Monday

Tag: Backup

10 Steps to Securely Configuring Windows 10

Windows 10 is the most popular operating system in the world, but it also comes with some security risks. If you want to protect your data and privacy, you need to configure Windows 10 for security. Here are 10 steps you can follow to make your Windows 10 more secure.

  1. Update Windows 10 regularly – Windows 10 updates often include security patches and bug fixes that can prevent hackers from exploiting vulnerabilities in your system. To check for updates, go to Settings > Update & Security > Windows Update and click on Check for updates. If there are any available updates, install them as soon as possible.
  2. Use a strong password and a PIN – A strong password is one that is long, complex, and unique. It should include a mix of uppercase and lowercase letters, numbers, and symbols. A PIN is a four-digit code that you can use to unlock your device instead of typing your password. To set up a password and a PIN, go to Settings > Accounts > Sign-in options and choose Password and PIN. Make sure you don’t use the same password or PIN for other accounts or devices.
  3. Enable BitLocker encryption – BitLocker is a feature that encrypts your hard drive, making it unreadable to anyone who doesn’t have the right key. This can protect your data in case your device is lost, stolen, or hacked. To enable BitLocker, go to Settings > System > About and click on Device encryption. If your device supports BitLocker, you will see a Turn on button. Click on it and follow the instructions.
  4. Use Windows Defender Firewall and antivirus – Windows Defender Firewall is a feature that blocks unauthorized network connections, preventing hackers from accessing your device or data. Windows Defender antivirus is a feature that scans your device for malware and removes any threats. To use Windows Defender Firewall and antivirus, go to Settings > Update & Security > Windows Security and click on Firewall & network protection and Virus & threat protection. Make sure they are both turned on and up to date.
  5. Enable two-factor authentication – Two-factor authentication is a feature that adds an extra layer of security to your online accounts. It requires you to enter a code or use an app on your phone after entering your password, verifying your identity. To enable two-factor authentication, go to Settings > Accounts > Sign-in options and click on Security key or Windows Hello. Follow the instructions to set up your preferred method of two-factor authentication.
  6. Use a VPN service – A VPN service is a feature that encrypts your internet traffic, hiding your IP address and location from prying eyes. This can protect your privacy and security when you use public Wi-Fi or access geo-restricted content. To use a VPN service, you need to download and install a VPN app from the Microsoft Store or a trusted website. Then, launch the app and connect to a server of your choice.
  7. Disable unnecessary services and apps – Some services and apps that come with Windows 10 may not be essential for your needs, but they can consume resources and pose security risks. To disable unnecessary services and apps, go to Settings > Apps > Apps & features and click on the service or app you want to uninstall or modify. You can also go to Settings > Privacy and review the permissions that each app has access to.
  8. Use a secure browser and extensions – A secure browser is one that protects your online activity from trackers, ads, and malicious websites. A secure extension is one that enhances the functionality of your browser without compromising your security or privacy. To use a secure browser and extensions, you can choose one of the following options:
    • Use Microsoft Edge, which is the default browser for Windows 10. It has features like SmartScreen, Tracking Prevention, InPrivate mode, and Password Monitor that can improve your security and privacy.
    • Use Google Chrome, which is the most popular browser in the world. It has features like Safe Browsing, Incognito mode, Password Checkup, and Sync that can improve your security and privacy.
    • Use Mozilla Firefox, which is the most privacy-focused browser in the world. It has features like Enhanced Tracking Protection, Private Browsing mode, Lockwise, and Monitor that can improve your security and privacy.
  9. Backup your data regularly – Backing up your data is a feature that copies your files to another location, such as an external hard drive or a cloud service. This can protect your data from accidental deletion, corruption, or ransomware attacks. To protect your data regularly, go to Settings > Update & Security > Backup and click on Add a drive or Backup options. Choose where you want to store your backup files and how often you want to backup.
  10. Educate yourself on cyber threats and best practices – The most important feature for securing your Windows 10 is your own knowledge and awareness. You need to learn how to recognize and avoid common cyber threats, such as phishing, malware, or social engineering. You also need to follow best practices, such as using strong passwords, updating your software, and locking your device when not in use. You can find more information and tips on how to secure your Windows 10 on the Microsoft website or other reputable sources.

12 Cybersecurity Tips to Stay Secure on the Internet

The internet is a wonderful place full of free information, endless entertainment, and useful ways to communicate with you family and friends. There are also people that want to use that wonderous virtual environment to attack the cyber-weak and take what they have for their own profit. You see the news stories almost weekly, where another company has been breached and their customer data has been stolen, stores where companies have been attacked with ransomware and all their files are encrypted until they meet their attackers demands, or just average users bombarded with phishing emails or robocalls.

People don’t always know what they can do protect themselves, so I have collected 10 simple tips that will help guide the average user to a safer cybersecurity profile that will help protect their valuable systems and data from cybercriminals.

Basically speaking, when you want to secure a user, a family, or an entire company you have to first secure the perimeter, then secure the data that enters and exits through that perimeter. Just a few years ago that perimeter was much smaller and easily defined, but with todays services relying on the internet for almost all information like news, weather, movies, emails, file storage, gaming, etc. that perimeter is larger than ever before.

You need to think about how you use the services and systems that you have access to each day and determine what data you share has value, what processes are at a high risk, and how a malicious user might monetize your activity. One basic example is you may use your personal computer to access your bank to transfer money from checking to savings.  The risk is your computer may be compromised and that might allow a hacker to gain access to your bank account to transfer your money to their bank account. A hacker might just gain access to your password and is then able to use your email address and stolen password to log into your bank account from anywhere in the world to open new accounts to borrow massive amounts of money in your name. Continue reading “12 Cybersecurity Tips to Stay Secure on the Internet”

12 Cybersecurity Tips to Stay Secure on the Internet

The internet is a wonderful place full of free information, endless entertainment, and useful ways to communicate with you family and friends. There are also people that want to use that wonderous virtual environment to attack the cyber-weak and take what they have for their own profit. You see the news stories almost weekly, where another company has been breached and their customer data has been stolen, stores where companies have been attacked with ransomware and all their files are encrypted until they meet their attackers demands, or just average users bombarded with phishing emails or robocalls.

People don’t always know what they can do protect themselves, so I have collected 10 simple tips that will help guide the average user to a safer cybersecurity profile that will help protect their valuable systems and data from cybercriminals.

Basically speaking, when you want to secure a user, a family, or an entire company you have to first secure the perimeter, then secure the data that enters and exits through that perimeter. Just a few years ago that perimeter was much smaller and easily defined, but with todays services relying on the internet for almost all information like news, weather, movies, emails, file storage, gaming, etc. that perimeter is larger than ever before.

You need to think about how you use the services and systems that you have access to each day and determine what data you share has value, what processes are at a high risk, and how a malicious user might monetize your activity. One basic example is you may use your personal computer to access your bank to transfer money from checking to savings.  The risk is your computer may be compromised and that might allow a hacker to gain access to your bank account to transfer your money to their bank account. A hacker might just gain access to your password and is then able to use your email address and stolen password to log into your bank account from anywhere in the world to open new accounts to borrow massive amounts of money in your name. Continue reading “12 Cybersecurity Tips to Stay Secure on the Internet”

12 Cybersecurity Tips to Stay Secure on the Internet

The internet is a wonderful place full of free information, endless entertainment, and useful ways to communicate with you family and friends. There are also people that want to use that wonderous virtual environment to attack the cyber-weak and take what they have for their own profit. You see the news stories almost weekly, where another company has been breached and their customer data has been stolen, stores where companies have been attacked with ransomware and all their files are encrypted until they meet their attackers demands, or just average users bombarded with phishing emails or robocalls.

People don’t always know what they can do protect themselves, so I have collected 10 simple tips that will help guide the average user to a safer cybersecurity profile that will help protect their valuable systems and data from cybercriminals.

Basically speaking, when you want to secure a user, a family, or an entire company you have to first secure the perimeter, then secure the data that enters and exits through that perimeter. Just a few years ago that perimeter was much smaller and easily defined, but with todays services relying on the internet for almost all information like news, weather, movies, emails, file storage, gaming, etc. that perimeter is larger than ever before.

You need to think about how you use the services and systems that you have access to each day and determine what data you share has value, what processes are at a high risk, and how a malicious user might monetize your activity. One basic example is you may use your personal computer to access your bank to transfer money from checking to savings.  The risk is your computer may be compromised and that might allow a hacker to gain access to your bank account to transfer your money to their bank account. A hacker might just gain access to your password and is then able to use your email address and stolen password to log into your bank account from anywhere in the world to open new accounts to borrow massive amounts of money in your name. Continue reading “12 Cybersecurity Tips to Stay Secure on the Internet”

Perform SQL Server Object Level Recovery with Restore

SQL Server is a database management system that stores user information in tables. If the table is corrupted, you may be asked to reload the data one table in the database without changing the contents of other tables. The obvious answer is to restore a backup copy of the database to put the database back to the state the environment was in before the corruption occurred, but the  problem might be that other tables have been updated and the owners of that data don’t want to lose the good data to fix the bad data.

In SQL Server you can perform simple object level recovery by restoring a recent backup of the database to a different database server or instance, the replace the bad data with the data from the restored database. To complete this important task you must have good database backup. If you don’t have a backup taken before the corruption, then you can not perform this action using this method.

Another thing you need to consider is if you need to support this type of activity you must have a target server with enough free drive space to restore your backup. If your database is 1 TB in size, for example, while your backup might be compressed to save space you will need at least 1 TB of free space to restore a copy of your database. A lot of people don’t have that kind of free space readily available, so think about that as your write your incident recovery documentation.

Using PowerShell to Backup SQL Server Databases

Database backups are important to your SQL Server instances, but you might not want to create a maintenance plan, or you have a instance of SQL Server Express that doesn’t support scheduled jobs, so you can use a PowerShell script like the one below. You can execute your backup script as a scheduled job in the Windows Task Scheduler, to complete your daily backup.

I got the original version of this script from Microsoft.

## Full + Log Backup of MS SQL Server databases with SMO.[void][System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.ConnectionInfo');[void][System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.Management.Sdk.Sfc');[void][System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.SMO');# Required for SQL Server 2008 (SMO 10.0).[void][System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.SMOExtended');$Server = "(local)";  # SQL Server Instance.$Dest = "X:\Database\Backup\";# Backup path on server (optional).$srv = New-Object Microsoft.SqlServer.Management.Smo.Server $Server;# If missing set default backup directory.If ($Dest -eq ""){ $Dest = $server.Settings.BackupDirectory + "\" };Write-Output ("Started at: " + (Get-Date -format yyyy-MM-dd-HH:mm:ss));# Full-backup for every databaseforeach ($db in $srv.Databases){If($db.Name -ne "tempdb")  # Skipping backup of TempDB{$timestamp = Get-Date -format yyyy-MM-dd-HH-mm-ss;$backup = New-Object ("Microsoft.SqlServer.Management.Smo.Backup");$backup.Action = "Database";$backup.Database = $db.Name;$backup.Devices.AddDevice($Dest + $db.Name + "_full_" + $timestamp + ".bak", "File");$backup.BackupSetDescription = "Full backup of " + $db.Name + " " + $timestamp;$backup.Incremental = 0;# Starting full backup process.$backup.SqlBackup($srv); # For db with recovery mode <> simple: Log backup.If ($db.RecoveryModel -ne 3){$timestamp = Get-Date -format yyyy-MM-dd-HH-mm-ss;$backup = New-Object ("Microsoft.SqlServer.Management.Smo.Backup");$backup.Action = "Log";$backup.Database = $db.Name;$backup.Devices.AddDevice($Dest + $db.Name + "_log_" + $timestamp + ".trn", "File");$backup.BackupSetDescription = "Log backup of " + $db.Name + " " + $timestamp;#Specify that the log must be truncated after the backup is complete.$backup.LogTruncation = "Truncate";# Starting log backup process$backup.SqlBackup($srv);};};};Write-Output ("Finished at: " + (Get-Date -format  yyyy-MM-dd-HH:mm:ss));

This script my be difficult to read in this format, but you can copy and paste it into PowerShell to review and troubleshoot in your environment.

Backup SQL Server to Amazon S3

Backing up your SQL Server database to Amazon S3 takes a few steps to get the process correct, and this article from Alexandr Omelchenko shows us how to get it done, with step-by-step instructions.

There are many ways of making SQL Server database backups and there are as many methods as to how and where to store them. But are you sure that your method really convenient for you? What if you database backup plan is: a full backup twice a day, differential every four hours and transaction log backups every 30 minutes, and all these backups you need to send to Amazon S3. How much time will you spend every day to make all these backup? Fortunately, you can create a backup job with the help of SqlBak in a few minutes, which will make all backups according to your schedule and send them to Amazon S3.

How Successful SQL Server Backups Can Fail


You are probably running SQL Server backups, and you might even test that process on a regular schedule to prevent issues during a disaster. Are you confident that the backup can be restored? If you aren’t paying attention to who is doing backups, you might be in for a surprise when you attempt a restore.

Let me give you a sample scenario that you might not have considered. Since your database is quite large, you do a daily full system backup with hourly incremental backups. When it comes time to restore those backups, you restore the last good daily full backup, and all the successful incremental backups since the daily backup was taken to get the system restored to within an hour of the outage. This is a fairly well defined process that you have scripted and tested several times. Along comes a developer that creates a full system backup in the middle of the day to restore a backup to a development or test environment. When you attempt to restore your database, you must have a copy of that developers full backup, not the one you created. Will you be able to find that backup during a disaster?

You should, as a minimum anticipate this scenario and prepare to adjust your restore procedures to account for this type of issue. That might not even be possible, based on the environment at your business. You might need to review your processes and access permissions to prevent this from even happening. Why does the developer need access to conduct backups? Why doesn’t he just use the backups you are already creating?

If you aren’t paying attention, your well thought out recovery plan could be useless when you need it the most.

This is a script from Microsoft to get your database backup history:

  SELECT bs.server_name AS ServerName,        CASE bs.compatibility_level           WHEN 90 THEN 'SQL Server 2005'          WHEN 100 THEN 'SQL Server 2008 or SQL Server 2008 R2'           WHEN 110 THEN 'SQL Server 2012'           WHEN 120 THEN 'SQL Server 2014'        END AS ServerVersion,         bs.database_name AS DatabseName,        CASE bs.type           WHEN 'D' THEN 'Full'           WHEN 'I' THEN 'Database Differential'           WHEN 'L' THEN 'Log'           WHEN 'F' THEN 'File or filegroup'          WHEN 'G' THEN 'Differential file'          WHEN 'P' THEN 'Partial'          WHEN 'Q' THEN 'Differential partial'         END AS BackupType,        bs.backup_start_date AS BackupStartDate,        bs.backup_finish_date AS BackupFinishDate,         CASE bmf.device_type           WHEN 2 THEN 'Disk'           WHEN 5 THEN 'Tape'          WHEN 7 THEN 'Virtual device'             WHEN 105 THEN 'A permanent backup device'           ELSE 'Other Device'         END AS DeviceType,        bmf.physical_device_name AS PhysicalDevice,        bs.backup_size/(1024*1024AS [BackupSize(MB)],         bs.compressed_backup_size/(1024*1024AS [ConmpressedBackupSize(MB)] 

The output looks something like this:

You can get more information on this script here.

Disaster Recovery Plan – System Databases

As you develop a plan to protect your databases by creating a backup schedule and Disaster Recovery Plan, you should include you System Databases in that process. You must understand that SQL Server relies on system databases to work and you must protect them by using standard backup routines.

The system databases and their roles are:

  • Master – Every thing your SQL Server instance needs to work properly is stored on this system database, so you must keep regular backups of master or you will lose your server settings during a recovery.
  • MSDB – This system database stores SQL Server Jobs information.
  • Model – Each time a new database is created on this instance, a copy of model database is used. If you want that same configuration  standard during a restore of the system you must restore an existing backup. If you don’t use the model database you may choose to not backup or store this database
  • Tempdb – This basic workspace database is used to keep temporary structures (temporary tables, index rebuild information, temporary space for joins, etc.) and it is rebuilt each time the SQL Server services are restarted.

As you can see, you must worry about master and msdb database. The other two are easily recreated and you may not have to worry too much about them in a disaster.

%d bloggers like this: