Category PSA Articles

Article (PSA‑0002)

Security requirements vary by how a computer is used. For a quick assessment you can split the environment into two categories:

• Online (Internet‑connected) devices – need real‑time threat detection and a firewall.
• Offline (stand‑alone) devices – may need fewer safeguards, but still require some protection if they ever exchange media with other systems.

1️⃣ Online Devices – Core Requirements

Antivirus / Antimalware

A modern, licensed solution that provides both **real‑time** and **scheduled** scanning is essential.

• Real‑time scanning – Monitors files as they are created, downloaded, or executed and blocks known threats instantly.
• Scheduled scanning – Performs a deep scan of the entire drive (or selected folders) on a regular basis (daily, weekly, or monthly) to catch dormant or missed malware.

Built‑in options (2025)

• Windows 10/11 – Microsoft Defender – Free, always‑on, AI‑enhanced, and centrally manageable via Microsoft Endpoint Manager.
• macOS – Xprotect + Gatekeeper – Native malware detection and notarization checks for downloaded apps.
• Linux – ClamAV, Sophos Home for Linux, or commercial EDR agents – Useful for servers or workstations that run Linux.

When to consider a third‑party solution

If you need additional features such as ransomware‑specific protection, web‑filtering, or centralized reporting for multiple endpoints, look at reputable vendors like Bitdefender GravityZone, SentinelOne, or ESET Endpoint Security.

Firewall

A firewall controls inbound and outbound traffic based on a set of rules. Two layers are common:

• Software firewall – Built into the OS (Windows Defender Firewall, macOS Application Firewall, Linux UFW/nftables). It blocks unsolicited inbound connections and can restrict outbound traffic.
• Hardware firewall – The router or a dedicated appliance (e.g., Ubiquiti EdgeRouter, Cisco Meraki, or a commercial NGFW – Next‑Generation Firewall). It adds network‑level filtering and NAT, keeping the entire LAN hidden from the Internet.

For most home users and small businesses the combination of the OS firewall plus the router’s NAT/packet‑filter is more than adequate.

2️⃣ Offline (Never‑Connected) Devices – What to Consider

If a computer truly never touches the Internet and never receives files from another network, you can forego a full‑time antivirus program. However, keep these points in mind:

• Even removable media (USB sticks, external HDDs) can carry malware. Scan any media before it is introduced to an offline system.
• Use a lightweight on‑access scanner (e.g., Windows Defender in “offline scan” mode) for occasional checks.
• Maintain a strict air‑gap policy: keep the device physically separated and disable any wireless adapters.

Why One Security Suite Is Usually Enough

Running multiple antivirus products on the same machine creates more problems than it solves. The most common issues are:

1. RAM depletion – Each engine consumes memory. When RAM runs out the OS starts paging to disk, causing severe slow‑downs.
2. Software conflicts – Two real‑time scanners can flag each other’s activity as malicious, leading to endless alerts and potential system instability.
3. Quarantine of critical files – One product may mistakenly quarantine the other’s core components, leaving both programs corrupted.
4. Administrative overhead – Managing multiple licences, updates, and alert streams is time‑consuming and costly.

For the vast majority of users, **one up‑to‑date antivirus/antispyware product plus a properly configured firewall** provides comprehensive protection.

Practical Checklist – Get Secure in Minutes

• Enable the built‑in OS firewall. Verify that inbound connections are blocked unless you explicitly allow them.
• Install a reputable antivirus. If you’re on Windows 10/11, make sure Microsoft Defender is turned on and receiving updates.
• Schedule a weekly full scan. Set the scan for off‑hours to avoid interrupting work.
• Keep the system patched. Enable automatic OS updates and apply vendor patches for all installed software.
• Use strong, unique passwords and enable multi‑factor authentication (MFA) on all cloud accounts.
• Back up your data. Apply the 3‑2‑1‑0 rule (see PSA‑0005) and test restores quarterly.
• Limit admin privileges. Operate daily tasks as a standard user; reserve Administrator rights for installs and system changes.

When to Upgrade Your Protection

Consider a more advanced solution if any of the following apply:

• You run a small business with multiple endpoints and need centralized management.
• Ransomware or phishing attacks are a frequent threat in your industry.
• You require application‑aware filtering, IDS/IPS, or secure remote‑access VPNs.
• You must comply with regulations (HIPAA, PCI‑DSS, GDPR) that mandate specific security controls.

Need Professional Help?

If you’re unsure about the right antivirus, firewall configuration, or overall security posture for your home or business, call PSA Computer Services at (707) 506‑6802. We’ll perform a quick health check, recommend a solution that fits your budget, and set everything up so you can work safely.

Article (PSA‑0001)

Life insurance, medical insurance, and retirement funds are all ways we try to ensure the things most important to us are protected. What about your data? Most of us store things like family pictures, legal documents, important thoughts and expensive software on our computers. How important is this data to you?

One way to gauge the importance of something is to imagine it is gone. So take a moment, and imagine your computer is gone. What would you miss? If you can honestly say, “Nothing!” then you can skip this article. If, on the other hand, you have a list forming in your mind of things you would miss, then please read on.

With so many backup ideas and tools floating around today, it can be difficult to know your files are safe. The intent of this article is to help you understand some basics about data backup, so you can know if your files are safely backed up or not. In the following scenarios, we are considering the ability to recover data in the event of a hard disk failure. Let’s consider three questions.

❓ Question #1 – “Is my data safe if I copy it to another folder on my computer?”

No. Both the original file and the copy live on the same physical drive. If that drive fails, every copy is lost.

• Rule of thumb: Keep at least two copies on different storage media.
• Common backup media in 2025:
  • External SSD (USB‑C or Thunderbolt) – fast, durable, and easy to rotate.
  • Network‑Attached Storage (NAS) with RAID‑1 or RAID‑5 for redundancy.
  • Cloud backup services (Backblaze, iDrive, OneDrive for Business, Google Drive) – provides off‑site storage out of the box.
  • Archival‑grade optical media (BD‑XL) or LTO tape for very large, long‑term archives.

❓ Question #2 – “Is my data safe if I copy it to separate storage media?”

Better, but still incomplete unless you verify the backup.

1. After a hard‑disk failure you’d replace the drive, reinstall the OS and applications, then restore data.
2. If the backup is corrupt, incomplete, or the backup software mis‑reports success, recovery will fail.
3. Action: Test your backups. Pick a random file or folder, restore it to a different location, and compare checksums (MD5/SHA‑256) to ensure integrity.

❓ Question #3 – “Is my data safe if I copy it to backup media, test it, and store it off‑site?”

Now you have a truly resilient strategy.

• Catastrophic events (fire, flood, theft) can destroy both the computer and** any local backup media.
• Store at least one copy off‑site—either in the cloud or in a physically separate, fire‑proof location (a safe at a trusted relative’s house, a safety‑deposit box, or a dedicated off‑site storage service).
• Combine this with the classic 3‑2‑1‑0 rule (see PSA‑0005):
  1. Three total copies of your data.
  2. Two different storage media.
  3. One copy stored off‑site.
  4. Zero‑error verification – test restores regularly.

Quick‑Start Backup Checklist (2025)

1. Identify critical data. Photos, tax records, client contracts, project files, software licence keys.
2. Choose primary backup media. An external SSD for daily incremental backups.
3. Schedule automatic backups. Use built‑in tools (Windows Backup, macOS Time Machine) or third‑party software (Acronis True Image, Macrium Reflect, Veeam Agent) to run daily increments.
4. Run a weekly full backup. Creates a clean baseline for restores.
5. Test restores monthly. Restore a random folder to a separate drive and verify files open correctly.
6. Create an off‑site copy.
   • Enable cloud sync with versioning (Backblaze, iDrive, OneDrive for Business) for continuous off‑site protection.
   • Alternatively, rotate an external drive to a secure off‑site location every 2–4 weeks.
7. Document the process. Keep a short “Backup Plan” (what, where, how often, who to call) in a paper copy stored off‑site and in a password‑manager note.

Common Pitfalls to Avoid

• Only one copy. A single drive or single cloud account gives a false sense of security.
• Never testing. Backup software may report success while silently skipping corrupted sectors.
• Storing backups on the same physical device. Two external drives plugged into the same USB hub share the same power source and can both be damaged by a surge.
• Using low‑quality consumer media for long‑term archives. Cheap USB sticks degrade; prefer SSDs with endurance ratings or archival‑grade optical media.

Bottom Line

Just like life, medical, or retirement insurance protects you from unexpected loss, a solid backup strategy protects your digital life. Follow the 3‑2‑1‑0 rule, test regularly, and keep at least one copy off‑site. With that in place, even a total hardware disaster won’t erase what matters most.

Need a Custom Backup Plan?

If you’d like a professional assessment of your current backup system, or you want help designing and automating a reliable solution for home or business use, call PSA Computer Services at (707) 506‑6802. We’ll walk you through the steps, set up the technology, and verify that your data is truly safe.