1. Field of the Invention
The present invention relates to protecting computer data.
2. Description of Related Art
Computers and computer networks face a myriad of threats to the data they contain and to their smooth and continuous operation. Due to these threats, security is a growing problem for enterprise information technology organizations, original equipment manufacturers, and home users. Computer threats in the form of viruses, worms, spyware, and the like are constantly evolving, resulting in a constant need to protect against the havoc and destruction they may cause. Large organizations cannot afford to have significant computer and network down time as a result of damage to data and software that may be caused by the threats.
Furthermore, an increased number of patches and updates to applications and operating systems (OS) are being deployed at an increasing rate, to not only improve performance and fix bugs, but to combat against these increased security risks. With these new software deployments come new problems. These new problems may disrupt the manner in which a system operates, or cause a system to become unstable, due to software incompatibilities or unsatisfactory interoperability with previously installed software.
Backup systems and methods have been proposed for dealing with viruses, and the like, as well as patches, updates, and addition of new software. These systems usually save a state of the system at regular intervals, or before the installation of software patches and new software. If and when a problem is detected, the system may be restored to the saved state. However, the restoration may take costly time and lose any system states between the saved state and the state of the system when a decision is made to return to the saved state. In addition, many of these proposals cause changes to the original operating system's file system and organization of volumes, such as hard disk drives. Various techniques propose modifying partitions on a disk, modifying the disk structure, and even modifying the master boot record of the boot volume. However, these intrusive techniques modify system parameters and operation. These changes may be difficult to undo and may actually leave the system more vulnerable to threats.
Systems and methods are needed that integrate with an original operating system's file system to enable protection of a computing system from undesired changes, and enable ways to commit those changes to the system, if and when a user, a system administrator, or other event of interest determines that the changes are appropriate.