Method for Protecting Computer Away from Damage and Data Loss

When you think about it, the most valuable thing on your computer or network is the data you create. After all, that data is the reason for having the computer and network in the first place–and it’s the bits and bytes that make up that data that are your first priority when putting protective strategies in place. Operating systems and applications can always be reinstalled, but user-created data is unique and if lost, may be irreplaceable.


Some data is also confidential; not only do you not want to lose it, you don’t want others to even view it without authorization. Exposure of your social security number, credit card, and bank account information could subject you to identity theft. Company documents may contain trade secrets, personal information about employees or clients, or the organization’s financial records.


Let’s look at some methods to protect your all-important user data from loss and/or unauthorized access.



1: Back up early and often


The single most important step in protecting your data from loss is to back it up regularly. How often should you back up? That depends–how much data can you afford to lose if your system crashes completely? A week’s work? A day’s work? An hour’s work?


You can use the backup utility built into Windows (ntbackup.exe) to perform basic backups. You can use Wizard Mode to simplify the process of creating and restoring backups or you can configure the backup settings manually and you can schedule backup jobs to be performed automatically.


There are also numerous third-party backup programs that can offer more sophisticated options. Whatever program you use, it’s important to store a copy of your backup offsite in case of fire, tornado, or other natural disaster that can destroy your backup tapes or discs along with the original data.



2: Use file-level and share-level security


To keep others out of your data, the first step is to set permissions on the data files and folders. If you have data in network shares, you can set share permissions to control what user accounts can and cannot access the files across the network. With Windows 2000/XP, this is done by clicking the Permissions button on the Sharing tab of the file’s or folder’s properties sheet.


However, these share-level permissions won’t apply to someone who is using the local computer on which the data is stored. If you share the computer with someone else, you’ll have to use file-level permissions (also called NTFS permissions, because they’re available only for files/folders stored on NTFS-formatted partitions). File-level permissions are set using the Security tab on the properties sheet and are much more granular than share-level permissions.


In both cases, you can set permissions for either user accounts or groups, and you can allow or deny various levels of access from read-only to full control.



3: Password-protect documents


Many productivity applications, such as Microsoft Office applications and Adobe Acrobat, will allow you to set passwords on individual documents. To open the document, you must enter the password. To password-protect a document in Microsoft Word 2003, go to Tools | Options and click the Security tab. You can require a password to open the file and/or to make changes to it. You can also set the type of encryption to be used.


You can use zipping software such as WinZip or PKZip to compress and encrypt documents.



4: Use EFS encryption


Windows 2000, XP Pro, and Server 2003 support the Encrypting File System (EFS). You can use this built-in certificate-based encryption method to protect individual files and folders stored on NTFS-formatted partitions. Encrypting a file or folder is as easy as selecting a check box; just click the Advanced button on the General tab of its properties sheet. Note that you can’t use EFS encryption and NTFS compression at the same time.


EFS uses a combination of asymmetric and symmetric encryption, for both security and performance. To encrypt files with EFS, a user must have an EFS certificate, which can be issued by a Windows certification authority or self-signed if there is no CA on the network. EFS files can be opened by the user whose account encrypted them or by a designated recovery agent. With Windows XP/2003, but not Windows 2000, you can also designate other user accounts that are authorized to access your EFS-encrypted files.


Note that EFS is for protecting data on the disk. If you send an EFS file across the network and someone uses a sniffer to capture the data packets, they’ll be able to read the data in the files. More information please visits our official website: http://www.uflysoft.com

发表留言

秘密留言

自我介绍

StevenLee

Author:StevenLee
欢迎来到FC2博客!

最新文章
最新留言
最新引用
月份存档
类别
搜索栏
RSS链接
链接
加为博客好友

和此人成为博客好友