when you are infected. One of these should cover your needs. Once you have installed the virus scanner you should keep it running in the background and make sure it is scanning all files you copy to your system. On top of that, you have to keep it up to date. It is the recent viruses that seem to cause the most problems. Consequently, you should take advantage of the update privilege included with these virus products. The software companies go out of their way to make updating convenient by providing monthly reminders and web sites to download the information.
Watch what gets put on your system and who puts it there. Anyone who has access to your system should be aware of your concern and all of you should work out a protective policy for copying files and downloading material from the Internet. Generally speaking, you should never fully trust an unknown source. Even the major software vendors have experienced incidents of contamination. When adding programs, use the original media, if possible. Bootleg copies of games are notorious for this sort of sneaky hitchhiker. Watch out for E-mail macro-viruses and file attachments. Many large companies exclude e-mail attachments from outside the organization for this very reason. If presented with a suspicious file or e-mail from an unknown source, scan it before you open it.
No matter how much faith and common sense one applies to this situation, sooner or later a virus is going to find its way onto your system. There are just too many opportunities out there and the threat gets worse by the moment. Hopefully, when this predicament does occur it will be manageable, but as I have said previously, a good backup and the means to restore it can be the best antiviral agent you can buy. If all else fails, you can reformat, rebuild and carry on.
back to top
"Things that need to be to be done as regular maintenance"
When windows is first installed on a PC, everything starts out in pristine condition. As the system is used for day to day production it grows and adapts to its new operating requirements. Not all these changes are favorable, and as the system ages it may get out of tune. In addition, some processes are inherently disruptive, such as the fragmentation that occurs when data is added to a hard drive. Beyond that, many of the problems discussed in this document can have a harmful effect. For example, power surges can corrupt files or disable memory chips, and other users can change configuration settings either accidentally or to benefit themselves.
This slow process of operating system degradation could be called "creeping chaos". The computer gradually slows down, starts throwing errors and eventually crashes. This is a fairly common occurrence on small office computers because users tend to overload them. As we said in the introduction, the computer becomes the heart and soul of the office. There is a tendency to load everything on it, word processing, email, fax, accounting, etc. All of this merely emphasizes the fact that PCs need to be maintained. Once this affliction starts it usually gets worse until the crashes become such an annoyance that something must be done.
There are a number of things that need to be done as regular maintenance, and a number of things that can be done when the system doesn't work right anymore. Windows comes with a complement of utilities to perform these jobs. They are found in the System Tools among the Accessories programs on the Start menu. Many more are available as shareware or commercial products. There are also several scheduling programs available to run these utilities automatically. These can be configured to run late at night when the computer is otherwise idle. We'll review these below
These maintenance tasks tend to fall into groups associated with the PC’s busiest devices. To begin with, the hard drive is certainly a high maintenance zone. The drive should be checked monthly for free capacity and disk errors, eg. lost clusters, file fragments, etc. In addition, it should be defragmented whenever the fragmentation level exceeds 5%. This will help maintain the response time on your drive. The file system is also fairly demanding in this respect. The Temp directory (C:\Windows\Temp) should be cleared out whenever temp files build up and the Recycle bin should be emptied monthly. It is also a good idea to clean up the file system every quarter. Delete or archive any files or directories that aren’t used anymore. Look for icons that are no longer connected to executables. Delete, turn off, or clear out any log files that need attention. This will free up valuable space on your hard drive.
Once your PC has been tuned up, you should update or, if necessary create, a start-up disk. This is a floppy disk with the files needed to boot and perform emergency maintenance on various components of your system. Windows prompts to ask if you want to create this disk when you install the operating system, so it may already be available. This tool should be updated whenever you do maintenance on the PC. Finally, user and system resources should be monitored using Resource Meter, a Windows utility. If your resources are low or the PC just seems slow, shutdown and reboot the system. It is truly amazing the multitude of sins a reboot will forgive. As the unit starts to reboot, watch the startup statements that scroll across the screen carefully. While the contents vary from PC to PC, this process will generally provide much useful information on your system, and if there are low level errors lurking in the system, they will show up at this time.
All of the maintenance described above can be done with the utilities provided in windows. As you might expect, PC maintenance can be a great deal more complex than the few items discussed here. Moreover, when things go wrong, troubleshooting can become extremely involved. There are commercial maintenance utilities available to cover these situations. First among these are the system utility suites such as Norton Systemworks, McAfee Nut & Bolts, Cybermedia First Aid, and TouchStone Check It 98. All of these are designed to be used actively as diagnostic and maintenance tools as well as passively, in the background to monitor the health of your PC. When a problem does occur, these products will alert you and in many cases correct the problem. Using these types of products it is possible to maintain parts of the operating system that are beyond the capability of the average user such as the Registry. These programs do a good job of maintaining optimal operating conditions in most small systems.
When a PC gets so far out of tune that it loses its operating system balance, it will crash. Some crashes are beyond the range of simple recovery and necessitate reformatting the hard disk. In these cases a good backup and startup disk is the only way to ensure your ability to rebuild and get on with business.
back to top
"Yes, Y2K is a problem. Yes, it’s going to effect a great many PCs"
What’s all this talk about the year 2000 and computers? You can’t turn on television or pick up a newspaper without finding some reference to Y2K. Is there a problem? Is this going to effect PCs? If so, how, and what can be done about it? The answer is yes, there is a problem and yes, it is going to effect a great many PCs. In terms of what can be done, large corporations and federal, state and local governments are spending billions of dollars addressing the problem. But, the majority of small businesses and individual PC users have not gotten the word yet.
We won't attempt an extended analysis of why this problem exists, or precisely how it effects PCs. Suffice it to say until just recently PCs and the software written for them have addressed the date (1999) by the last two digits (99). Obviously, when year 2000 rolls around this isn't going to work because the operating system reads the last two digits (00) as 1900, not 2000. This 100-year discrepancy can cause major problems with spreadsheets, databases and other programs that rely on the date for critical calculations. PC manufacturers have resolved this problem over the last 2 to 3 years by employing a BIOS process dubbed "inferred" dating. Again, we won't attempt a technical explanation here, but what this means to PC users who aren’t sure if their PCs are Y2K compliant is they must test to find out. The consequences of ignoring the issue range from inconvenience to out and out disaster.
Now, there are a number of ways to go about this testing. They run from a rudimentary keyboard date check to hiring a consultant to do an audit. Choosing the right approach boils down to a matter of cost: the cost of testing vs. the consequences of errors in date related calculations. For an individual who uses the computer primarily for entertainment, cost translates strictly to his or her time. For a company using the computer to run the business, the cost could be more substantial. For a professional who relies on the PC for the conduct of a practice, the stakes could be considerably higher.
There are many things PC users can do to deal with this Y2K problem on their own. I'll review several approaches below beginning with a self-administered test of hardware only and escalating through commercial products that analyze program and data compliance. Y2K compliance is a very complex issue. In fact, we may not know just how complex until the Monday after the millennium. The suggestions below, while useful, are somewhat overly simplified. A truly comprehensive handling of this subject is beyond the scope or intent of this article. It is, therefore, worth noting that if the stakes are very high, a consultant who specializes in this area might be in order.
You can evaluate the Y2K compliance of your PC hardware on your own simply by using your keyboard. Just restart your computer in DOS mode. Don't try this in windows or you may invalidate your passwords or software licenses. Reset the date and time to a minute before midnight and follow the logic of what will happen at the turn of the century (12-31-1999 @11:59pm to 1-1-2000 @12:01am). The resultant date will tell the story. Remember that this event may occur with the computer on or off and that the PC will undoubtedly be switched on and off after the millennium, so you will have to repeat the test several times to mimic those conditions. Also consider that 2000 is a leap year, so you will want to set the date just before February 29, 2000, 2001, and 2004 to see what happens. When you are done be sure to return your date and time to the present. This procedure will not answer all your Y2K questions, but it will give you a good indicator of hardware functionality.
The next level of compliance testing beyond this keyboard method can be reached by downloading a Y2K test from the Internet and running it. There are several freeware selections to choose from such as YMARK2000 (http://www.nstl.com/html/nstl_ymark2000.html) or Test2000.exe (www.rightime.com). In addition, several commercial products are available on the Internet as abbreviated demo versions. For example, the Millennium Bug Toolkit demo by Computer Experts Inc. is available for download at (www.computerexperts.co.uk). These products will run in DOS and give you a systematic check of your hardware’s readiness for the millennium. Note that these tests are not all the same. You want a test that is simple to run, covers as many Y2K issues as possible, and returns concise, printable results. Most of these demos include documentation that will help you interpret more esoteric issues, such as latency, surrounding the millennium bug.
If you do uncover a problem, you have several options to fix it. Many computer manufacturers are offering patches or ROM-BIOS replacements to bring their older products into compliance. Contact that company through your supplier or directly on the Internet for more information. Another approach might be to upgrade the motherboard of your PC. This is not an easy procedure and will cost a little more, but in the end it has the advantage of correcting your Y2K problem while at the same time creating a faster machine.
There are also several off the shelf products available at major computer stores such as Norton 2000, Check 2000 PC, and IntelliFix 2000. These are designed to test your hardware and apply a patch to fix it, if necessary. These programs are not expensive, generally less than $100, and provide good documentation on the Y2K dilemma. They include the capacity to take you into the next phase of Y2K testing, software compliance evaluation, as well.
Now that you have dealt with your hardware, the next step in testing is to check your software applications for compliance. Some of the commercial Y2K testing products also scan your software and data to find problems. There is no built-in fix for these, but Millennium Bug Toolkit from Computer Experts Inc. will highlight Y2K issues and provide a print out of all affected programs with contact information for the vendor. Most of the up to date versions of major software products, such as Microsoft Office 97, are Y2K ready with a few minor exceptions. However, older programs, particularly custom accounting and database applications, are probably not going to be compliant. You will want to contact your supplier to get the details and find out if fixes or updates are available. Again, the Internet can be an excellent resource for this.
If you are not comfortable with the test and correct process outlined here, there are consultants available who will take care of this for you. There is, of course, a cost associated with any of these approaches. You will want to weigh these costs against the price of new equipment. It doesn’t make sense to put a substantial investment into bringing an old system into compliance when new one can be had for less.
Did I mention backing up your data was a good idea? Well this case is no different than any of those above. If your computer stops functioning on January 1, 2000, you will have the information needed to rebuild, reconfigure and get on with your business.
back to top
"What is the value of the data on your computer?"
Businesses do a good job of insuring their assets such as buildings, equipment, vehicles and even personnel. Yet one of the most critical assets they possess is the data on their computers: Imagine loosing your entire accounts receivable journal, your customer records, and your tax information. Despite this danger Business Week Magazine reports that only 7% of computers are equipped with backup systems that fully protect that data. This means that 93% of businesses are either not securing their data at all, or are relying on dubious methods to do so. This usually translates to counting on office personnel, first, to remember to perform a backup, second, to take the diskettes or tapes to a secure offsite location, and finally, to bring them back again in proper rotation. What good does it do to backup to tapes or diskettes then leave them in the office or even in the computer itself? If a fire or theft occurs, recovery would be rather unlikely.
What is the value of the data on your computer? This is a question that every responsible business owner or manager must ask himself or herself. Could my business survive if I lost that data? In a study conducted by Waterson Engineering and Management, "the cost to have someone reenter data is one way you can judge the value of what’s on your computer. A database containing just 20 megabytes of information can take up to 19 days to reenter at a cost of $17,000".
So, given the critical nature of the data stored on business computers, why don’t companies do a better job of protecting this asset? Reasons vary, but a recent survey conducted by Triangle Resource Group, a software development company in Raleigh, found the following leading reasons given by businesses owners (ranked by frequency of response): 1. Not enough time at the end of the day - too busy. 2. Always forget to do the backups. 3. Backup "periodically", but… 4. Never had a problem with our computer… so far! Where does your response fit?
Those businesses which do routinely perform data backups can still be at risk because often they are not backing up properly. Backing up is not as simple as it sounds. For instance, not all files on a system need to be backed-up. Why would anyone backup the swap file? And, there are a number of files on any system that don't ordinarily backup, such as open database files. Knowing what to do about these is critical. Moreover, a well thought-out backup plan takes into account the replication of the backup media in terms of restore depth, reentry span, off-site storage, and archiving. In other words, an effective backup requires a strategy. Like all plans, backup calls for the commitment of all those involved, and it needs to be tested occasionally to be sure it is working properly. Without a well thought-out backup process a business may just be lulled into a false sense of security.
In terms of backup approaches, floppy diskettes are both the most common and at the same time the most vulnerable medium for backup. They are convenient, the media itself is inexpensive, MS Windows Backup is already available as an operating system utility, and they will copy critical data from your hard disk to a secondary source. That’s about the extent of their positive features. If you are going to use this approach to backup, you will find it beneficial to limit your backup to only the most crucial data. Then you must organize your operating system and applications source media and documentation so that, if you lose your hard drive, you can rebuild your entire system from scratch. At that point you can layer the data back on. This can be a truly monumental undertaking for a large hard disk, but so long as your original disks and CDs are available it will allow you to reconstruct your system in the event of a catastrophic loss. On the negative side, floppy disks are easily damaged and require an enormous amount of time and attention, particularly if backing up significant amounts of data. This is because someone has to label each diskette, insert it in the drive, wait for data transfer and then make copies to take offsite. Recovering data from diskettes can be equally frustrating because of the time it takes to find which diskette contains the missing file and to restore it to the appropriate directory. In terms of labor alone diskettes represent the most costly, and least reliable of backup methods.
Zip disks are another common backup medium. These hold a great deal more data than a floppy disk, on the order of 100 to 250 megabytes per disk, and a zip disk is a bit more durable than a floppy. But, most of what was said above for floppies applies. Just one brush with the need to expand the backup set to multiple zip disks will convince most users. If that call to change out the zip media comes after midnight, most users start looking for a better method in the morning.
Many companies that actually do backups regularly have invested in tape drives. Tape drive manufacturers have made tremendous progress recently in packing large amounts of data on easily stored cassettes. These are considerably more reliable than diskettes and with these recent tape products it is possible to backup the entire hard disk, up to 8 gigabytes, on one cassette. Given the difficulty of arranging to change out a tape in the middle of a backup, usually the middle of the night, this is almost a necessity. Nothing leads to backup procrastination quicker than having to work late into the evening grinding through a backup. Yet tapes are not without their shortcomings. This backup method generally involves a substantial investment in hardware, software and media. In fact, the total cost of a tape drive, sophisticated backup software, and enough cassettes to cover the logic of rotation may exceed the cost of the PC. In addition, there is the on-going cost of personnel to initiate, change, and handle tapes that must then be transported to a secure offsite location. Moreover, finding files and restoring data from these tapes can be quite difficult and time consuming. Finally, this is a mechanical system, tapes and drives do wear out and must be replaced.
Another cleaver way of effecting a backup without all the personal involvement is to mirror the primary drive on a second or mirror hard drive. This certainly improves the your odds in the event of a hard drive crash, but the mirror is bound to the primary drive and as such does not really constitute a backup. For example, it provides no protection in the case of a fire or theft, restore depth is nil, and you can't archive a mirror drive. Backup is also limited to the capacity of the mirror drive. Expanding the capacity involves buying a new drive - not an inexpensive or totally reliable alternative.
Until recently the list of backup alternatives ended with drive mirroring. However, there is now a leading edge technology that embraces many of the positives and few of the negatives of the methods described above. This technology is moving businesses toward truly automated methods of securing their data. Services are now available that allow PC users to automatically initiate backup over the Internet and transmit data to a remote server site. The most sophisticated systems, such as Saf-T-Net, compress the data and encrypt it before it leaves the users PC for greater security. These automated systems backup everything on your PC, not just the data, and they maintain multiple copies of the data (restore depth) on the server. They also allow for on-line restoration of files or entire directories. In the event of a total loss through theft, fire or a hard drive crash, a CD can be prepared from your backed up data, delivered overnight, and your computer fully restored on the following day.
The advantages are obvious. These systems perform daily backups over the Internet. They are: Automatic, run on a regularly scheduled basis with no mechanical media or personnel intervention required. Secure, use a private encryption code only you can open. Convenient, real-time, windows based and intuitive interface for both backup and restore. Remote, your encrypted data is held at a secure facility with quadruple redundancy. Economical, far less expensive overall than the cost of comparable methods: floppy disk, Zip drive, or tape.
The disadvantages are minor, but must be addressed. Perhaps the first issue is that the data is off site out of the users immediate control. Given that the entire backup set is encrypted, this may not be a legitimate disadvantage, but it is a valid concern. Many initial users perform another type of backup along with this until they build confidence in the approach. Another issue is that the first backup done over a 28K modem may take 12 hours or more to complete. There is no question that this is a long upload, but the service is automatic, so it can be initiated at any time after business hours, and unlike program downloads, it is cumulative, that is, it can be started and stopped at any time without losing the content. After the first upload, the backup works in differential mode, so it takes only minutes per night. With faster modems the time is reduced, and with high-speed connections such as ADSL this becomes an insignificant factor
No one ever expects their hard drive to crash, someone to break into their business and steal the PC or to accidentally delete a critical file. Unfortunately, the loss of critical data is not a matter of "if it will happen", rather "when it will happen". Is the data on your PC critical to your business? Could you recover from its loss? Now is the time to examine how your business is protecting one of its most valuable assets - the information stored on your business computer.
back to top