Antivirus vs. Firewall – Do I Need One or Both?

What is an antivirus program and how is it different than a firewall program? Both are security programs commonly used on computing equipment, but they function very differently. Antivirus programs work by having a “definition” of viruses (think of it as a cheat sheet). It scans currently installed and incoming data or programs for programming code that matches those definitions. Firewalls are about network traffic and communication. They have a “cheat sheet” of malicious websites and prevent communication to or from those locations. More advanced firewalls will monitor the communications or traffic generated by the installed applications on a computer for behavior type to ensure something like a word processing program is not sending credit card numbers to a 3rd party. One works at the boundary between a computer and the internet. The other works at the point where data and programs are stored. Palo Alto breaks it down in more detail in this article!

The next question is do you need both or is one better than the other? For most of us, we should have both. Computer and internet security works most effectively when you layer defenses. A type of attack that can penetrate one defense is typically vulnerable to other types of defenses. Firewalls are GREAT at preventing problems but do NOTHING if something gets through. Antivirus software is good at scanning new files and programs, but really comes into play when something gets through the firewall. The antivirus will recognize the infection and remove it if possible. If not, most will quarantine the impacted files and await instructions on how to handle them. By combining both types of security you greatly reduce the potential impact of malware.

One of the areas I see exploited by malware is because the average user has everything connected (smart phones, computers, laptops, tablets, home smart appliances, cameras, etc…..) but doesn’t have everything protected. For some devices, like appliances, you cannot add stand-alone antivirus or firewall programs. It is very important on those programs (especially if they have any access to the internet or other devices) to update their firmware. The first question I get asked is what is firmware and how do I update it? Think of firmware as simplified software that involves the most basic of commands. For example, firmware will define to the rest of the machine what happens when an on/off button is pressed and what the “true/false, yes/no, positive/negative” signal from that button means. Almost all software today has a setting to either automatically update firmware OR to update it upon request. Really simple machines that do not connect to the internet (Example: an old toaster) never need an update to their firmware.

The next area of concern is devices connected to the internet and part of your home network that do NOT have a stand alone firewall or antivirus installed. The most common example is your smart phone. This is especially a problem because we use our smart phones to look up stuff, complete financial transactions, login to multiple accounts, etc…. This makes our smart phone a tier 1 penetration point (high risk) and yet commonly users only install a firewall and/or antivirus on their computer or laptop. Most never think about their smart phone.

What are some anti-virus and/or firewall products users can install or is the default/free stuff that comes with your operating system enough? In my opinion, if you are running a business or doing anything with money (including making purchases); you should have both installed. Free anti-virus and firewall programs are better than nothing but will not protect you from a major attack OR help prevent an infection from spreading. Forbes has a good article that breaks down the pros/cons for some of the major players. Some options are:

  • McAfee & Norton – probably two of the most well known providers. Both are approximately the same price, have protection for laptops/desktop/tablets/smart phones, require some computing resources to function and therefore will slow your device down some, have user interfaces that assume you are NOT a geek, etc….
  • Eset – has become more popular because of the quality of protection it provides and the minimal resources required to run.
  • Trend – very simple user interface that many users find intuitive to navigate.

If you wait for something to happen, the consequences are significantly more costly than if you take protective steps first. One of the first steps we all should take is to list all the devices that connect to your home/business network. Next, check the settings of any involved firmware to see which ones you need to schedule for manual updates. If they are on a schedule for automatic updates, users need to periodically check to make sure it is happening. Now you need to determine which devices have little or no protection but are capable of running a stand alone antivirus and/or firewall program. This will be just about all devices running an Apple, Windows, Android, or Chrome OS. Finally, install protection where you are able, ensure simple devices that cannot run stand-alone protection have multiple layers of security provided by various network devices, and remove network access for anything you determine is “not worth the risk” (Example: old gaming device that you never play but is connected to your network).

Finally, if you don’t feel comfortable doing this, you should be hiring someone like me to periodically review your devices and help minimize your risks.

Backups and Long Term File Storage

There are an extensive list of options when it comes to desktop/laptop backups and/or long term file storage. First, before we talk about the pros, cons, and differences, let’s consider a few things:

  • You need to understand your industry requirements. If you are talking about patient medical data, military/government data, or company proprietary information, etc…. The first consideration is what rules are you required to follow. As an example, HIPAA requirements prohibit using a distributed server, so many of the default cloud tools would not be allowed.
  • What are your needs? Just about everyone should have a backup but what type and how often? The most common type of backup is incremental and happens automatically in the background. This is a very effective method for capturing data but does NOT capture application or program settings in most cases. Another form of backup is a disk image. This captures EVERYTHING, but it cannot be done automatically, and you cannot be making changes/using the disk as it is being imaged. Great solution for loaded multiple devices with exactly the same image on exactly the same hardware, so everyone has the same tools, but not useful for real time backups.
  • Media — When you are talking about file storage, what material or device you storage the data will be directly related to how long it will be viable for retrieval. You need to know how long you want to keep the data so you can pick a media/device that will exceed your requirements. You also need to understand the requirements of that media/device. For example, I know many users who stored their old tax returns on CDs. This seems like a very good idea. CDs are durable, can hold a lot of data, and relatively inexpensive. The problem is most people used labels with an adhesive that corrupted the storage data over time….or used something like a Sharpie as a labeling method. Unfortunately, just like the label adhesive, ink that is not specifically formulated for CDs will slowly over time destroy the stored data.
  • Have your backup plan/file storage design reviewed by an IT professional. There are too many nuances that can completely invalidate what you are trying to achieve with your backup or file storage system. Most IT professionals are exposed to many unique client situations and can help you prevent making the same mistakes that quite often results in SOS calls. Due to our IT industry exposure/networking, we know the latest technology options, changes in various industry regulations, and “horror” stories of data failures.
  • Unique geographic risk factors. For example, in California, we deal with wildfires. I personally have had multiple clients think that backing up to a local external drive at their business location was a good backup option. Only to realize they lost everything when a fire evacuation was ordered, and they had no ability to safeguard the original computer/laptop or backup device before it was destroyed by fire. A simple 3rd party cloud backup solution would have prevented loosing everything when they were unable to return to their home/business to remove the equipment from danger.

File storage and backup options seem very straight forward and simple, but these decisions when not implemented carefully can have catastrophic consequences.

Setting Up Your Folder/File Structure for The New Year

When you create your folder/file structure, PLEASE make them in a naturally archiving structure! What does that mean? For example, most people have a folder called clients and inside that folder they have a folder for each client. Here is the problem. Every time they want to clean out older data, they have to open each folder and remove the older content. Instead, set the structure up like this:

Each Year — Clients — Folder for each client……

Now what will happen is that each year as we approach January, you will create a new year folder and client folders as you need them. The power of this system is 7+ years out when you decide to prepare for the next year, you just grab the oldest year and hit “delete”. So for example I am setting up my 2026 Client folders. I create my 2026 folder, then create folders for my most common/reoccuring clients. As I create my client folders there is some “timeless” data I will copy over (i.e. their logos for example) for each client. This means when I want to delete the oldest folders, I don’t have to worry about loosing data I need for current work. I don’t have to spend hours going through old folders trying to thin out old content.

From a risk management point of view you DO NOT want to keep data you do not need. If you are ever compromised and have client data, you face legal/financial complications related to identity theft for each client involved. If you have lots of data/files and therefore cannot find when you need quickly that completely defeats the purpose of keeping the data.

Give me a call/text/email if you would like some help designing a structure that is easy to maintain, doesn’t have file names too “long” for the backup systems to automatically capture, and drastically reduce your risk if security is compromised.

Mobile Monitors/Screens

Do you work from your laptop but need more “screen” to work effectively? Require a solution other than packing up a full size monitor? Technology has come a long way, so let us walk through some options!

Use a locally available TV screen. You should always carry/bring with you an HDMI cable, especially if you do a lot of hotel travel. You may even want to bring a “long” HDMI cable so you can stretch out on the bed while your laptop is connected to the TV on the wall.

Travel laptop monitor are now viable and really allow you to make the “office on the go” not a major productivity hit!

For those looking for a “large screen” solution, a projection screen is the way to go. Most of these can be used with a typical “white” wall but would have much better quality if you bring a screen as well. Keep in mind that these solutions normally do not work well in direct/bright light conditions.

Some upcoming technology will be bendable/rollable screens. They are not widely available yet, but as the technology matures, the price will drop and availability will increase. Give me a call/text/email if you would like some help figuring out the best solution for you!

Online Meetings — Webcam and Headphones

Most of us are now using the computer, tablet, or cell phone for live meetings or recording video content. One of the primary tools for getting this done is a webcam.

Webcams are typically built into any laptop and all-in-one computer setups. If you have a stand-alone monitor, typically you will purchase a USB connected webcam to set on top. Nothing prevents a laptop user from using a USB webcam, and you may find the picture quality greatly improved because your monitor angle does not directly impact your camera and external equipment is typically higher quality.

I highly recommend those using a stand-alone monitor or a laptop purchase a USB webcam to set on top, even if you have a camera in your laptop. For effective meeting experience, you need to be looking directly at your monitor screen and have the camera position be ABOVE your eye level. If you have a laptop sitting on a desk or your lap, and you look down at it, it will add weight to your features and give many viewers an EXCELLENT viewing angle of your nose hairs! Some options are:

All of these models have face recognition technology. Do NOT purchase a webcam that doesn’t automatically focus. You do not want to be adjusting the camera focus point every time you move during a one hour or longer meeting.

Most webcams have a microphone, which is good if you are in a quiet room with soft surfaces to absorb background noise or echoes. Some even of noise-canceling features. Since most of us cannot guarantee a quiet space for all meetings, I highly recommend investing in some cordless headphones. Even an inexpensive Bluetooth stereo headphones with microphone will normally give you a much better audio than if you just use the built-in microphone or the one in the webcam. This is a necessity if you are using your phone or tablet for the meeting or in a noise space. Some options are:

Almost all meeting technology (WebEx, Zoom, Microsoft Teams, FaceTime, etc…) has customizable settings for the webcam and audio. Please take the time to review these features and ensure you have them set to maximize your meeting experience. Depending on your setup, you may find investing in a “light” will improve your video image quality but don’t forget to check your meeting settings. A lot of issues can be resolved, just be adjusting the video and audio settings.

If you need some help recommend the best setup for you and running a few dry runs to make sure it is all working correctly, just reach out!

Hotspot Connectivity

Are you trying to work while on the move? Doing a little travel and need some connectivity? A hotspot probably is the solution, but there are multiple ways to accomplish setting up a hotspot and each of them have different pros/cons.

Most of us are in locations with cellular coverage and therefore a cellular connection is available to use for your laptop/computer if you have a cellular device with hotspot functionality. Almost any smartphone has this feature and if you are on an unlimited plan, there will be NO EXTRA CHARGE for using it! If you are in a location with cellular coverage but maybe not viable for your current cell phone (i.e., foreign travel) or don’t have a smartphone, then a stand-alone hotspot device is the best solution.

Cellhire (https://www.cellhire.com/) is a great solution for renting a cell phone, stand alone hot spot, satellite phone, etc. that are delivered directly to you….use it and at the end of your trip you send it back. Depending on what you sign up for, it can even coordinate with your original cellular number so “folks back home” don’t see a foreign number calling, and you receive all the calls directly from your USA device. Much safer than grabbing a SIM in a foreign country. Typically, the most “cost-effective solution” is to only rent a hot spot stand-alone device. Now, at the time of travel, turn the “cellular” connection on your personal cell phone off and make sure the Wi-Fi enabled calling is on. That way you can connect your personal phone to the hot spot and have full service but no foreign roaming/usage charges. Make sure you have it set correctly so you are not surprised with a large cell phone bill on your return.

Domestic travel where cellular connectivity is limited but exists. This is where a cell booster is a solution. I am using one right now to maintain connectivity as I write this article from the beach on a camping trip. Multiple hardware solutions are available, and you do have to call your cell phone provider so they can authorize the specific device to work on their network. This cost NOTHING other than the initial hardware purchase. Some hardware options are:

Now these solutions are “mobile” and while they talk about using them in a vehicle or RV, the reality is they are good for anyone with multiple locations where cell coverage is low. There are other solutions for fixing cell phone coverage at a stationary location like your home. The easiest is to enable “Wi-Fi” calling on your cell phone. It will automatically use a recognized Wi-Fi connection when they are available and seamlessly switch to cell phone connection without you doing anything. Great solution for the home office. Wi-Fi covers you in the house. You start the conversation as you walk out to your garage and without dropping the call it switches to the cellular connect which is good “at the street and bad in your home” as you pull out into traffic. The other option is a cell phone boost that is not designed to move/switch cell towers. Very effective solution for a work/home location with weak cellular coverage. Some hardware options are:

Connectivity while mobile is possible using publicly available Wi-Fi like in a coffee house, hotel lobby, or McDonald’s but quality of connection and security vary greatly.

Give me a call if you need some help figuring out the best solution for your needs.

Shortcuts, Text Replacement, and Buttons

Computers are EXCELLENT at repetitive tasks. Depending on the complexity of the task and how often you perform, it might be easier and faster to automate the task or set it up with a button to activate.

Keyboard or Mouse Programmable Buttons

These are easiest to use and setup. Some keyboards or mice come with additional physical buttons and software to control them. The most obvious automation is adding an action to a button. For example(s), open website ABC when clicking program button 1…open blank/new email when clicking program button 2…open/start programs or installed application XYZ when clicking program button 3, etc…..

Some hardware options with programmable buttons are:

Some programs/applications on computer or smartphones allow you to set up a customize command to perform a series of tasks in a specific order. Excel is extremely effective at this. For tasks you frequently execute, it can save HOURS of time.

The most universal automation is text replacement. This is done by the operating system of a computer or smartphone. Both Apple and non-Apple hardware have these features. Give me a call if you need some help setting them up.

Example: If you have a typical statement(s) you make all the time that is long to type. You can set it up so you type something like 5 specific letters, and it replaces it. Very useful for something like: “We meet on XYZ date at ##:## AM. Here is the Zoom link, http://abc.xyz.com!” You type 5 letters and the entire sentence appears, including the URL.

Passkey — What Are They and Why/How Are They Replacing Passwords

First — What is a passkey? This is a device specific authorization that uses the device authentication (i.e., pin, fingerprint, face scan, etc…) to allow access to a program/website. Think of it as a special authentication that is limited to a physical piece of hardware in your hands. There is no need for 2-factor authentication or passwords if the program/website is using a passkey.

Concern — How is that better, and what happens if that device is lost, stolen, or has a critical malfunction? Passkeys are better in 2 ways!

  • From the end user standpoint, a single passkey can safely access multiple different applications. This is very helpful for the human brain. The reason a password should not be used this way is because passwords are transmitted over the internet to the program/website. Passkeys are not. The only information transmitted is the approval status….not the actual passkey code!
  • If the device becomes unusable (lost, stolen, critical failure, etc…), how do I log in? First, remember that passkey technology normally is managed by a 3rd party using extensive encryption technology specially for retrieval when device changes/reformatting occurs. Assuming you are using something like Google Password Manager, iCloud Keychain, Microsoft Authenticator app, etc…, you can recreate a new passkey when your device is repaired or replaced that will have access to all the original content. Secondly, most websites/programs that use a passkey still have backup methods for access if passkeys are failing. Third, a passkey can be saved as a physical security key (special kind of USB stick). This makes the stick the authentication device so you can use it with any computer.

But what about when someone has access to my computer or laptop? First, if you are not physically present at your device, it should be locked. You should also have a timer set to automatically lock it after X minutes to ensure this happens just encase you forget to lock it when you step away. If a thief was going to get access, they would have to steal it when it was unlocked and use it before the timeout feature would protect your data. Assuming that they have access with it locked, the types of thieves that can break operating system security in a passcode are not the local kind. They are typically government backed actors, that most of us don’t need to consider.

What about if I need more than ONE passkey or profile? For example, my work has me use my personal laptop.

  • Typical passkey systems allow more than one to be created.
  • If you think you require more than one, talk to a geek! Just because you use multiple programs/website does NOT mean you require multiple passkeys. Your IT support (or me) can help you navigate this concern.

Some USB stick based security key options:

Laptop Bags — What To Consider

If you have a laptop (including most tablets) you need to have a good bag/case to carry it. A bag needs to be strong/thick enough to protect your laptop. Looking good, being a convenient size/shape, etc…. doesn’t matter if your device is damaged while in the bag. The bottom of the section that holds your device can be reinforced with a piece of high-density form, which will help cushion your device every time you set down your bag. The straps and handles need to be strong enough to handle the weight. You do not want the strap to fail and cost you a laptop as well.

Consider using a “laptop sleeve”. This is a small case that you put on the laptop first, then put it in your bag. It gives your device just a little more protection AND a wonderful solution for when you suddenly must “check” a bag but still want your laptop. A sleeve is not enough protection on its own to prevent damage if you drop it, but short of that will give you protection for bumps and scrapes. Combined with a good bag, it can really save your laptop.

When picking a bag, make sure you get the correct size. You want your laptop to fit securely, but not so tight that you have to “fight” to get your device in the bag. For a typical 12–13″ laptop and using a sleeve, I would get a bag rated for 15″ laptops. Make sure you consider side USB ports. If you want to leave a mouse USB receiver plugged in, you will need another 0.25” of horizontal space to ensure your bag is not damaging the laptop over time by putting pressure on that port.

Laptop or Tablet Bag Options

Give me a call/text/email if you need some help getting the right bag for your device and needs.

Browsers — What Are They and Which One Should I Use?

Browsers are applications that are used to navigate the internet. Think of the internet as a highway system or network of roads. Various websites and domains are the destinations you reach when you use this road system. Browsers are the “vehicles” on the roads. Just like vehicles have different purposes and features……browsers do too. Some are better a privacy protection, some are faster, some handle graphics better, etc.….

The most common browsers are the default ones that come with your operating system. Apple users therefore tend to use Safari and Microsoft users tend to use Edge (formerly known as Internet Explorer). Because of Google’s relationship with Android, and it’s search engine, Chrome is very well known. Some lesser-known options are Firefox, Opera, Vivaldi, Netscape, AOL Explorer, SeaMonkey, etc….

Everybody should have at least 2 browsers on each of their devices. If one is damaged, you most likely will need to “use your car” to “go get a repair”. If you don’t have another browser to use, that can be really difficult.

For the average end user, FireFox is a good alternative because if one of the big three are not working, it is built differently and typically will work without issues. What browser you should be using really depends on end user usage and preferences, what software you are already using, and the hardware involved. There is no one right answer. Give me a call if you need some help making an informed decision.