Before you Rebuild your Computer (Actually, before your system fails)
Before you Rebuild your Computer (Actually, before your system fails)
Sometimes the Universe sends you a message. We don’t listen, so the Universe sends it again. And again. Until we learn.
Four friends, clients, former students contacted me during my holiday time to request (beg?) assistance recovering or rebuilding their systems following hardware replacement, operating system upgrades, or malware intrusion. Several dozens of my hours, and potentially more than a hundred of their hours, the systems are once again operational. Not just running, but supporting the applications and use desired by their owners.
There is a better way.
Charitable acts just seem justifiable during the holiday season. Being an instructor, I had a desire to teach but held back. Teach a man to fish …
Then the video card on my iMac 27 went out. Apple was responsive, though not fast. Well, not as fast as I wanted. My system was back in my hands, repaired and operational in five days. Time passed truly slowly. Particularly after we had to sign a release that indicated they could reinstall, reformat, rebuild my drive if that turned out to be a component of the hardware problem.
Could you hear my screams?
Mind you, I have network attached storage for all of my files. And an Apple Time Capsule that contains hourly backups of my system. (When is the last time I tested or attempted a restore?) And a jump drive with all of the files I have been or will be actively using in the classroom or with clients across a 30 day period. (If I were to lose the jump drive, what files have no duplicate?) I stopped by my office to get some work done. I used my laptop. All the while thinking about the effort that I might need to expend to reinstall, license, update and activate applications. All the work that would be required even before I could restore or use the data. I made myself a note to compare my MP3 and MP4 files once the system was returned. Having spent much of my vacation capturing and cataloging audio CD’s to reduce desktop clutter; I had no desire to repeat that effort. The CD’s are all organized and packed away. Oh, to live in a fully digital world.
And then I considered the pain that my friends might have felt. Missing or lack of OS and application images. Lost licenses. No data backup. No migration plan. No automated tools.
But I didn’t want to go back and teach them. I am rethinking that approach. Hence this blog.
The bill to affect basic recovery in each instance could easily have reached many thousands of dollars. Just to diagnose and repair hardware and recover the OS, keeping in mind any effort to save the data in the process. Not restore it, just save it. System reimaging is simple. At least two friends opted for this path – given the consideration that they will pay for and start with all new applications and start to create new data. One sent out a text via their phone that all friends should transmit an email with their contact information – ouch. One upgraded from XP to Windows 7 after creating a backup partition, with the warning that applications and data might not be directly compatible – and they aren’t. If you rely on your system for your livelihood (or personal recreation), starting fresh might not be your preferred direction.
I have since had two more requests to assist system rebuilds. I feel the pain…so here are some tools and steps you should be taking BEFORE you experience the challenges of rebuilding your system. The more valuable your use of digital technology, the more effort you should expend before you need to repair or replace it.
Backup your data
Organize your data in categories that make sense to you. Create directory (folder) structures and substructures. Store your data in organized sets. If you don’t put your data where YOU can easily find it, finding it via a duplicated backup or storage image will take you hours. In The Organized Mind by Daniel J. Levitin, he reveals the importance of organizing data in categories that make sense to you in order to find them when you want or need them. Feel free to use the Documents folders used within Mac OS X or flavors of the Windows Operating System, though you should understand the actual path might be %UserProfile%\My Documents\<folder name>\<etc.>. If you move content into folder structures that you create and understand, you will be better able to search for it during recovery. At least one client shared that they could not remember the names of files that they needed, only the location of the shortcut on their desktop through which they found their files.
Do some investigation regarding data files with formats that your applications might uniquely create. My prime example is the Outlook .PST file. And your Outlook signature files. And the unofficial address book that maps common nicknames (shortnames/aliases) to the entries in your Outlook contacts. Make sure you export or grab a backup on a regular basis. This might be useful if the file ever becomes corrupted, or if you need to perform a full system recovery. If you use Outlook for your email, calendar, and contacts, one file might contain all three. If you use multiple or variant applications, make certain you have a copy or export for each. Reinstallation of Outlook will create a new .PST file, though it will not have all of your personal data. You will need to perform an import – if you saved the data.
With all the storage alternatives today, pick two. Configure them. Test the backup or storage. Copy and move a file. To two different locations just in case one doesn’t work until you debug the storage AND the recovery functions. Delete the master file and try to recover it from a copy. Relative to storage alternatives, use Cloud storage, or Network Attached Storage, or a tape drive, or a Homegroup, or a large capacity jump drive. I prefer one local and one offsite. Local for comfort and easy access. Cloud based for access across locations and as I travel. I have yet to find an efficient, time based backup solution that captures the full image without negatively impacting either network bandwidth or system performance. So I settle for solutions that capture my relevant data and user settings.
Given User Account Control, and groups like Backup Operators, make sure that you have and are using an account with the appropriate permissions to both create a backup and to restore it.
If you schedule Microsoft Backup (through Windows 7 and by exception in Windows 8/8.1), make sure that you plan to have your system powered on during the backup time window and that the receiving location or media is ready to receive. We know that scheduled tasks will launch the next time the system starts if the alarm is missed, though a backup is important enough that you don’t want it skipped until convenient. I have encountered more than one client across the years that failed to replace the backup media, effectively over writing data until the media was full and then failing to capture current data or lacking recoverability. Test both the launch schedule and the media readiness. Then test recovery as well as backup functions.
Please don’t learn that you are missing the understanding of a recovery step when you really need to return to operation.
Make sure you have sufficient disk space and then enable System Protection in Windows XP through Windows 8/8.1. Save System Restore points regularly for small scale system recoveries. Make certain you configure Previous Versions of Files within Windows 7. Previous Versions of Files has been replaced by File History in Windows 8/8.1 – configure it and test it.
Backup your Applications
Okay, so you cannot truly ‘back up’ you applications. And therein lays the problem. You might be able to backup application files or take a full system image, though either might be insufficient to affect recovery. The registry and other system configuration elements are stored outside the application directory and will not be backed up with the application.
Make certain that you retain copies of the original install media, or pointers to the locations from which you downloaded Internet install and application files. I prefer always to save download install files and images rather than merely authorizing them to ‘run’ – both so that they might be malware scanned before installation and for the ability to re-install or recover following a system failure. You can also make backup copies of the install files in properly labeled folders within your backup set(s).
In a latter section, I will address creating a recovery image for your Windows OS. You may not desire that every application be immediately restored. The size of your Windows Image File might become cumbersome. Consider capturing your system image once you have installed your essential applications as a means of faster system recovery to an operational state. You will need copies of other application install tools or images to affect restoration after your base image is restored.
If you map network drives or use UNC folders, create a notepad document that lists all of the directories that you wish to use. Use Notepad, or an application that is a component of the OS. You don’t want a requirement to install your Office applications before you can recover your data. Backup the notepad document with your other data records.
Create another Notepad file and list all of your applications. Include the source location, and where you stored the install image or CD/DVD. Remember to update the list with each new application. Document the license number as well. While you might be able to recover application configuration and license information from a marginal system, full restore or imaging will require that you have a copy of the license.
After several years, I must admit that I have several applications whose original purpose I no longer recall. I have started documenting which project, customer, or effort induced my experimentation or use of particular software.
If you need to reimage or rebuild a system, you might not need to reinstall everything. It helps not to guess.
Export or create system hardware documentation. Run msinfo32, and export the data to a file that you store with your backup data. Create a custom directory for this single export. Then add all digitally signed drivers for your hardware in the same folder. Remember that Windows 7 and Windows 8/8.1 enforce digital signature authentication for all OS and hardware drivers in order for them to be recognized and utilized by the OS. Anytime that you acquire a signed, third-party driver, make sure that you backup a copy.
Back up your OS
You may rely on the manufacturer’s recovery partition, although this will not save you if the entire drive or system fails. If you have a manufacturer’s recovery partition, make sure to export it, bit for bit, to external media so you have a recovery option in the event of drive failure. Also make sure to document the OS license and vendor service numbers associated with your OS license. If your system came with an OEM version of the Windows OS, make certain that you create an external copy. The primary issue with using a generic OS to recover an OEM system is the likely substitution with generic drivers and/or the related failure of select components for lack of an appropriate, digitally signed driver file.
Save the installation media, or take the time to find and download an equivalent image directly from Microsoft. If your system fails, and you are pressured for a speedy return to service, you don’t want to spend your time searching the Internet or waiting for a lengthy download.
Use Microsoft tools to create a bootable Pre-Execution media, and test booting your system with the tool. See my related blog: Simplify your Windows 8 Evaluation install. Test the media and your ability to use the tool before you need it.
Windows 7 and 8/8.1 come with the infrequently implemented ability to create a system specific repair disc and a system specific image (.wim) for recovery purposes. Once you have a baseline operating system, and anytime you make a major system change, application install, or system update, you should create new instances for each. Save at least one older copy of the image as a recovery option should that recent update or installation rapidly decay.
Practice Making a Full Drive Copy
Given the relatively low cost of Solid State Drives (and considering their faster storage and access rates), now is perhaps the time to make a full copy of your drive. Whether or not you swap the internal drive for a duplicate external copy is a matter of personal choice.
We use an Apricorn external SSD solution that enables us to copy the entire system drive to an external drive. Install the software to the system for which you want a duplicate image, and attach the provided cable to the external drive via a USB 2.0 or 3.0 interface. If you update the software once you install it, you should be able to duplicate drives of different sizes (the original interface required duplicate disk sizes.)
This alternative allows you to store a full copy of your system offsite or in an onsite fire vault.
In this instance, recovery is merely the matter of mounting the drive in a new system unit. At least recovery up to the point at which you created the duplicate drive. (You should continue to backup your data.)
In my next blog, I will share some ideas regarding the repair or recovery process.
Steve teaches PMP: Project Management Fundamentals and Professional Certification, Windows 7, Windows 8.1 and CompTIA classes in Phoenix, Arizona.
You May Also Like
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015