If your PC were lost or stolen, you'd probably cringe at the cost of replacing it. But that's nothing compared to what you'd stand to lose if someone had unfettered access to the data on that device. Even if they can't sign in using your Windows user account, a thief could boot from a removable device and browse the contents of the system drive with impunity.
The most effective way to stop that nightmare scenario is to encrypt the entire device so that its contents are only available to you or someone with the recovery key.

BitLocker is the brand name that Microsoft uses for the encryption tools available in business editions of Windows (desktop and server). A limited but still effective subset of BitLocker device encryption features are also available in Windows 10 Home editions. Here's how to make sure your data is protected.

​HOW DOES BITLOCKER WORK IN WINDOWS 10?
​
On all devices that are designed for Windows 10 (see the following section for the hardware requirements), device encryption is automatically enabled. Windows Setup automatically creates the necessary partitions and initializes encryption on the operating system drive with a clear key. To complete the encryption process, you must perform one of the following steps:

• Sign in using a Microsoft account that has administrator rights on the device. That action removes the clear key, uploads a recovery key to the user's OneDrive account, and encrypts the data on the system drive. Note that this process happens automatically and works on any Windows 10 edition.
• Sign in using an Active Directory account on a Windows domain or an Azure Active Directory account. Either configuration requires a business edition of Windows 10 (Pro, Enterprise, or Education), and the recovery key is saved in a location that is available to the domain or AAD administrator.
• If you sign in using a local account on a device running a business edition of Windows 10, you need to use the BitLocker Management tools to enable encryption on available drives.

HARDWARE REQUIREMENTS
The most important hardware feature required to support BitLocker Device Encryption is a Trusted Platform Module chip, or TPM. The device also needs to support the Modern Standby feature (formerly known as InstantGo).
Virtually all devices that were originally manufactured for Windows 10 meet these requirements.

MANAGING BITLOCKER
For the most part, BitLocker is a set-it-and-forget-it feature. After you enable encryption for a drive, it doesn't require any maintenance. You can, however, use tools built into the operating system to perform a variety of management tasks.

The simplest tools are available in the Windows graphical interface, but only if you are running Windows 10 Pro or Enterprise. Open File Explorer, right-click any drive icon, and click Manage BitLocker. That takes you to a page where you can turn BitLocker on or off; if BitLocker is already enabled for the system drive, you can suspend encryption temporarily or back up your recovery key from here. You can also manage encryption on removable drives and on secondary internal drives.

On a system running Windows 10 Home, you'll find an on-ff button under Settings > Update & Recovery > Device Encryption. A warning message will appear if device encryption hasn't been enabled by signing into a Microsoft account.
For a much larger set of tools, open a command prompt and use one of the two built-in BitLocker administrative tools, manage-bde or repair-bde, with one of its available switches. The simplest and most useful of these is manage-bde -status, which displays the encryption status of all available drives. Note that this command works on all editions, including Windows 10 Home.

SAVING AND USING A RECOVERY KEY
​Under normal circumstances, you unlock your drive automatically when you sign in to Windows 10 using an account that's authorized for that device. If you try to access the system in any other way, such as by booting from a Windows 10 Setup drive or a Linux-based USB boot drive, you'll be prompted for a recovery key to access the current drive. You might also see a prompt for a recovery key if a firmware update has changed the system in a way that the TPM doesn't recognize.
As a system administrator in an organization, you can use a recovery key (manually or with the assistance of management software) to access data on any device that is owned by your organization, even if the user is no longer a part of the organization.

The recovery key is a 48-digit number that unlocks the encrypted drive in those circumstances. Without that key, the data on the drive remains encrypted. If your goal is to reinstall Windows in preparation for recycling a device, you can skip entering the key and the old data will be completely unreadable after setup is complete.
Your recovery key is stored in the cloud automatically if you enabled device encryption with a Microsoft account. To find the key, go to https://onedrive.com/recoverykey and sign in with the associated Microsoft account. (Note that this option works on a mobile phone.) Expand the listing for any device to see additional details and an option to delete the saved key.

If you enabled BitLocker encryption by joining your Windows 10 device with an Azure AD account, you'll find the recovery key listed under your Azure AD profile. Go to Settings > Accounts > Your Info and click Manage My Account. If you're using a device that's not registered with Azure AD, go to https://account.activedirectory.windowsazure.com/profile and sign in with your Azure AD credentials.
Find the device name under the Devices & Activity heading and click Get BitLocker Keys to view the recovery key for that device. Note that your organization must allow this feature for the information to be available to you.
Finally, on business editions of Windows 10, you can print or save a copy of the recovery key and store the file or printout (or both) in a safe place. Use the management tools available in File Explorer to access these options. Use this option if you enabled device encryption with a Microsoft account and you prefer not to have the recovery key available in OneDrive

BITLOCKER TO GO
​Removable storage devices need encryption too. That includes USB flash drives as well as MicroSD cards that can be used in some PCs. That's where BitLocker To Go works.
To turn on BitLocker encryption for a removable drive, you must be running a business edition of Windows 10. You can unlock that device on a device running any edition, including Windows 10 Home.
As part of the encryption process, you need to set a password that will be used to unlock the drive. You also need to save the recovery key for the drive. (It's not automatically saved to a cloud account.)

Finally, you need to choose an encryption mode. Use the New Encryption Mode (XTS-AES) option if you plan to use the device exclusively on Windows 10. Choose Compatible Mode for a drive you might want to open on a device running an earlier version of Windows.
The next time you insert that device into a Windows PC, you'll be prompted for the password. Click More Options and select the checkbox to automatically unlock the device if you want easy access to its data on a trusted device that you control.

​That option is especially useful if you're using a MicroSD card for expanded storage capacity on a device such as a Surface Pro. After you sign in, all of your data is immediately available. If you lose the removable drive or it is stolen, its data is inaccessible to the thief.

Sometimes it’s obvious. That message from a Nigerian prince requesting you wire $2,000? Ok, probably not going to fall for that one. If the CEO of your company asks for your credit card information via email? Something is definitely off. But often phishing is harder to spot.
Phishing is a common scheme in which someone poses as a trusted party (like a bank or government employee) in an attempt to steal personal information, such as credit card numbers, usernames, and email addresses.
You might get an email that appears to be from Netflix, asking you to log in or your account will be terminated. It could come as a text from Best Buy offering you a gift card if you enter your account information. When it looks too good to be true, it probably is and if something just feels off—it’s worth taking a closer look.

How can you avoid phishing?

Phishing attempts will often include a false story meant to lure you into entering your sensitive information. 
Some common forms:

• Email messages
• Text messages
• Phone calls
• Fake websites

Messages might include: 

• Claims they’ve noticed suspicious activity on your account
• A refund or coupon offer
• A request for you to confirm personal info
• A fake invoice

Things to watch out for

High sense of urgency
Hackers will often create a sense of urgency like threatening you with the loss of service. For instance, a phishing email from someone posing as a bank or another financial institution might ask for you to “confirm your account” and re-submit your payment information or else your account will be terminated. Don’t panic. If something seems strange or alarming, it’s worth taking a pause to investigate.

No personalization
Since cyber criminals often send hundreds of emails at a time, another clue that it may be a fake email is the lack of a personalized greeting. Proceed with caution if the email doesn’t include your name or username, or addresses you simply as “Customer” or “Account Holder.”

Poor spelling/grammar
One quick way to tell the difference between an official communication from a service you use and a phishing scam is the use of misspelled words and poor grammar in the body of the email.

Actions you can take

Check the sender’s email address
Cyber criminals will often create an email account that closely resembles a company’s official email address. For instance, a phishing email address from Amazon might look like “accounts@mazoneurope.com”. Notice the “A” in “Amazon” is not included in the email address.

Hover your mouse over any link in an email
Before clicking make sure the address looks right. When in doubt, do not click the link or open any attachments.

If you think a website might be fake, check the URL and confirm it includes “https://”
Similar to phishing emails, the URL of a fake website may look nearly identical to a legitimate website. Make sure to look out for any misspellings, unusual words or special characters before or after the company’s name. Look for “https://” not “http://” at the beginning of the address URL. Any legitimate entity asking for your payment info will have a secured website.

​To test whether you can spot a phishing scam, check out Google’s quiz.

working in the office and working at home are two different kettles of fish (or indeed phish). And not only because the office has a working atmosphere, whereas at home you just want to lie on the couch and pet the dog.

The real issue — at least for cybersecurity, if not productivity — is that in the office, companies thoroughly protect networks and devices. Meanwhile, unless you’re the CEO, sysadmins are probably not going to come around to your apartment or house and set everything up in line with corporate standards. If a confidential document gets leaked from your home computer, the buck stops with you.

​Follow these ten simple tips when working remotely to avoid such a mishap.

​Companies generally undertake a range of measures to protect computers from malware. They install powerful security solutions, prohibit employees from installing applications, restrict online access from unauthorized devices, and so on. At home, it is trickier to provide that level of protection, but leaving a computer vulnerable when work documents are stored there is also a no-no because if they get stolen or destroyed, it’ll be your neck on the chopping block.

To prevent anything like that from happening, it is vital that you install a reliable security solution on all devices that handle corporate data. If money’s too tight, install a free antivirus. Even one at no cost will significantly reduce the risk of getting infected — and landing in big trouble with the boss.

First, make sure that the connection is private and encrypted to keep information safe from prying eyes. If your Wi-Fi asks anyone connecting to it for a password, the connection is encrypted (and Joe Blow will not be able to spy on your work). If you share your Wi-Fi with other unknown people, your connection is not secure. For example, coffee shops like Starbucks, restaurants like fast food places, or basically any public location with public Wi-Fi.

Never ever enter a password or log in with your credentials while on a public Wi-Fi, you can never tell if someone that shares your connection is tapping, scanning or phishing for your user, password, or any personal and corporate info.

Someone can catch a glimpse of your work correspondence even when you’re just having a cup of tea or taking a bathroom break. Therefore, it’s important to lock the screen whenever you get up. Consider the small hassle a tiny price to pay for keeping corporate secrets safe.
Even if you’re working at home and outsiders have no access to the room, it’s still worth locking your device. You probably don’t want your child to accidentally send your boss a smiley-laden text. Or your cat to walk across the keyboard and mail an unfinished message to the board of directors. If you’re about to go somewhere else, lock the screen. And it should go without saying that your computer needs password-protection.

Your company most likely has a set of IT services that employees use, such as Microsoft Office 365, a corporate messenger like Slack or Microsoft Team and at the very least corporate e-mail. Those tools are configured by your company’s IT service, and IT is responsible for setting them upright.

But IT is not responsible for the access settings of, say, your personal Google Drive. Are you absolutely sure that your colleague — and no one else — will see the file that you sent a link to? If the file is accessible to anyone who has the link, then search engines can index it. And if someone googles something on the topic of your document, it might appear in the search results and catch the eye of someone who should not even know of its existence.

Therefore, stick to corporate resources when exchanging documents and other information. Those cloud drives, but configured for business, are generally far more reliable than the free user versions. Corporate mail usually has less spam and none of your personal correspondence, which adds up to less risk of missing an important e-mail or forwarding something to the wrong address — and colleagues will know for sure that it’s you, not someone pretending to be you.

Alas, sometimes a malicious — and highly convincing — a message can sneak into corporate mail. This is especially relevant to remote workers because the amount of digital communications increases sharply with telecommuting. Therefore, read messages carefully and don’t rush to respond to them. If someone urgently needs an important document or demands immediate payment of an invoice, double-check the someone is who they claim to be. Don’t be afraid to call the other party for clarification, or confirm the action one more time with your boss.

Be particularly suspicious of e-mails with links. If a link to a supposed document does not point to a corporate resource, better to ignore it. If everything looks fine, and the link opens a site that resembles, say, OneDrive, do not enter your credentials on it. Better to manually type in the OneDrive address in the browser, log in, and try to open the file again.

You wouldn’t type in your ATM pin for all the world to see, so why should you treat your password any different? With a growing trend of “shoulder surfing” (spying on someone's device to obtain login credentials/ company data - often in a public area such as a train), employees need to take extra care when using devices in busy areas.
It may sound like common sense, but covering your screen is the easiest way to stop shoulder surfers from stealing your credentials and accessing your accounts.

The immensely popular social networking site Facebook has a user base of over 1.19 billion, which also makes it a popular medium for scammers. It is important to be able to identify a threat before it hits you because the consequences that follow one “quick click” may leave your bank account empty and your identity stolen.

53% of scams target social media users

Bitdefender conducted a survey on Facebook and Twitter by befriending 1,900 people. They then sent the users three links leading to malware. Based on the results, they discovered:

“97 percent of respondents on Facebook and Twitter blindly click on links without checking for malware.”

It’s therefore not surprising that scam makers are successful in tricking Facebook users. In fact, during a two year Bitdefender study involving 850,000 different Facebook scams, it was discovered what the top five most prevalent scams are and the collective percentage of users that fall for each. Here are the top 5 scams you need to keep an eye out for:

#5) Atrocity videos: animal cruelty, suffering people and other dark videos (0.93%)

Atrocity video scams prey on a users darker side. Cybercriminals use horrendous images involving maimed animals, murder, suffering children, and tortured women to draw a user in. Although still relatively small compared to other scams (less than 1%), this type of scam is growing at a steady rate, with thousands of victims with every new campaign. According to the report:

“Children and teenagers are the most exposed to atrocity video scams, and we expect their number to intensify in the future.”

Cybercriminals use atrocity videos as a way to serve users with links to fraudulent web sites that prompt you to complete surveys and offers before watching the video. Cybercriminals hope to earn a commission for every survey completed. Malware is also distributed in this way.
In order to combat this type of scam, you must avoid falling victim to your own curiosity and fight the urge to click “play”. Stay vigil and use common sense. Check the domain name of any seemingly suspicious links to videos and images provided before clicking on it. Cyber criminals have no shame and even use tragic events as airline disasters to lure people into clicking. Steer clear from viewing atrocious content on Facebook and get your news from major news websites instead.

#4) Celebrity scams: celebrity scandals and death hoaxes (7.5%)
​
The fourth most popular type of Facebook scam preys on a users desire to keep up with the latest news and gossip on favorite celebrities such as Rihanna or Justin Bieber. The videos are often shocking news, such as the death of a celebrity or adult content. The primary goal of this scam is to trick you into clicking a link that will then ask you to update your video player or redirect you to an external source prompting you to download something to watch the video.

This scam appeals to a users sense of curiosity and amplifies it by using enticing trigger words and popular celebrities. While some videos lead to Potentially Unwanted Programs (PUPs) such as adware, others are more serious and lead to data stealing malware that can turn your computer into a zombie as part of a botnet.

In order to combat this scam, users must use caution and common sense. In order to stay up to date on your favorite celebrities, use a legitimate and verified news and video source. Think before you act, remember if something seems so shocking that it is unreal, it probably is. Avoid watching adult content based videos on social media sites.

#3) Freebies and giveaways: Free -enter any company name- gift card!  (16.5%)
​
Giveaway scams are the third most popular Facebook scam that preys on the human instinct of greed. A few examples of this scam are – winning free trips to Disneyland, receiving free gift cards, vouchers and free electronic items such as an iPad. A well known saying is “nothing in life is free”, especially if something sounds too good to be true. If somebody on Facebook tells a company is giving away vouchers or gift cards if only you invite your friends to the offer or click on a link—don’t believe it. If you do, you’ll end up spamming all your contacts with bogus messages about the fake offer.

In order to combat, users must keep a mindset that almost all of the free offers encountered online are bogus. Always think before you click and if an offer does seem suspicious, contact the company to verify the promotion’s authenticity or check the company’s Facebook page. Never enter your most sensitive credentials on any free surveys and promotional offers that seem too good to be true.

#2) Facebook functionality enhancements (29.5%)

The second most popular Facebook scam is one that supposedly extends Facebook functionality. Users are seemingly presented with options to add a dislike button or embellish their profile with different colors or features, such as this one. This scam centers around a users desire to improve their overall social networking experience. Once a user decides to take advantage of the supposed enhanced Facebook features, cybercriminals can access and steal a user’s most sensitive data and spread malware by use of fake online survey pages. Never enter your data in seemingly suspicious forms or surveys on social media sites.

In order to combat this scam, Facebook users need to help raise user awareness. Also, never click on links leading to pages that offer the ability to change your background and profile color as Facebook does not offer such an option.

#1) Who viewed my profile? (45.5%)

By far the most popular, widespread Facebook scam that users will encounter (almost 46%) preys on the aspect of human curiosity. User’s want to see exactly who, what, and how many views their page is getting. The “profile viewer” message is customized to each person, touching users on a personal level. A lot of users want to see if they are still searched for by a person for whom they may still have feelings for, such as an ex.

In order to combat this type of attack, users must be made aware that finding a legitimate application which reveals high profile details such as how many views or how many viewers you have is highly unlikely. Don’t click on suspicious links to pages that you don’t know where they are taking you and don’t add applications to your Facebook that have not been checked and confirmed to be safe by Facebook’s developers.

General human dispositions cause users to fall for these tricks

The report delves into psychological explanations as to why users fall for the traps. The conclusion:

“The biggest vulnerabilities appear because of general human dispositions that may hit any user at one point in his life,” Bitdefender Behavior Analyst Nansi Lungu said. “It’s hard for us to acknowledge our irrational behaviors, or that we’re blindly indulging in impulses we typically attribute to the less educated.”

1. Vulnerabilities appear because of general human dispositions – The way people act, think, and react give rise to threats and vulnerabilities.
2. Scams may hit any user at one point in his life – No matter how tech savvy or educated a user may be, no one is immune to falling victim to a scam at least once in a lifetime because cybercriminals always use the right psychological triggers.
3. We all behave irrationally sometimes, online and offline – Everyone at some point will say or do something crazy or careless without first thinking about the consequences that follow.
4. Scam victims are often less informed – Most scam victims are not aware of what something is or how it happens until its too late.

People are seemingly their own worst enemies. We don’t think before we act, and react before we think. This irrationality leads to cyber criminals having a motive to steal sensitive data and distribute malware as a means to make money. Cybercriminals take advantage of the fact that many users are not aware of online dangers and therefore aim to target this vulnerability. User awareness and caution is the key.

Tips to stay safe on Facebook.

•  Stay informed and up to date on the latest malware outbreaks and security news via blogs and newsletters. It is important to stay up to date on the latest security news when fighting online threats. Read security blogs from Emsisoft and Sophos. Also, subscribe to receive security newsletters from security news sources. There are also good sites and Facebook pages to inform users about Facebook scams, such as this one.
• Use a reputable, up-to-date antivirus application to block malicious sites and malware infections. Antivirus applications are always essential tools used to detect, block, and prevent malware infections. It is critical to keep your antivirus enabled and up-to- date with the latest virus definitions to ensure maximum protection.
• Keep your operating system and applications up to date to minimize potential vulnerabilities. Always perform Windows updates and keep your software applications up to date. Cybercriminals on social networks will exploit vulnerable operating systems and software as a means to spread malware.

• Use caution and think twice before using the “quick click” method. Do not carelessly act and react without thinking. Use common sense and caution in order to avoid installing a potentially malicious application or visiting a suspicious web page. A lot of scams spread through Facebook friend recommendations, so don’t simply click on something a friends shared with you.

• Beware of the personal information you share on social media sites. The top five essential ” TMI” Facebook items to keep private and never share are your social security number, birth date, home address, home phone number, passwords and bank and credit card information.

• Customize various privacy options. Facebook gives a user control over their own privacy settings. Do not assume that you have to use the default settings. Check out the other configuration and learn how to adjust your security settings. Make yourself aware of how to limit what others can see and how to block unwanted guests from viewing your profile.

•  Avoid social media sites altogether to combat malware and scams. The last ditch effort to stop scams on Facebook is to avoid the social media site altogether. This may not be an option best suited for everyone. If you are consistently being infected or scammed on Facebook, it may be a good time to consider backing out of the social media game while you still have your identity and money.

• Use secure web browsers and security based add-ons to combat malicious web pages. Use a reputable, up-to-date web browser such as Google Chrome as a first line of defense. Chrome has the ability to block phishing and malware sites. Chrome allows for the use of a massive variety of different add-ons. Use ones such as Adblock Plus to block malicious ads and pop-ups and WOT to also help block phishing and malware sites which should further improve your overall security online.

• Use strong passwords. Probably the most critical part of staying safe on social media sites everywhere is to use strong passwords. Never give out your username or password to anyone. Cybercriminals are getting smarter and therefore cracking a weak password is a relatively easy task for them to accomplish.

​Have a great (scam-free) day!

I'm not here to judge. Really, I'm not. I have, however, been fixing computers, in one capacity or another, for well over two decades, and I see the same thing over and over....

People are constantly screwing up their own computers!

​Some computer problems are due to hardware failures or lemons, exactly how your microwave or dishwasher might fail due to age, wear, or maybe a factory defect. While there are things you can do to identify and even help prevent these sorts of problems, I would never say you've screwed something up just because you have some bad luck.

Beyond that, though, is almost every other problem: the ones we cause ourselves, mostly by ignorance, which hopefully I can solve for you here.
Sometimes, however, procrastination is the enemy. We put off a computer maintenance task because we don't have time, or tell ourselves that we'll back up our stuff next week instead.

Regardless of where you sit on the ignorant-to-procrastinating scale, let the following 13 slides remind you of some of the most important things you can do to stop screwing up your computer!
​
I even rate your screw up from 1 to 10. You're welcome!

One big way to screw up your computer, and by extension yourself, is to back up in some way that's not continuous.

This is a LEVEL 10 SCREW UP!

Yes, you should be backing up your data continuously, as in virtually nonstop... all the time... at least once per minute. It sounds excessive, but it's true.
This is one of the biggest way you're screwing up your computer (and your smartphone, and your iPad, etc.).

Your data is the most important stuff you own. They're your irreplaceable photos and videos, your expensive music, your school paper you've invested hours and hours in, etc., etc., etc.

While it's possible to use traditional backup software to back up continuously to an external hard drive or a network drive, it's easier to get started with, and safer on several levels, to back up continuously with an online backup service.

CompuBC On-line Backup is a perfect online backup solution that automates data backup to secure cloud storage.
The application combines easy to use interface with a powerful functionality making a disaster recovery plan simple, reliable and affordable.
Benefits:
• Keep backups in remote location
• Restore backups anytime from any place where you have internet connection
• Setup suitable schedule for backups or backup every changed or new file immediately with Continuous Data Protection
• Protect backups by encrypting your data
• Compress backups to reduce the size of required cloud storage.
Features:
Backup Schedule - Automate backups by setting up suitable time and frequency.
Real-Time Backup - Backup everything automatically. CompuBC On-line Backup runs as Windows Service and tracks folders for new or changed files to backup them immediately.
Encryption - Protect your data from unauthorized access by choosing an encryption algorithm and setting a unique encryption key. CompuBC On-line Backup encrypts all your data before uploads it to a storage.
Compression - Reduces the size of your backups to save time and money spent on data recovery plan. CompuBC On-line Backup compresses data prior to transfer.
Intelligent Bandwidth Scheduler - Control the bandwidth throttling in real-time to set, for instance, the backup to consume all available bandwidth during the off hours and on the weekends while consume only 10% of bandwidth during the working hours.
Virtual Disk - Expose cloud storage as a local disk on your computer and access your data.
Local Backup - Set up local backup if you want to send only subset of your data to the cloud and keep the rest on your local backup storage.
Block Level Backup - Backup only changed parts of the file. CompuBC On-line Backup detects these parts and automatically uploads it to the remote storage.

So stop screwing up your computer and start continuously backing up to the cloud! Most smartphones have built-in auto-backup capabilities, so be sure to turn those on too!
​
(Wait, you're not backing up at all? Here's your chance to get started, and do so the right way from the get-go.) https://www.compubc.com/online-backup.html

Another "good" way to screw up your computer is to not keep updated that antivirus program you took the time to install.

This is a LEVEL 10 SCREW UP!

Those nefarious malware authors out there make new viruses every day, change how they work, and find new ways of avoiding antivirus software. In response, antivirus software has to respond just as quickly.

In other words, your antivirus software only worked 100% the day you installed it. Kind of depressing, isn't it?

Most antivirus software, even free antivirus programs (of which there are plenty), automatically update their definitions, the term used to describe the set of instructions the programs use to identify and remove viruses and other malware.
But most free antivirus program will not give you the full protection you need.

CompuBC use Award winning antivirus platforms and we will know if you got infected, alert you & help with the removal
Managed Antivirus can help your system proactively stay ahead of all malware threats, both known and emerging. 
Managed Antivirus not only keeps your network’s security up-to-date with protection against the latest known threats by using traditional signature-based protection, but it also protects against new viruses by using sophisticated exploratory checks and behavioral scans of your system.

Our Award winning antivirus platform applies the following real-time protection layers:

• Web Protection - Prevents access to malicious websites, ad networks, scammer networks, and bad neighborhoods.
• Application Hardening - Reduces vulnerability exploit surface and proactively detects fingerprinting attempts used by advanced attacks.
• Exploit Mitigation - Proactively detects and blocks attempts to abuse vulnerabilities and remotely execute code on the endpoint.
• Application Behavior Protection - Prevents applications from being leveraged to infect the endpoint.
• Anomaly Detection - Proactively identifies viruses and malware through machine learning techniques.
• Payload Analysis - Identifies entire families of known malware with heuristic and behavioral rules.
• Behavior Monitoring - Detects and blocks ransomware via behavioral monitoring technology.

That said, there are sometimes pop-up messages that ask you to do this manually or notices that appear on screen about needing to update the core program before definition updating can continue.

Unfortunately, I see people screw up all the time by closing these... without reading them at all! A message that shows up over and over is usually a good indication that's it's important.

So stop screwing up your computer's ability to fight the bad guys and make sure that you have a good antivirus program and it is updated!
​
(You don't even have an antivirus program installed? CALL US RIGHT NOW!) https://www.compubc.com/managed-it-services.html

Similar to the not-updating-your-antivirus mistake from the last slide, putting off those software updates, especially the operating system ones, is a great way to screw up your computer.

This is a LEVEL 10 SCREW UP!

(I know, three Level 10 screw ups in a row! I'm getting most of the really important stuff out of the way first.)

The majority of software patches these days, especially the ones Microsoft pushes for Windows on Patch Tuesday, correct "security" issues, meaning issues that have been discovered that could allow someone to remotely access your computer!

Once these vulnerabilities in Windows have been discovered, a patch has to be created by the developer (Microsoft) and then installed (by you) on your computer, all before the bad guys figure out how to exploit said vulnerability and start doing damage.

Microsoft's part of this process takes long enough so the worst thing you can do is extend that window of opportunity any longer by procrastinating on installing these fixes once provided.

Windows Update is probably installing these updates for you automatically but you can check for this, and change the behavior, any time you want.

It's the exact same situation with your Mac or Linux computer, your tablet, and your smartphone... just different details. However you're notified that an update is available to iOS, your smartphone software, or your Linux kernel: promptly apply the update!

Other software and app updates are important too and for similar reasons. If your Microsoft Office software, iPad apps, Adobe programs, (etc., etc., etc.) ever ask you to update, just do it.

(You've never installed updates to Windows? Like I said above, they may be installing without your knowledge, but you should check to be sure. See our managed services that will force windows updates.) https://www.compubc.com/managed-it-services.html

​We all use passwords. Most of the devices and services we use require that we do.

What they don't (usually) require is that the passwords not suck. A "strong" password, in case you didn't know, is a password that doesn't suck... in some specific ways.

Hopefully you know that passwords that include your name, simple words, 1234, etc., are all "bad" passwords. Information security experts call these types of passwords weak passwords.

Weak passwords are easy to "crack" with special software. Very weak passwords are even easy enough to guess. Yikes.
This is a LEVEL 9 SCREW UP!

I've written about guessing your own simple passwords and even hacking in to your own computer, both things you may be happy to have the ability to do when needed but that every other expert computer user can also do.

search "What Makes a Password Weak or Strong" if you're not quite sure how great, or not-so-great, your passwords are. If they don't meet that "strong" criteria, here's How to Make a Strong Password:

1. Long password, the longer the better, try not to go below 8 characters
2. Complexity, don't use your first or last name, your street or anything a good hacker can already know about you with little or no effort.
3. Use capital, lowercase, numbers and symbols. 

Do yourself one better and use a password manager to store your hard-to-remember passwords, leaving you with just a single, strong password to memorize. There are plenty of free password manager apps, programs, and web services out there like LastPass.
​
(Logging in to Windows or some other service without a password at all? Set one. Please!)

​Windows XP was probably Microsoft's most successful product of all time, certainly its most successful and popular operating system.

Unfortunately, in April of 2014, Microsoft ended pretty much all support for it, meaning that those important security holes that are patched every month on Patch Tuesday are not being created for Windows XP! and will end Windows 7 support soon!

This is a LEVEL 8 SCREW UP!

If you're still using Windows XP then your computer is still vulnerable to all of the security issues that have been found, and corrected in later versions of Windows, since May of 2014!

This is a Level 8 screw up and not a Level 10 because there are a few ways you can keep yourself relatively safe and still use Windows XP.

​One easy to way to screw up your Windows computer, especially if you did update Windows XP, 7, 8 to Windows 10.

"Hu?" It's confusing, I know... I'll explain below.

This is a LEVEL 8 SCREW UP!

Another very common way to screw up your computer is to download the wrong types of software, filling your computer up with stuff you never wanted, including malware and adware.

This is a LEVEL 7 SCREW UP!

As you probably know, there are tens of thousands, maybe more, completely free software programs and apps out there.
What you may not know is that there are different levels of free software. Some are completely free, often called freeware, while others are only "sort of" free, like trialware programs and shareware programs.

Some sites trick users by advertising that the download is free when in reality the only thing they're saying is that the actual download process is free. (Well duh!)

What all of this confusion does is help you end up with something other than what you thought you were getting. It's frustrating, I know.

A pretty easy way to screw up your computer is by installing, or leaving already-installed, junk software on your computer, the worst of which is the kind that runs in the background all the time.

This is a LEVEL 7 SCREW UP!

The bulk of the blame for this one is with your computer maker. Seriously.

Part of the reason some companies can sell their computers at such a low cost is by taking money from software makers to include trial versions of their programs on your brand new computer.

Unfortunately, most people have little to no use for these programs. What the majority of new computer users will do, at most, is just delete the shortcuts to these programs. Out of sight, out of mind.

What some people don't realize is that these programs are still installed and wasting space, just hidden from your daily view. Worse yet, some of these programs start up in the background when your computer starts, wasting your system resources and slowing down your computer.

In fact, preinstalled, always-on software is one of the biggest reasons for a sluggish overall computer experience.

Fortunately this problem is easy to fix, at least in Windows. Head to Control Panel, then to the Programs & Features applet, and promptly uninstall anything you know you don't use. Search online for more information about any programs you're not sure about.

​No, it's certainly not the most important thing you can screw up, but letting needless stuff fill up your hard drive, especially with today's smaller solid state drives, can impact how quickly some parts of your computer work.

This is a LEVEL 5 SCREW UP!

In general, having "stuff" on your computer that doesn't do anything but take up space is not anything to worry about it. When it can be an issue is when the free space on the drive gets too low.

The operating system, Windows for example, needs a certain amount of "working" room so it can temporarily grow if need be. System Restore comes to mind as a feature that you'll be happy to have in an emergency but that won't work if there's not enough free space.

To avoid problems, I recommend keeping 15% of your main drive's total capacity free.

Having hundreds or thousands of extra files also makes it harder for your antivirus program to scan your computer and makes defragmenting of old mechanical hard drives more difficult.

In Windows, a really handy included tool called Disk Cleanup will take care of most of this for you. Just search for that in Windows or execute cleanmgr from Run or Command Prompt.

If you want something that does even more of a detailed job, CCleaner is excellent. It's also completely free.
​
Oh, and don't worry, it's usually by no fault of your own that these files accumulate over time. It's just part of how Windows, and other software, works.

To defragment or not to defragment... not usually a question. While it's true that you don't need to defrag if you have an solid state hard drive, defragging a traditional hard drive is a must.

This is a LEVEL 4 SCREW UP!

Fragmentation happens naturally as your computer's hard drive writes data all over the place. Having a bit here, and a bit there, makes it harder to read that data later, slowing down how quickly your computer can do a lot of things.

No, your computer isn't going to crash or explode if you never defrag but doing it on a regular basis can most certainly speed up pretty much every aspect of your computer use, especially non-Internet related tasks.

Windows has a built-in defragmentation tool but this is one area where other developers have gone the extra mile, making easier-to-use and more effective tools.
​
My recommendation is to move to an SSD technology and clone your drive to a new SSD drive where NO defragging is needed.

First of all, don't dunk any part of your computer in a sink full of soapy water! That image is for illustration purposes only!
Not properly cleaning your computer, however, especially a desktop computer, is an often overlooked maintenance task that could eventually screw up your computer something severe.

This is a LEVEL 4 SCREW UP!

Here's what happens:

1. your computer's many fans collect dust and other grime.
   
2. said dirt and grime build up and slow down the fans.
   
3. the computer parts cooled by the fans begin to overheat.
   
4. your computer crashes, often permanently.

In other words, a dirty computer is a hot computer and hot computers fail.

If you're lucky, your operating system will warn you that certain pieces of hardware are overheating or you'll hear a beeping sound. Most of the time you won't be lucky and instead your computer will start to power off by itself and eventually never come on again.

It's easy to clean a computer fan. Just go buy a can of compressed air and use it to clean the dust from any fan in your computer. Amazon has tons of compressed air choices, some as cheap as a few dollars a can.

In desktops, be sure not to miss the ones in the power supply and in the case. Increasingly and video cards.
Tablets and laptops usually have fans too so be sure to give them a few puffs of canned air to keep them running smooth.

Yes, keyboards and mice need cleaning too, but dirty versions of those devices usually don't cause serious problems, unless bacteria is your enemy, then read this post.
​
Do be careful cleaning that flat screen monitor, though, as there are household cleaning chemicals that can permanently damage it.

Last, but certainly not least, and very much related to the last big screw up you just read about, is not asking for help when you need it.

This is probably THE BIGGEST SCREW UP EVER!

Don't feel bad! This is something just about everyone screws up on.

If you think you might be able to fix a problem that pops up yourself, you run to your favorite search engine for help.

Maybe you ask a friend on Facebook. Or Twitter. Maybe your 12 year old is a wiz and fixes everything for you.

All of those things are great. Consider yourself lucky that they worked out, ask the professionals.

Avoid trying to open your case and "fix" your hardware or tempering with your operating system.

​Just pickup the phone and call your computer tech support go-to guy. Well...that's us.

Like its predecessor, the T1, the T2 is designed to shift responsibility for security-critical aspects of Mac hardware out of the hands of the Mac CPU and traditional computing components—where they can be subject to hacks and malfeasance—into a “secure enclave,” a separate environment inaccessible to hacks, malware, and even hardware-based security risks. Even if macOS were somehow completely “pwned” by a security flaw or attacker, the critical functions and data handled by the T2 would be completely unaffected.
​These days, it’s safe to say most technology users are interested in more security, rather than less, so the benefits of the T2 seem clear, if decidedly nerdy. But that doesn’t mean a T2-equipped Mac is the right choice for every Mac user right now—even those who want to be as secure as possible.

It’s no secret Apple’s hardware group has been on a roll for the last several years: it currently makes five processor lines (the A, H, S, T and W chips) that power everything from iPhones and iPads to the Apple Watch and AirPods. So it’s not surprising Apple would bring its own silicon to the Mac to enable Apple-exclusive features.
The company introduced the T1 in late 2016 to handle the fingerprint processing for Touch ID sensors in the first Touch Bar-equipped MacBook Pros, and it also helped lock down sensitive components like the built-in microphones and cameras. Further, the T1 took over the System Management Controller (SMC), which is responsible for heat and power management, battery charging, and sleeping and waking the Mac. Finally, the T1 determines if macOS is running on actual Apple hardware.
The T2 picks up from there, with four major capabilities:

• It takes over all access to built-in solid-state drives, enabling real-time encryption and decryption so your data is never stored in the clear
• It provides the processing power that lets you invoke Siri with “Hey Siri”
• It offers image enhancement for built-in FaceTime HD cameras
• It can optionally lock down a Mac’s boot process—so if someone were to steal your Mac, they wouldn’t be able to start it up using an external drive and steal your data

The T1 and T2 can do all these things because they’re basically separate computers with their own isolated memory and storage: they’re ARM chips running Apple’s bridgeOS. The T2 is based on the A10 processor that shipped in the iPhone 7, and bridgeOS derives from Apple’s watchOS. In some ways, the T1 and T2 act as independent co-processors, enhancing performance by handling common tasks for the Mac and enabling the CPU to focus on other things. But in other ways, they significantly beef up security, since they offer a fully independent system that remains secure even if macOS is compromised.

Apple has published an overview of the T2 chip spelling out some of its technical details, but here are the main points:

• Secure Boot: The T2 ensures all components of the startup process—including firmware, the kernel, any kernel extensions, and bootloaders—can be cryptographically verified as trusted by Apple before booting. The idea is to prevent the Mac from being started up on compromised low-level software, thereby exposing users’ data. Secure Boot also covers Recovery Mode, Diagnostics mode, and Internet Recovery mode. By default, Secure Boot trusts only software signed by Apple or—get this—signed by a Microsoft certificate to authenticate Microsoft bootloaders. That means Boot Campinstallations of Windows 10 on the internal SSD have all the benefits of Secure Boot, but anything else—like Linux—is currently out in the cold. Macs with T2 chips also have the Startup Security Utility available in Recovery Mode. Users (with a valid admin password!) can set a firmware password and/or downgrade some Secure Boot functionality. However, the No Security setting doesn’t necessarily enable untrusted operating systems to start up using the internal SSD, since they’d have to support the T2 as a storage controller (sorry, Linux). Using other operating systems seems to be possible only from external drives, and they gain virtually none of the benefits of the T2, including fingerprint authentication.
  

For most Mac users, the benefits of the T2 are clear, particularly for notebook users who take their Macs with them wherever they go. If your new MacBook Air is stolen, the T2 offers decent assurance that sensitive data—like email, passwords, credit card numbers, social media accounts, super-secret projects, or those pictures—won’t fall into the wrong hands.
The T2 isn’t without trade-offs, however:

• Less Repairability: The T2 chip requires technicians to run a proprietary diagnostic tool to replace certain components like flash storage, the Touch ID sensor, and the main logic board, which means repairs or replacement of those components can only be done at Apple Stores or by Apple Authorized Service Providers. Most Mac users will never need to replace those components, but it’s yet another way Macs are becoming less repairable.

• Goodbye, NetBoot: T2-equipped Macs can’t boot from network volumes, which could be a serious issue for organizations and schools that still rely on the now-deprecated NetBoot. If you need NetBoot, take note: Apple’s recently refreshed iMac line does not have the T2 chip.
• Data Recovery As-Good-As Impossible: That on-the-fly encryption and decryption the T2 chip provides for the SSD means the T2 is the only way to get data off the internal drive. If the T2 is damaged or becomes inoperable, your data is inaccessible, even to top data forensics experts, so have a solid backup strategy in place—check out Take Control of Backing Up Your Mac, Third Edition for all you need to know in that department.
• Linux & Older Windows Boot Issues: Lots of software developers—particularly Web developers—prefer to work in Linux or other operating systems, even if they own a Mac. T2-equipped Macs can only boot Linux or versions of Windows prior to Windows 10 from external drives after disabling the T2’s Secure Boot feature. If you need to run one of these operating systems, get used to doing it in a virtual machine. If you must run one of these systems on “bare metal,” a T2 Mac is not for you.

Since the introduction of the iMac Pro—and continuing with newer T2-equipped Macs—users have reported occasional audio glitches: little clicks, pops, or bursts of noise that seem to happen at irregular intervals. They occur with both audio playback and audio recording, and can happen using any app, whether listening to Apple Music, watching a video on YouTube, playing a game, or—uh oh!—playing a hot DJ set at a party or recording a live symphony orchestra.
The problem seems most common with USB-connected audio devices—whether consumer-grade headsets, podcaster-level microphones, or professional audio gear—but the glitches also happen with built-in speakers and microphones as well as audio devices connected via Thunderbolt. How often do they happen? Hard to say. Some users see a few every hour, others maybe only one per day.
Many Mac users won’t care. If there’s a little pop while streaming “Baby Shark” for the thirty-first time, it’s not the end of the world, am I right? OK, maybe I’m right?
However, for others, these glitches are literally showstoppers. If you’re using your Mac to process live audio—maybe you’re a DJ, or a musician using your Mac to run software instruments with programs like Ableton Live or Apple’s MainStage—blasting your audience with random pops, clicks, and bursts of sound is a Very Bad Thing. If you are recording music—whether in your bedroom using GarageBand or burning through hundreds of dollars per hour in a professional studio—those glitches will inevitably happen during critical moments, often destroying your recording. Imagine telling a legendary performer: “Hey, that was great, but the Mac glitched. Let’s go again, maybe it’ll record OK this time!” It’s a quick way to end a career. For musicians and audio professionals, this problem makes T2 Macs unreliable and untrustworthy—an irony, since many of these people use Macs to avoid the famous undependability of audio setups under Windows.

For professional recording studios, the T2 chip isn’t yet much of a problem. (No joke: plenty of Mac-based recording studios are still using decade-old Mac Pro towers.) But a tremendous amount of amateur, enthusiast, and professional audio work—whether music, podcasts, mixing, or DJing—doesn’t happen in professional studios: it happens on notebooks and in small Mac-based project studios. Plenty of musicians take their Macs on stage with them to perform in real time. The T2 is spreading across ever-greater swaths of Apple’s Mac lineup, which makes choosing a new Mac difficult.
What to do? The T2 audio problems have been known for well over a year, and Apple has been utterly silent about them save for a vague claim that macOS Mojave 10.14.4 “improves the reliability” of USB audio devices used with T2-equipped Macs. Some audio developers (like Germany’s RME) have reported improvements with USB audio, but my limited testing with a T2-equipped MacBook Pro found no discernible improvement using 10.14.4 with USB or Thunderbolt audio devices.
Some T2 users have been able to reduce the frequency of glitches by killing the built-in timed process (which synchronizes the Mac clock with a time server) and/or locationd (which tries to determine a Mac’s location for Location Services). Some folks have had good luck with these workarounds; others still experience problems. Unfortunately, stopping these background processes is non-trivial and requires disabling macOS’s System Integrity Protection. In other words, not recommended.

For most Mac users, the T2 chip offers clear benefits: not only does it power spiffy fingerprint detection on the MacBook Pro and MacBook Air, but it also provides fully encrypted storage and hardens the Mac against a range of sophisticated attacks—including the sorts of things that a government might carry out if one were to seize a computer.
But the T2 also highlights how fragile the Mac world can be. Users who don’t have easy access to an Apple Store or authorized repair shop may encounter real problems getting a T2 Mac fixed. Users who don’t have a good backup strategy probably won’t be able to recover any data at all if the T2 chip fails—even if they turn to data recovery experts. And developers who want to run anything but macOS or Windows 10 natively are basically out of luck. So if your Mac has a T2 chip, figure out in advance where you’ll get it repaired if necessary, make sure you’re backing up regularly to multiple locations, and stick with virtualization for guest operating systems.
All that said, if you rely on your Mac for audio—whether recording podcasts, DJing parties, or as a professional engineer or musician—I recommend avoiding T2-equipped Macs until audio issues have been verifiably resolved for quite some time. If you need a new Mac before that happens, consider one of the few remaining models without a T2 chip, or perhaps an older pre-T2 Mac—sometimes Apple offers a good deal on refurbished and clearance models.

Remember how zippy your Mac was when you first got it? How it booted up in a snap, and switched fast between apps? At iFixit, we live for breathing new life into broken devices—but what if your Mac is just wheezing and slow? After all you’ve been through together, you don’t want to just throw it away. Should you sell it? Leave it unplugged in a drawer for a few more years (until you feel less guilty about throwing it away)?

Answer: none of the above. Upgrading your Mac is an amazingly effective option, and it’s cheaper than you might expect. With a brand-new SSD and high-capacity RAM, your aging Mac will be running good as new—no, make that better than new.

First things first: an SSD upgrade is, hands down, the best way to speed up your computer.
There’s lots of information on the benefits of SSDs versus HDDs, but here’s the short version:
​Unlike an old-fashioned hard disk drive (HDD), which stores the computer’s info on a spinning metal platter, a solid-state drive (SSD) stores the information in silicon chips.
Because there are no moving parts in an SSD, they can read and write information up to 10 times faster than a traditional HDD.
This means that boot times, application launch times, and data retrieval get much, much faster when you use an SSD as the primary storage for your computer.
Moreover, SSDs are more resistant to shock, vibration, and movement—making them particularly suited to laptops and other devices that are subject to sudden knocks and bumps.

So if you’ve got a need for speed—or if you’re just trying to add more storage to your device—open up Activity Monitor and click the Disk Usage Table to see what size SSD you need.
Look at how much space you are using on your current hard drive and round it up to the nearest SSD size (or go higher if you want to future-proof your machine).

​SSD come in 240/250 GB, 480/500 GB, and 960/1 TB drive sizes for every Intel-powered Mac that can accommodate a SATA Drive. And they work in both 2.5″ formats (for laptops, Mac Minis, and some iMacs), as well as in 3.5″ drive bays (like those found in larger and older iMacs) through the use of an included adapter.

If you find yourself staring at OS X’s spinning beach ball more often than you’d like, then RAM is the answer.
RAM is your Mac’s short-term memory—meaning every time the system opens a program or process, it loads it into RAM.
If the system needs to juggle more applications than the RAM can hold, it has to offload some of them to a temporary storage area on the hard drive (called the swap file), This eats resources, slowing everything down to a crawl.

Not too long ago, many Macs shipped with 2 (or fewer) GB of RAM—an amount that would quickly fill up with today’s resource-hungry software.
But as the software companies continue to add new features and make the digital lives cooler and fancier, the old RAM-limited hardware increasingly struggles to keep up.
​Fortunately, in most cases, this is an easy fix.

One important caveat about RAM upgrades is that the amount of RAM your Mac can utilize is limited by the rest of the hardware in the computer.
Not all computers can handle 16 GB of RAM, and figuring out which computers can handle which RAM configuration can be tricky sometimes. If you’d rather not, simply call us for assistance.  You can rest easy knowing that you’re getting the ultimate RAM experience for your machine.
To know if a RAM upgrade is right for you, open OS X’s Activity Monitor and click on the System Memory. If the chart indicates that most of your RAM is “Active” or “Wired,” you’re likely going to experience system slowdowns. While you’re there, check out how much RAM you have installed.

Backup Solution Is Fully Automated
It is advisable to create your own procedures, like making weekly backup to an external hard drive or DVDs; however, it takes some effort every time you need to copy some files.
There is always a danger of forgetting a file or two or just becoming careless and skipping making backups on some week. Luckily, CompuBC online data backup software offer fully automated solutions, which are scheduled to make backups regularly.