Enquire now

Uncommon Sense

Welcome to the Highlands IT Blog. Here you will find articles relating to IT and technology that attempt to demystify and explain some of the concepts that fall into the following categories :

  • Are nice to know
  • You really ought to know and
  • You absolutely must look into and take action.

    • Things like protecting your data and securing your online identity. Interesting and potentially useful reads about upcoming events in IT (Windows 11 anyone?). Stuff like that. If there is a topic you would like to know more about, get in touch. I'd love to hear from you.

    Data Protection

    Sunday, 18 July 2021

    Are you protecting your precious (family photos, videos, recipes etc.) and important (business records, tax records etc.) data? When was the last time you performed a backup?

    To Back Up or Not to Back Up

    Backing up is one of those maintenance tasks often overlooked or put off. I get it. The PC, tablet, phone is just a tool. Useful for getting things done and just there when you need it. But we entrust a lot of very important files and documents to these devices. Like all tools, they do break from time to time and if you haven’t protected the data stored on them, you run the risk of losing irreplaceable files.

    Now, backing up does not have to be complicated. It can be as simple as copying your most important files to a USB drive and keeping this in a safe place (well labelled, of course, to be sure it doesn’t get overwritten with something else). You can take it one step further by utilising the backup software built in to all operating systems. These will offer file compression, so more data can be saved to your backup location (the same USB drive mentioned earlier), as well as scheduling so backups can be made regularly and automatically. They also offer a full system backup and restore functionality so you can get up and running again quickly after a total hard disk failure (don’t be thinking “this will never happen to me”, that is asking for trouble!).

    I won’t go into scalable, dedicated backup implementations here. Those are beyond the scope of home and most small business users. Data protection is a global industry in itself.

    Can’t I Just Save to the Cloud?

    A final note on The Cloud: all major players (Microsoft, Apple, Google etc.) offer cloud storage and a most of them now default to saving files to the cloud. This offers better protection for your files than your local hard drive for a number of reasons (to be explored in a separate article). What they don’t offer by default is backup of the data stored on their cloud service. You are still responsible for this.

    Get in touch if you want help protecting your data.

    Passwords

    Thursday, 05 August 2021

    The bane of our existence, or a necessary evil?

    It’s both, actually.

    It’s easy to understand why it is the bane of our existence. Every website we visit that wants to collect data about us (and that’s most of them), require us to create an account and set a password. That can very quickly add up to a lot of accounts and passwords. To use myself as an example: I have been using the internet since Ozemail was a thing and the Netscape browser was revolutionary (showing my age now!). As a result of all this browsing, I now have more than 200 accounts!

    For a password to be effective, it must be strong (at least 10 characters long, a combination of upper- and lower-case letters, numbers and special characters) and unique (only used once). It takes a lot of effort to create and remember hundreds of strong, unique passwords. The bane of my existence!

    Why passwords matter

    To put it simply, they are our main defence against cyber-criminals and thieves. If you are reading this, you have a presence online and should be doing what you can to mitigate the risks.

    Did you know? It takes just a few seconds to crack an 8 character password, using modern computing power and software. If you are using a combination of upper and lower case letters, numbers and special characters, the time taken grows to around 7 minutes. Not very long at all. And 8 characters is the current standard for minimum password length. The required time grows exponentially with additional complexity and length.

    In my opinion, 8 characters is no longer long enough, and using only letters and numbers is not complex enough.

    What can we do?

    Here are my tips for improving your main online defence.

    1. Don’t use the same password for every account. It goes without saying that if you do and that password is compromised, everything is compromised.
    2. Make your passwords longer and more complex than the minimum 8 characters. For example: Turn your password into a passphrase – a combination of words with the addition of numbers and special characters. Easier to remember than random gibberish yet very hard to crack. Make it more difficult by capitalising in unusual places.
    3. Use a password manager. There are many reputable password managers on the market that do the job of remembering your passwords for you. They also encrypt your passwords and other data for extra safety. A few of the most reputable are: Lastpass, Keeper, Dashlane.
      1. Note: If you use a password manager service, make sure your master password/passphrase is as long and complex as possible – 20+ characters is a good start.
    4. Use multi-factor authentication where possible. Most companies, particularly financial institutions, offer this now. Use it! OK, it’s an extra step to log in, but it means that even if your password is compromised, they still can’t get in. This gives you time to change your password and restore full security.
    5. Don’t use a dictionary word as your password. Not even the longest word in the dictionary. And not even a long foreign word. It takes a computer microseconds to run through every word in every dictionary and compare them to your password to find a match. Just don’t do it!

    Finally, a note on writing your passwords down. There are two schools of thought here. Do it, don’t do it. It’s a binary thing. I’m in the do it camp, and here is my reasoning. If you create a unique, very long, complex password for every online account, you will forget them. Even if you use a password manager and take my advice on the 20+ character master password, chances are you will forget this too. A cybercriminal is not going to break into your home or office in search of your little book of passwords. He/she is likely half way round the world. The criminal who wants to break into your house isn’t looking for passwords anyway.

    Passwords