How to set up a backup plan for your Windows Server

One of the most important tasks for a systems admin is that of backing up data to protect against loss. A well thought out backup plan can help ensure that all eventualities are covered and that your company can continue operating no matter what kind of disaster may occur. There are several aspects you should incorporate into your backup plan. This article should help guide you on how it’s done, regardless of what software or hardware solution you use.

  • Identify what to back up

If you want to back up everything then you are going to need plenty of tapes, or perhaps a disk backup system, and much more time than you’re likely to afford. Focus instead on the critical data that cannot be recreated and that the business cannot do without. Rank it by priority so that if you need to restore, you would know what to restore first. Create a spreadsheet or a table and review it with the business stakeholders and data owners to ensure that everyone agrees with what is being backed up and in what order it should be restored.

  • Identify when to back it up

Backups take time, consume bandwidth and may have problems with open files. Businesses with large databases, or whose operations run around the clock, may not be able to complete a full backup given an entire weekend. Set up multiple schedules based on the business schedule. Plan database backups around other activities like indexing, and ensure that maintenance windows work around the backup schedule.

Read More

Step-by step guide on how to protect your network from spam

Intro

Spam, or more accurately Unsolicited Commercial Email, is still on the rise, with some estimates measuring it at 90% of all email traffic. It’s a nuisance for users, a storage nightmare for admins, and often a vector for phishing attacks and malware. Using a defense in depth approach, this article provides steps an email administrator can take to protect their network from spam.

Step one-user training

Users should be educated on how their actions can lead to or reduce the amount of spam destined for their inbox. Using corporate email for personal use, subscribing to mailing lists, registering their email address for promotions and giveaways, and forwarding chain mails are all vectors that can lead to spam. Consider disabling html support to prevent downloads that can confirm an address is valid, as well as to reduce the risk of email based malware.

Step two-web content

Spammers frequently scan websites looking for embedded email addresses in contact information. Raise awareness with your web developers and establish a policy that all email addresses in web pages should be masked using JavaScript or other encoding that allows a person to click or read the address, but makes it more difficult for a spider to harvest it. Use contact forms when possible instead of displaying email addresses.

Step three-tighten up your SMTP gateway

Disabling the verify command (VRFY) on your SMTP gateway makes it that much harder for spammers to check for valid email addresses. If supported, implement a delay before your server responds to a request with its banner. Legitimate email servers will wait for the 220 response before trying to send email, while many programs/scripts used by spammers will not. Your server can then drop email from this misbehaving sender. If your SMTP gateway supports Quit detection, configure it to drop email that it receives from a host that don’t close the session properly. Legitimate email servers end a session with the QUIT command, but many programs/scripts used by spammers don’t.

 

Read More