Phishing gets lots of media attention; however, for many it is a bit of a mystery. What is phishing? Are there different types of phishing? How can you prevent a phishing attack? Let’s investigate each of these areas in detail.

What is phishing?

Wikipedia describes phishing as a fraudulent attempt to obtain sensitive information, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication. Attackers will spoof their email address to appear like someone else, set up fake websites, and disguise website URLs. It is becoming harder to figure out who and what you can trust. Avanan’s 2019 Global Phish Report found that 1 in every 99 emails and 1 in 25 branded emails is a phishing attack. Microsoft and Amazon are the most popular brands used in phishing emails. Additionally, 30% of phishing emails slip through security programs, so the threat is significant.

Phishing campaigns have two primary objectives:

  1. Obtain sensitive information – Phishing emails often seek to get you to reveal important information, such as your username or password. This gives the attacker the necessary info to access a system or account. It is very common for messages to appear like they are from your bank, credit card company, or a number of other places you would expect to be reputable.
  2. Distribute malware – The emails that aren’t stealing your credentials are trying to infect your computer with malware hidden in attachments (you can read more about malware in our blog here). Often these .zip files or Microsoft Office documents will appear to be something you are expecting, but in reality it is malicious code. In 2017, it was estimated that 93% of phishing emails contained ransomware attachments.

Types of phishing

There are a few different types of phishing. However, the one thing they all have in common is the fraudulent attempt to obtain sensitive information. Major categories of phishing are:

Spear phishing – Attackers craft a message targeted at a specific individual. Social media sites are often used to identify the target and gather information for the attack.

Whaling – Similar to spear phishing, but the target is a high-value person. The target is generally a person with power, a CEO, senior executive or board member, at a large organization.

Clone phishing – Attackers clone a legitimate previously delivered email and replace the links and/or attachments with malicious code. Clicking the links or opening the attachments enables the attacker to take control of your system and send additional malicious emails masquerading as you.

Phone phishing – Similar to email phishing, the caller claims to be a trustworthy entity like a bank or the government. They try to scare you with a problem that must be cleared up immediately. Their objective is to access account information or have you pay out money.

SMS phishing – These attacks are carried out by SMS text. The text message contains a malicious link that enables the attacker to obtain sensitive information.

Identifying and preventing a phishing attack

The harsh reality is that at some point virtually everyone and every organization will experience a phishing attack. The cost of phishing is significant. In 2018, the FBI’s Internet Crime Complaint Center reported that companies around the globe lost $12.0 billion due to business e-mails being compromised. The cost goes beyond just dollars and cents. Phishing attacks lead to decreased productivity, loss of confidential data, and damage to company reputation. Deloitte reports that 1 in 3 consumers will drop a company like a hot potato after they experience a cyber security breach.

However, there are steps you can take to reduce your chances of becoming a phishing victim.

  • Trust your gut – If something seems too good to be true, then it likely is. Be suspicious, not trusting. Legitimate organizations will never send emails asking you to provide personal information over the web. A quick Google search with the subject or text from a suspicious email will often identify if it is a known phishing scam.
  • Double check URLs – Before you click or enter personal information double check URLs. It is very common for a link in an email to say one thing but the URL is totally different. Mouseover a link first to see if it is legitimate.
  • Look for URL redirects – Make sure you are going to the URL you expect and not a different website with a virtually identical design.
  • Don’t trust urgent/scary emails – Attackers are generally trying to create a sense of urgency or fear. Question emails that are telling you to “Act Now” or “Pay Now”. According to KnowBe4 in Q1 of 2019 35% of phishing emails started with the subject line – “Password check required immediately.”
  • Watch for questionable attachments – Attachments are one of the most common ways to distribute malware. If it looks even remotely suspicious don’t trust it.
  • Don’t share personal info on social media – Avoid sharing personal information such as your birthday, phone number, or address on any publicly accessible social media platforms.
  • Educate, educate, educate – Knowledge is understanding. Regular training on new threats and what to look for are key to preventing a phishing attack.
  • Protect your data – Regularly backup all of your important data at both the organizational and individual level. For instance, implement an easy to use endpoint backup and protection solution like Data Deposit Box. Try it for free here.

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

You hear news reports almost daily about ransomware taking down organizations around the globe. Cyber Security Ventures estimates a new organization will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021.

What is ransomware?

Ransomware is a type of malware which takes full control of your system and requires a ransom payment to regain access. In some cases, ransomware threatens to publish confidential data unless a ransom is paid. Norton breaks down the different types of ransomware – Cryto malware, Lockers, Scareware, Doxware and Ransomware as a Service (RaaS).

Stages of a ransomware attack

Ransomware attacks can be broken down into four different stages. What starts off as a simple click in an email, or a download from the internet, or a website visit, can very quickly lead to a whole lot of trouble and enormous expense.

Stage 1 – Phishing

One of the most popular ways for cybercriminals to access your system is a phishing email. Statistics indicate 1 in 25 branded emails are phishing emails. Avanan, a cyber security platform, reports the two most popular brands phishers pose as are Microsoft (42%) and Amazon (38%). Additionally, the Avanan research finds phishing attacks fall into a few different categories – credential harvesting (41% of attacks), extortion (8% of attacks), malware (51% of attacks), and spear phishing (0.4%).

Stage 2 – Burglar prowling

Once a link is clicked and the malicious code downloaded, the burglar begins to prowl. Your computer is compromised. Ransomware starts infiltrating your computer in a matter of seconds. In 2017 the WannaCry ransomware spread like wildfire and in a matter of hours encrypted hundreds of thousands of computers in over 150 countries. Ransomware looks for files on your computer, network, and in the cloud to encrypt.

Stage 3 – Locked out

Encryption of files on your local computer can happen in a matter of minutes. Within a few hours, encryption will impact files on your network or in the cloud. Once the malicious software takes hold, it will lock you out of your most important folders, files and data; giving you no access until you pay. Files in Saas based applications like Dropbox and Office 365 are the most likely to be impacted. Kaspersky found 65% of businesses hit by ransomware in 2017 lost access to a significant amount or even all their data. Additionally, they discovered 34% of businesses hit with malware took a week or more to regain access to their data. Coveware’s Ransomware Marketplace Report estimates the average number of days a ransomware incident lasts, to be over a week at 7.3 days, up from 6.2 days in 2018.

Stage 4 – Ransom request

Your files are encrypted and the cybercriminals are demanding you pay a ransom to regain access. Do you pay? Research indicates that 97% percent of United States’ organizations refused to pay the ransom. However, 75% of Canadian, 22% of German, and 58% of UK, companies paid the ransom. Datto reports the average ransom for a SMB is between $500 to $2,000. So while the ransom itself isn’t significant, the downtime from an attack can cripple a small business. Additional research from Datto found the average attack is 10 times more costly to the business than the ransom itself. Attacks cost a business $46,800 on average and the ransom requested averages $4,300 per attack.

Protecting your business from a ransomware attack

There is no single solution that will protect you and your business from a ransomware attack. Antivirus software, email/spam filters, and regular software updates are a few things you can start with. Focus more time and resources on:

Cybersecurity training People are one of the weakest links when it comes to cybersecurity, as a result make sure you EDUCATE!!

Backup and disaster recovery plan – Regularly backup all of your important data at both the organizational and individual level. For instance, implement an easy to use endpoint backup and protection solution like Data Deposit Box. Try it for free here.

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

Does having antivirus software on your computer protect you and your data from cyberthreats? What else should you be doing? Backups, software updates, firewalls, there are lots of options to consider.

Let’s start with a few basic definitions:

Virus – A small program or piece of computer code that alters the way a computer operates without the knowledge or permission of the user. A computer virus executes and replicates itself.  The worst computer viruses of all time include ILOVEYOU, Melissa, WannaCry, CryptoLocker, Conflicker, Mydoom, and Shamoon.

Antivirus software – Helps protect your computer against malware and cybercriminals. Antivirus software looks at data traveling over the network to your devices and searches for known threats and monitors the behavior of all programs, flagging suspicious behavior. The most popular (based on market share) antivirus software includes Avast, Microsoft, ESET, Symantec, and AVG.

Backup – Backing up your files is one way copying – a snapshot of a version of a file or data, from one location to another (computer drive to hard drive, computer drive to file server or NAS, computer drive to cloud drive), at a specific point in time. It is used to protect a file, in case of loss or corruption. If a user wants access to a backed up file, they will often have to restore that file to their computer, from their backup. The most popular backup products are Data Deposit Box, iDrive, Carbonite, Acronis, AWS Backup, Azure, Google Drive and iCloud.

Firewall – A network security system that monitors and controls incoming and outgoing traffic on your network. The most popular firewall products for business includes Barracuda, Bitdefender, Cato Networks, Kaspersky, and FortiGate.

An Overview of Antivirus

Antivirus software is a key element of any cybersecurity strategy; but, it does have limitations. Traditional antivirus software is becoming less and less effective. 73% of attendees at Black Hat in 2017 felt traditional antivirus software no longer services a purpose. In the past antivirus software could protect against 80-90% of security threats but now it is believed to protect against less than 10% of threats. A 2018 report from McAfee found there were an average of 480 malware attacks a minute. The reality is cybercriminals are savvy and have found other ways to gain entry onto computers and networks, ranging from Adware to phishing to sophisticated malware.

Limitations of traditional antivirus software:

  • It’s reactionary – Antivirus software countermeasures only start when malicious code or a virus is found. As a result, it may be too late, unless you’ve backed up using versioning.
  • Needs regular updates – Hackers are always one step ahead of the Antivirus software companies. Unless you’re updating almost real-time, you could be exposed.
  • Performance issues – Antivirus software runs continuously in the background. As a result, it requires a significant amount of memory and resources.  This can have a significant impact on the speed of your PC and/or network.
  • Human negligence – Even the best antivirus software can’t protect against people who aren’t educated about malware and internet security practices. Often, infections occur through poor computing practices.  Learn more about what NOT to do here.

An Overview of Backups

Backup refers to the one way copying of data (folders & files) from one location to another. Generally, most users and small businesses backup files to external hard drives, servers, or the cloud. Backing up is the most reliable way to protect your data and ensure business continuity when you experience major problems such as hardware failures, viruses, or natural disasters. Various software and services automate the process of backing up at the schedule you determine. Cloud based backup services eliminate the need for you to have the necessary infrastructure in your business.

Not all backups are equal.  To backup properly, your backups must use versioning.  Versioning ensures incremental backups of changed documents – storing different versions as it changes over time.

Data Deposit Box provides cloud backup protection and peace of mind – guaranteed. With Data Deposit Box you can backup and manage everything with one app. You can backup an unlimited number of devices to your account, including Windows and Mac OS servers and computers, iOS and Android mobile phones, Synology and QNAP NAS devices.

Antivirus + Backups = Excellent Protection

A combination of antivirus software and cloud-based, versioned backups will provide you with the confidence that your important data is safe from hardware failures, viruses and natural disasters.

Follow these best practices to protect yourself and your data:

  • Stay up to date – Keep your devices and their software (antivirus, OS, firmware, applications) up to date. Schedule 10 minutes in your calendar each day to check for updates.
  • Use firewalls – Install firewalls on routers and devices.
  • Backup to the cloud, with versioning – Implement a cloud backup solution to ensure your important data and files are safe, and ensure you have versioning turned on.
  • Education – People are one of the weakest links when it comes to cybersecurity, as a result make sure you EDUCATE!!

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

The title of an article in The Economist says it all – “The world’s most valuable resource is no longer oil, but data”.

Let’s start by defining data. Simply put, data is a collection of facts and statistics for reference or analysis. The processing, interpreting, organizing, and structuring of data creates information. Information is knowledge and has real value to a business that grows with more data.

Where is all this data coming from?

IBM notes that every second we create new data through computers, mobile and Internet of Things devices, wearables, beacons and more.  By 2021 there will be over 50 billion smart devices connected around the world and each of those devices will be collecting data.

An IDC study titled Data Age 2025, sponsored by Seagate, predicts worldwide data creation will grow to an enormous 163 zettabytes (ZB) by 2025. Additionally, the research also noted these key findings:

  • The number of embedded devices will grow from less than one per person to more than four in the next 10 years.
  • In just 8 years, the average person will interact with a connected device nearly 4,800 times a day.
  • 75 percent of the population will be connected, creating and interacting with data by 2025.
  • By 2025, over 25 percent of data created in the global datasphere will be real-time in nature, and IoT real-time data will make up more than 95 percent of this.
  • Almost 90 percent of all data created in the global datasphere requires some level of security, but by 2025 less than half will be secured.

How much is data worth to your business?

A significant amount of money is spent on collecting, storing and securing data. What is the value of that data to your business? In an article on Raconteur Doug Laney, vice president and distinguished analyst at Gartner’s data research business, says information-savvy companies with a chief data officer, enterprise data function and data science professionals currently have a book value twice the market average. MITSloan Management Review says data has become a key input for driving growth, enabling businesses to differentiate themselves and maintain a competitive edge.

With the rise in the volume of data being collected comes a rise in cybercrime. The 2019 Official Annual Cybercrime Report by Cybersecurity Ventures, predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, up from $3 trillion in 2015.  Accenture’s Ninth Annual Cost of Cybercrime global study estimates security breaches are up >11% over the past year and 67% over the last five years.

Why is data so valuable?

As noted above, the processing, interpreting, organizing, and structuring of data creates information. This information provides your business with the critical insight needed to:

  • Improve your products and services
  • Enhance customer experience and satisfaction
  • Increase employee productivity
  • Improve business efficiency

An improvement in any one of these areas will have a significant impact on your business. There is no question that data is valuable, but is it really the world’s most valuable resource? That’s entirely subjective but there’s no one that’ll argue its importance and potential impact on industry.

How do you protect your most valuable asset – data?

When something is important you must protect it. Take the following steps to protect your data:

  1. Regularly backup all of your important data at both the organizational and individual level. For instance, implement an easy to use endpoint backup and protection solution like Data Deposit Box. Try it for free here.
  2. Ensure versioning is in place for files, sync and backups. This means saving versions of documents to protect against accidental deletion and for audit purposes
  3. Train all employees on cybersecurity, proper data handling and storage, and password protection practices
  4. Secure access to digital and physical information using antivirus, infrastructure (like firewalls), endpoint encryption, and related technology
  5. Don’t collect data you don’t need.

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

It’s with great sadness that we announce that Tim Jewell, Founder and Chief Executive Officer of Data Deposit Box, passed away Sunday August 18th in Toronto, Ontario.  The entire Data Deposit Box family mourns this loss.  On behalf of our Board of Directors, management team and employees, we extend our deepest sympathies to Tim’s family. Tim brought passion, experience and positive energy to Data Deposit Box.  He was loved by all.  In May of this year, the company announced a medical leave of absence for Tim. Siva Cherla was appointed as interim CEO during his leave.

More information about Tim can be found here

For those wishing to pay their respects:

Visitation at Mt Pleasant Funeral Centre, 375 Mt Pleasant Road, 4pm-8pm Tuesday August 20
Celebration of Life Wednesday August 21, at Rosehill Venue/lounge at 6 Rosehill Ave. near Yonge and St Clair at 7pm- 10pm

Donations to the Red Door Family Homeless Shelter are appreciated in lieu of flowers www.reddoorshelter.ca

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

The answer will surprise you.

Data loss is a battle organizations big and small are constantly fighting. According to a recent Gartner report, global spend on Information Security and Data Protection will reach USD $124 billion in 2019.  This figure is expected to grow at 11% CAGR to USD $284.5 billion by 2025.

Companies worldwide are spending billions on infrastructure, endpoint and application security to prevent unwanted breaches/hacks/intrusions. Capital One  was one of the most recent companies to experience a breach, with the social security, bank account, and personal information of 106 million people stolen.

However, are hacks and breaches the real cause of data loss in companies?  The answer may surprise you.

In 2019 a Shred-it survey conducted by Ipsos highlighted that nearly half of all C-Suites (52%) and one in three Small Business Owners (SBOs) say human error or accidental loss/deletion by an employee/insider were the primary cause of data loss.

That’s right, the primary culprit of data loss in many cases is human error. From accidental deletion, to lack of cybersecurity training, to misdelivery of information – humans are one of the weakest links when it comes to data loss and breaches.

Let’s look at data loss and the human element in more detail.

Accidental Deletion

Accidents happen – right? Your employees create, save, update and delete files every day, so screw ups will happen. Consequently, at the business level regularly backing up all of your important data and information is critical. For employees understanding how to properly save, store, delete or move files is crucial.  In particular, with the popularity of shared sync services like Dropbox, Box and network drives, where an accidental folder deletion can wipe critical files from everyone’s computer, this has become critical.

Lack of cybersecurity training

Are your employees able to recognize a phishing attack? Do they know how to recognize suspicious email attachments? Cybersecurity training can’t be a one-time occurrence it needs to be an ongoing priority for all employees. Malware and ransomware are constantly evolving and so should your training. Additionally, the handling of confidential information requires even more training to ensure there are no breaches.

Poor user passwords practices

A 2018 Verizon Data Breach Investigations Report found over 70% of employees reuse passwords at work. A “staggering 81% of hacking-related breaches leveraged either stolen and/or weak passwords.” From weak passwords to reusing passwords to sharing passwords, it is clear better education is needed. Two factor authentication, secured connections and password encryption are additional ways to improve the security of your data and prevent loss.

Misdelivery of information

Your employees always send information to the right people – or do they? Misdelivery of information was the fourth most frequent action that resulted in data breaches, according to the 2018 Verizon Data Breach Investigations Report. Encouraging employees to double check email addresses, encrypting emails with sensitive information and limiting the ability to send sensitive information outside of the corporate network – are ways to ensure the right information is getting to the right people.

Employee Turnover

When an employee leaves an organization information frequently goes with them. Information maybe deleted or taken with the employee on a USB key or cloud drive. Regardless, organizations must ensure all employee data is kept within the walls of the organization and is accessible. Employees should regularly backup to corporate servers or the cloud and they should be discouraged from saving files on their local computer.

What can your organization do?

Transforming your company’s cybersecurity practices can take months or years. In the short term, here are a few actions you can start with:

  1. Regularly backup all of your important data at both the organizational and individual level. For instance, implement an easy to use endpoint backup and protection solution like Data Deposit Box. Try it for free here.
  2. Ensure versioning is in place for files, sync and backups. This means saving versions of documents to protect against accidental deletion and for audit purposes
  3. Train all employees on cybersecurity, proper data handling and storage, and password protection practices
  4. Secure access to digital and physical information using antivirus, infrastructure (like firewalls), endpoint encryption, and related technology

 

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

To understand malware and ransomware we need to first define what each is. Let’s start with the basic definitions:

Malware is a broad term describing any malicious code or program, including viruses, worms, and trojans, that provide an attacker with control over your computer, server or network.

Ransomware is a type of malware which takes full control of your system and requires a ransom payment to regain access.

Taking a closer look at Malware

Symantec breaks down the different ways malware infects targeted computers:

  • A worm is a malicious program that replicates itself and spreads from one computer to another without a host file. Worms are frequently found in files, however in this case the entire host file is considered the worm.
  •  A virus is a small program or piece of computer code that alters the way a computer operates without the knowledge or permission of the user. A computer virus executes and replicates itself.
  •  A trojan horse is an imposter, a program or files that appear to be something you need but in reality is malicious. Unlike a virus a trojan does not replicate itself. Rather, you invite it onto your computer, most commonly by opening an email attachment.

Where does ransomware fit in?

As noted above ransomware is a type of malware which takes full control of your system and requires a ransom payment to regain access. In some cases, ransomware threatens to publish confidential data unless a ransom is paid.

Norton breaks down the different types of ransomware:

  • Crypto malware – This type of ransomware encrypts files to extort money. The WannaCry ransomware is likely one of the most recognizable examples of crypto malware. It targeted thousands of computers around the world and spread quickly through corporate networks across the globe.
  • Lockers –  This type of ransomware infects your operating system and completely locks you out of your computer.
  • Scareware – A fake software that represents itself like an antivirus or a cleaning tool. It typically claims to have found issues on your computer and demands money to resolve the issue.
  • Doxware – This type of ransomware is often referred to as leakware and it threatens to publish your stolen information online unless a ransom is paid.
  • RaaS – “Ransomware as a Service” is malware hosted anonymously by a hacker. The distribution, payment collection, and file decryption are all handled by a hacker in exchange for a portion of the ransom.

How do you protect yourself?

Malware and ransomware continue to have significant impact on individuals and organizations around the globe. Here are a few key things you can do to help protect yourself:

  • Backup your data
  • Use security software
  • Regularly update your software and systems
  • Be wary of email attachments
  • Educate your employees

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

The news headlines suggest it isn’t.

This infographic provides an easy to read overview of the warnings in 2019 relating to computer vulnerabilities and data security. If you have a Dell PC, iPad, iPhone or use Microsoft Excel, Microsoft Windows, Microsoft Outlook, Gmail, and mobile apps; make sure you update your software and systems to ensure your data is secure.

(View infographic as a pdf)

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

The difference between sync and back up

Many people think that syncing and backing up files are the same thing – but they are not.  There are many major differences, that are both unknown and misunderstood.

Let’s start with some basic definitions.

Sync – sync ensures that files and data on one or more devices are the same on all devices (that are part of the sync). Sync is typically used to provide anywhere, anytime access to files, and for sharing files across groups of users. Users will also sometimes sync files across devices – their phone with their computer.  Syncing is typically real time, and if used by groups of users, can pose challenges related to file conflicts (when two users access and update a file simultaneously). The most popular sync products are Google Drive, Microsoft OneDrive, iCloud and Dropbox.

Backup – backing up your files is one way copying – a snapshot of a version of a file or data, from one location to another (computer drive to hard drive, computer drive to file server or NAS, computer drive to cloud drive), at a specific point in time. Backing up is used to protect a file, in case of loss or corruption. If a user wants access to a backed up file, they will often have to restore that file to their computer, from their backup.  The most popular backup products are Data Deposit Box, iDrive, Carbonite, Acronis, AWS Backup, Azure, Google Drive and iCloud.

Sync

Backup

Definition

Ensures the files and data on one or more devices are the same on all devices.

A snapshot of files and data taken at a specific point of time and saved to another device (hard drive, NAS, cloud drive).

Usage

Provides anywhere, anytime access to files for an individual or group of users.

Protects files in case of loss or corruption, by providing a backup file that can be restored to computer.

Pros

Great for collaboration and sharing information with others.

Reliable way to automate the protection of data and ensure business continuity.

Cons

Can be confusing and files often get misplaced. Security is a concern as anything infecting your computer can sync to the cloud.

Many methods of backing up, which leads to confusion. If not backing up to the cloud additional infrastructure and hardware are required.

Syncing in detail

Syncing is a great way to collaborate and share information with others. Popular services like Dropbox, Google Drive and OneDrive enable users to store their information in a cloud based data repository that can be accessed remotely, with permission of course, from a computer, smartphone, or tablet.

While there are many pros to syncing there are also downsides. When syncing files between machines it can get confusing and files often get misplaced. Depending on the service the search functionality is often less than stellar when a user has a large number of files. Security is also a concern when syncing with services like Dropbox. Whether it is the security of your data itself or the fact you are still susceptible to viruses, malware and ransomware. In these situations, anything infecting your computer can sync to the cloud and infect those files as well. Restoring your data can be difficult and very time consuming unless you have backed up your files.

Backing up in detail

As noted above, backing up refers to the one way copying of data and files from location to another. Most users and small businesses generally backup files to external hard drives, servers, or the cloud. Backing up is the most reliable way to protect your data and ensure business continuity when you experience major problems such as hardware failures, viruses, or natural disasters.  Various software and services automate the process of backing up and enable you to feel assured your valuable data is being backed up at the schedule you determine. Cloud based backup services eliminate the need for you to have the necessary infrastructure in your business.

Data Deposit Box provides cloud backup protection and peace of mind – guaranteed. With Data Deposit Box you can backup and manage everything with one app. You can backup an unlimited number of devices to your account, including Windows and Mac OS servers and computers, iOS and Android mobile phones, Synology and QNAP NAS devices.

Which is right for you – backup or sync?

Don’t feel like you need to choose between syncing and backing up. A combination of backing up and syncing will provide you with the access you need to your files and the confidence that your important data is safe from hardware failures, viruses and natural disasters.

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days

Your PC’s hard drive could fail at any time or a software bug could erase your files, so backups are critical. However, you don’t need to back up all the files on your PC. That would waste space and make your backups take longer to complete.

Below is our list of the top 5 folders you should backup up on Microsoft Windows.

AppData and ProgramData

In the AppData folder (C:/Users/{Username}/AppData) you will find both Roaming (moves with user to another system) and Local (specific to a system) data. Prioritize the Roaming data and backup apps that require user specific configurations. The ProgramData folder (C:/ProgramData) stores app settings and data that are not tied to individual users. Backup files that you might need in the future.

Documents

Your documents folder (C:/Users/{Username}/Documents) is generally where all of your personal files and documents are saved. Some software developers also use this folder to store app-related data. Regardless this folder should be top of your list to backup.

Downloads

The majority of web browsers and media default to the downloads folder (C:/Users/{Username}/Downloads) for downloading files. Backup this folder or the individual files if you don’t want to download again.

Email

There are a number of email clients out there and they all store data differently. In general, if you use IMAP you don’t need to worry about backing up your emails. However, if you use POP3 you may need to back them up. Further investigation will be required to see if you need to backup your emails.

Music, Pictures, Videos

Similar to the documents folder, Windows provides special folders for storing personal media files.

Music (C:/Users/{Username}/Music)

Pictures (C:/Users/{Username}/Pictures)

Videos (C:/Users/{Username}/Videos)

Some apps use these folders for storing local files. If you have media files not saved elsewhere or don’t want to download the files again backup this folder.

Now that you have gotten through the top folders and files you need to backup you are probably wondering which you can ignore. Drivers and program files (C:/Program Files and C:/Program Files (x86)) are specific to your machine and don’t make sense to backup. Temp files are exactly what they say they are – temporary – and no backup is required.

Backup to the cloud today with Data Deposit Box!

 

Secure cloud backup and storage for all your devices with one easy to use app

Try free for 14 days