From security researchers comes the disheartening news that rootkits, the building blocks of viruses and spyware, have evolved to the point that some are almost undetectable by antivirus utilities. In fact, rootkits can live on your computer unnoticed for years, only to spring into action when a precise set of triggers sets them off.
This is frustrating to small businesses, whose computers are already laden with resource-hogging antivirus, antispyware, firewall and diagnostic software. You must now consider the possibility that even those protections aren't enough.
Until recently, disk imaging was too expensive to be practical for the average user, but the astonishing improvements in hard disk capacity in recent years have changed all that. With disk capacity now priced around 50 cents per GB, it's practical for PC buyers to buy much more disk than they actually need, and set aside part of the excess capacity for quick backup.
There are about a dozen disk imaging products on the market, ranging in price from $20 to about $70. The best known, and priciest, is Cupertino, Calif.-based Symantec Corp.'s Norton Ghost, now in its 10th version. However, products like Burlington, Mass.-based Acronis Inc.'s True Image, Paragon Software Group GmbH's Exact Image 7.0 and Phoenix Technologies Ltd.'s Recover Pro 6 are popular alternatives.
Disk imaging software performs two vital functions. First, it's a quick way to back up data, compared with the slow and error-prone method of copying to tape. Most disk imaging products can copy a PC hard drive in just a few minutes. In fact, disk-based backup is so inexpensive now that few users even need to consider tape.
The more compelling feature, though, is that disk imaging programs can "roll back" your computer to a point in time before a security breach took place. Typically, you would do this by setting the software to take a snapshot of your hard drive every day or so. These images can be kept in a partition on your computer or saved across a network. You can then easily restore your computer to its last known clean state.
This can save you hours of work when a particularly nasty virus or spyware program strikes. Simply removing the offensive programs isn't always effective. Some spyware is so insidious that it will continuously download other malicious programs, even if the original offender has been removed. Spyware can also corrupt the Windows registry or change system files so they can't be repaired. In some cases, it's more effective to wipe clean and reinstall the operating system and remove all the bad stuff.
But that should be a solution of last resort. It can take four to six hours to completely rebuild the software suite on a PC, longer if you include all the switches and preferences that need to be customized. When you consider the cost of your time, disk imaging begins to look really good.
Not all disk imaging software is created equal, so consider your requirements before you buy. Ease of use is a major differentiator, but keep in mind that you might have to trade flexibility for simplicity. Some vendors offer server-based software that can maintain a library of desktop images. Incremental backup saves time by saving only files that have changed since the last backup was performed. Not all products support this. Some products also use the Windows file system, while others create their own disk partition that Windows can't see. The latter approach is more secure, but maybe a little clumsier to use.
If you're already loaded up with security utilities, then disk imaging software is definitely a belt-and-suspenders proposition. But if you want complete peace of mind, it's an option to consider.Paul Gillin is a technology writer and consultant and former editor-in-chief of TechTarget. His Web site is www.gillin.com.