This document describes local Computer Security considerations, and
the importance of making a backup (a copy of your computer's disk drive)
and suggests some software to do it.
"Local" Computer means a physical device (desktop, laptop, etc) in your
Note that even though your device (pc, phone, tablet, etc) may store the bulk of its
data on the web, the operating system that executes when you turn the device on,
still must store some things locally (like the name of your home's wi-fi network
and password, etc).
So it's essential to understand where that data is, and how to protect it.
Some information might seem a bit technical, but you should go
through all of it once.
There are 3 aspects of local Windows Computer Security which require your attention:
- Recycle Bin Cleanup
- Disk Defragmentation
The most important aspect of local Computer Security is Backup/Restore of
the device's main ("disk") storage facilty.
This may be either a hard-disk drive (HHD), or solid-state drive (SSD).
An HDD uses rotating mechanical disks and sweeping read/write head(s) to access
data, whereas an SSD uses instantly-accessible memory chips to read/write the
One day, without question, the disk drive in your computer will fail.*1
HDD devices are mechanical devices, with moving parts, lubrication requirements, electronics,
connectors, solder joints, etc., and are subject to vibration, moisture, smoke and dust particles, etc.
SSD dvices are purely electronic, but are still subject to component failures.
So, there's simply no way around this: One day you will turn your computer on, and it will do absolutely
If you are like most users, you will have collected 1,000's of documents, pictures, emails, videos,
mp3s, and a whole host of other irreplaceable digital items.
Therefore, you must occasionally backup your disk drive. Period.
Fire, Theft, Errors
In addition to disk drive failure, there are other instances where a backup of your disk drive
After any of these calamities, if you have a previously-made backup of your disk drive,
you can restore it (to a new disk drive and/or computer) and continue to enjoy your
- You mistakenly erase a file.
- A program malfunctions and destroys a file.
- Your computer becomes infected with malware (a virus, trojan, worm, etc.), and
doesn't work properly (you can't access/utilize your digital items).
(You do have an anti-virus program running, don't you?)
- Your house/office/car/etc. is burgled, and your computer is stolen.
- Your house/office/car/etc. burns down, and your computer is destroyed.
Physical Disks, Partitions, Logical Drives
A modern personal computer has at least one physical disk drive (either HDD or SSD).
This physical drive can be formatted into one or more "partitions" resulting in multiple
logical drives (or volumes). Each volume is given an identifying
System Disk, Recovery Partition, Data Drive
Normally, the Windows operating system resides on a volume which is
given the drive-letter "C" (often displayed as "C:", with the trailing colon).
Many new computers now also come with a recovery partition, which the manufacturer has loaded
with a mini-system, and code to restore the C: drive to its original factory condition.
Sometimes this partition may appear as a D: drive, although it may have another drive-letter, or
may also be hidden.
If your computer won't boot normally, or won't run properly, you can restore it to the original
condition by booting with a special key-combination. It's something like holding the Ctl and
F11 keys, then pressing the Power button (see your manufacturer's documentation for your
specific system). This boots from the recovery partition, and allows the restoration.
However, this restoration usually re-writes all C: drive contents, deleting all personal
Without a recent backup, you will have lost all your digital "stuff".
Another somewhat popular disk configuration is to have the disk divided into a system
volume and a data volume. This allows you to re-construct the operating system
without disturbing (some) your data.
However, once again, re-constructing the operating system will also require re-installing any
application programs (Browser, Email, music manager, etc), and possibly many personal preference
As you can see, it's a good idea to become familiar with how your computer is set up, and design
a proper regimen for Backups.
In a single-volume Windows system
all of your personal files reside on the C: drive, so it makes sense to
back it up frequently.
If your disk does in fact contain a recovery partition (which may never change), it
might make sense to back up that partition only once in a while, whereas if it contains a
large data volume, it might make sense to only back up that volume after a significant
change to it.
Also, it's a good idea to keep as many backups as you can: If you discover that a file you
seldom use has disappeared, you have a better chance of recovering it if your backups cover a
long history, rather than just "last week".
Additionally, as you decide how and when you're going to backup, you should also
'schedule' Recycle Bin Cleanup and Disk Defrag to keep your
computer's disk in shape (see below).
There are several types of backup:
Full / System Image
This captures every detail of the disk drive, and allows you to reconstruct it exactly.
Incremental / Differential
This adds to a Full backup by copying data which has changed since the Full backup
was created, or the last Incremental/Differential backup was created.
This reduces the total amount of backup data which must be stored in order to re-create
the disk drive to a given point in time (each of the points that any of the backups were
This monitors the disk drive during use, and copies changes at time intervals (or after a number of
changes) automatically to a network drive, the cloud, or an internet service on the web.
The next consideration is how to store the backup.
For a local backup (not cloud-based or a service on the internet), there's disk, tape, and optical media.
With the continually decreasing physical size and cost, increasing speed, capacity, and ease of
use, modern external disk drives make good sense for backups.
Today, a 3-terabyte (3,000 gigabytes) USB external disk drive can typically be purchased for less
than $100 (US). These devices simply plug into the USB port on any computer, and are
immediately usable and completely portable.
If your computer is on a local network you can also use a networked disk drive.
Not to seem paranoid, but you should keep your backup in a different physical location from
where your computer is normally kept.
Again, what if the room your computer is in has a flood, or fire: If your backup is in the same place, it
may also be damaged.
And, finally, if you keep sensitive information on your computer (bank accounts, private correspondence,
passwords, etc.) you should use some form of encryption to prevent prying eyes from viewing any of it.
There are numerous schemes to do this, but this subject is beyond the scope of this document.
However, you must treat your backup with the same sense of security. If your disk data is not
encrypted, then even more security for the backup is required.
Backup Programs and Services
There are numerous Backup programs (both free and fee) with varying capabilities. Some only do
Full backups, with only full-disk recovery,
others allow the backup/restoration of individiual files, or folders, etc., etc.
There are cloud-based facilities, subscription services (like Carbonite) and many other
The company Runtime Software provides a freeware program (for
personal home-computer use) named DriveImage XML
It can perform a "Full / System Image" backup of any volume on a Windows system even while
you are using it, allows viewing and restoration of individual files, and folders, and can completely
reconstruct a volume on the original or a new disk drive.
The backup data itself is compressed and written in an industry-standard format (XML), which
will always be readable, even by non-proprietary programs.
Here are some DriveImage XML references:
The company Macriumsoftware provides a freeware program (for
personal home-computer use) named Macrium Reflect Free
It can perform "Full / System Image", Incremental, and Differential backups, even while using your system,
and is a comprehensive back/restore environment. Backup definitions can be saved to execute on a scheduled
basis, external storage capacity can be monitored, and much, much more.
Here are is a good Macrium Refelct Free tutorial:
Recycle Bin Cleanup
In the default Windows configuration, when you delete a file while in Windows
Explorer (and in some other situations), it is placed in the Recycle Bin, and so
is not really removed from the disk drive. This allows you to "restore" it easily:
it's still on your disk, but only visible from within the Recycle Bin.
Periodically, you should empty the Recycle Bin, to really delete such files.
In addition, as Windows and your application programs execute, many temporary files
are created for various reasons. These files, too, should be deleted periodically.
There are many free programs available to assist in finding and removing such "temporary"
Note that by cleaning up your disk before creating a backup, you will save
space on your backup volume.
On the other hand, by cleaning up your disk after creating the backup you will be
backing-up files which you may have deleted erroneously, but which you could now restore.
While Windows and your application programs are executing, they write both temporary and
permanent files to the disk. After many write/copy/erase/re-write operations,
the files become fragmented. That is, parts of a file may be spread out over a
large area on the disk drive (not contiguous).
For HHDs, this causes extra overhead for the drive to read a file: It must
physically move it's read/write head to access the separated parts of the file,
possibly creating a slower response.
For SSDs this is no longer a problem. However, there are other "cleanup"
considerations, such as "TRIM" which affect performance. See your manufacturer's
documentation for details
The antidote to file "fragmentation" on HDDs is Disk Defragmenting ("defragging"),
which places all the fragments of each
file as close together as possible, thus minimizing disk-head movement.
Windows has an automatic built-in defragging facility, and
the company Piriform (creators of the "CCleaner" program)
provides a freeware program (for
personal home-computer use) named Defraggler
which has some additional capabilities.
Actually, your disk drive may never fail, but it's a good idea to approach Computer Security
with this thought in the back of your mind. If you don't, and the drive does fail, you'll
be very unhappy if you don't have a backup.
- Include SSD (solid-state disk) information.
- Piriform's "Defraggler" program suggested instead of Auslogic's "Disk Defrag".