Before we begin, it will help to teach those who may not be totally familiar with Krampus a little bit of background about him. An Introduction to Krampus As we all know, Santa Claus is the very picture of jolliness. You?d be hard-pressed to find a nicer guy out there. Everything about him, from his rosy cheeks to his big bowl-of-jelly belly really accentuates his giving personality. Krampus can be safely considered the antithesis of Santa Claus, and many of the elves at the North Pole put some real stock in the story that Krampus is ol? St. Nick?s shadow. The ugly old demon has it out for kids, especially naughty ones, and makes it his mission every Christmas to punish those on the naughty list by hitting them with the bundle of sticks he carries with him? and that?s what he does when he?s feeling forgiving. He?s also tried to do a lot worse. For every bit of friendly and kind that Kris Kringle looks, Krampus is the opposite. Tall and covered in scratchy, wiry hair, his ugly face is framed by the goat-like horns that curl from his head. Naturally, he has fangs, which don?t do much to keep his long tongue in his mouth. Matching his horns, his feet are just hooves. Again, he literally carries a collection of branches around to hit children with, and he keeps himself wrapped in chains for some reason. As you might imagine, he doesn?t exactly smell nice, either.  He?s really just a bad guy, overall. Krampus? Tactics Have Shifted Over the years, the gang up at the North Pole has done a pretty good job in minimizing how much harm Krampus has been able to accomplish, but as they?ve done so, Krampus has become sneakier. Now, in addition to going after naughty children and otherwise interfering with Santa?s delivery schedule, Krampus has actively interfered with operations at the North Pole. He?s become a fairly adept cybercriminal, using his talents to disrupt the North Pole?s supply chains and otherwise slow production of toys. He?s been known to try and phish the elves into opening his infected emails, trying to fool them with supposed ?wish lists?, or calling up the North Pole directly and posing as parents to try and add additional kids to the infamous naughty list. This is where we became involved, as the IT team up at the North Pole had more than enough to do without dealing with his incessant attacks. Here?s a transcript of one of the calls their team has caught: NORTH POLE: Hello, thank you for calling the North Pole, this is Boots. How may I direct your call? KRAMPUS: (in falsetto) Hi there, this is Timmy Johnson?s mother. I just wanted to call and let Santa know that he is being very naughty right now. NORTH POLE: Oh dear, that isn?t nice. Let me get the report started. May I have Timmy?s full name, please? KRAMPUS: (falsetto) Timothy Marcus Johnson. NORTH POLE: And his age? KRAMPUS: (falsetto) He is nine. NORTH POLE: Oh dear. Do you have Timmy?s official North Pole ID number handy? It would have been given to you shortly after he was born. KRAMPUS: Uhhhhh? NORTH POLE: Hello again, Krampus. Nice try. It should be mentioned that these calls were not […]

Where Support Costs Build Up Technology costs tend to rise rapidly once an issue is discovered. Consider the following reasons why: The technology itself could be expensive to repair or replace. The repair fee will likely include fees and travel costs in addition to the cost of the service itself. The repair is likely only focused on fixing the immediate problem, without considering if it will recur or if the would-be solution to the problem causes alternative problems.  If an issue does happen and some piece of technology fails, you are on the hook for the downtime while you wait for a technician to come around and fix the problem.  One of the major problems is that it is next to impossible to predict these kinds of expenses when trying to budget out your technology management. It makes the whole situation extremely precarious since you rely on your IT to run your business.  Managed IT Services Flips the Script Let?s go through the reasons we went through before, that would typically lead to swelling costs and exceeded budgets. This time, however, we?ll assume that you?re leaning on an MSP for your IT assistance and support. While the procurement of technology can be expensive, the Managed Service Provider (MSP) has likely developed a relationship with vendors that can help reduce the costs of purchasing new technology. Many problems can actually be resolved remotely, as the MSP takes full advantage of state-of-the-art technology that allows for networks and infrastructure to be monitored around the clock. The travel costs you would normally be on the hook for are usually unnecessary, and anything that falls within the agreement with the MSP is covered by a consistent monthly fee. In addition to fixing the problem at hand, the MSP uses their access and vantage point to identify the root cause of the issue. This means that the issue itself is resolved, preventing future intervention from becoming necessary. Your MSP will also monitor your technology for these kinds of issues, using special tools that alert them of inconsistencies and errors. Since they use remote access to do so, they can even find potential problems and proactively fix them. Even if an on-site visit is required, it may be included in the agreement, as well.  With a recurring and inclusive fee for these services, budgeting for a managed service provider is a relative breeze. Any changes you need to make (like if you add more employees to further boost your productivity) can easily be incorporated into your monthly fee, keeping costs in check. Interested in finding out more? Reach out to our team and ask about what other benefits working with us can bring! Call (603) 889-0800 today.

Yes, We Know: Part of Our Job is Preventing Data Breaches Don?t get us wrong, we?ll do everything in our power to help prevent our clients from experiencing a data breach. Having said that, there is only so much we can do to stop them. Whether we?re talking about zero-day threats, unreported software vulnerabilities, successful phishing attacks, or a lost device going unreported, there are plenty of ways that an attack can slip past even our team. So, while our services and solutions can greatly reduce the number of threats that your team is exposed to, we cannot realistically catch them all. Therefore, we wanted to discuss how you need to respond if your data is eventually breached. Of course, we?ll also get into a few best practices to help your team avoid data breaches as well. So, Your Data Was Breached? Now What? Step One: Notify Everyone Impacted Let?s make one thing clear? if your company experiences a data breach, it probably isn?t just ?your? data that was affected. Anyone whose data you have collected, from your clients to your employees to your vendors, could now be at risk. This means there are a lot of people you have to alert, just in case their data was impacted in the breach. We do mean ?have to?, as well? each of the 50 states has some kind of legislation that sets standards for data breach notification, so not doing so can land you in some very, very hot water, regardless of where you are located or where you do business. Step Two: Make Things Right with Those Affected Once you?ve discovered the breach and informed your clients of the situation, it is also on you to make amends to them. This may be to offer a complimentary service to them, or a discount. The one thing you don?t want to do is pretend that nothing happened, or gloss over the situation? particularly if the breach caused issues for them. Have a frank and honest conversation with your clientele, doing whatever you can to help them out. Step Three: Identify, Disclose, and Rectify the Issue Internally, you need to make sure you fix whatever problem enabled the breach in the first place. We can help you run a complete network audit to figure out if a problem with your network allowed someone to access your systems, or to find out if someone employed by your company let in the attack (whether or not they meant to). Once you know why the breach was possible, you need to remove the vulnerability. This may require you to update the defenses you have around your network, or to better educate your team on security procedures and best practices. Either way, you need to do whatever it takes to fix the problem, all the while keeping the affected people listed above apprised of your progress? of course, respecting everyone?s privacy. Step Four: Do Better, and Restore from Your Backup This part is simple? whatever needed to be done that wasn?t initially and allowed the breach in, make sure that you implement it into your standard procedures. Any data breach that you survive is a learning experience, if nothing else. Make sure you take advantage of it. If necessary, you?ll also need to turn to your […]

What is Log4j? Log4j is a Java library, which may not mean much to you. All you need to know about these libraries is that they are used by programmers to develop software. If an application uses the Log4j library, it suffers from a major vulnerability that was just discovered. The problem is, this particular Java library has been used extensively over the years, which means that the vulnerability impacts most of the big names in software and the applications and cloud services they offer. Big names, like? Amazon Web Services Apple Cisco Fortinet Google IBM Microsoft  SonicWall Sophos VMware ?as well as others, large and small. Even the United States? Cybersecurity and Infrastructure Security Agency (CISA) is affected. How Vulnerable Could Log4j Leave My Business? In a word: extremely. This vulnerability is so bad, it?s been demonstrated that using a single script in some applications could give a hacker near-ubiquitous access. This vulnerability isn?t new, either? it?s been around for years, but was only recently discovered on a wide scale. As a result, more people than ever are able to take advantage of it. What to Do to Fight Back Against Log4j This is where the real challenge comes in. Naturally, if you rely on some of the systems that have been affected, there are some steps you need to take. Much of the onus falls on the developers and companies who used the Java library to go back and fix the issues. Rest assured, it is pretty much guaranteed that the list of developers we mentioned above will do something about it. Many of them already have. However, it also falls on the impacted websites and businesses to apply the patches that these developers put out. For example, let?s assume for a moment that you?re an annual user on a fantasy football website. If that website relies on technology that Log4j impacts and they don?t apply the fixes, the information you?ve provided to the website?account details, financial information, and whatever else?would be vulnerable. Again, this applies to every website, so if that website doesn?t react, your account with them could be vulnerable. How to Protect Yourself from Log4j, as an Individual and as a Business While it won?t totally solve the problem, everyone (private users and businesses alike) should take the steps to lock down their passwords. Weak passwords like ?password1? isn?t going to cut it. This involves following the basic password best practices that we always talk about, like: Using a unique password for each account and website Using a mix of alphanumeric characters and symbols Using a sufficiently complex passcode to help with memorability without shorting your security Keeping passwords to yourself Individual Users Need to Know That the Internet is Even Less Safe Don?t get us wrong? the Internet is never totally secure, but for now, the dangers are that much more severe. You need to be very discerning about who you trust with your information for the time being, as various websites and developers make the updates to their platforms that will resolve these issues. Businesses Need to Enlist the Help of a Professional  All organizations need to bring in a professional to audit all of their technology and update what can be updated to remove the influence of Log4j. Not only will this […]

Let?s go over some of the challenges your organization might face, as well as questions that must be asked if you want to optimize chances of success when implementing new hardware. Before we jump into the hardware acquisition process, we should preface this by saying what not to do when it comes to replacing technology. The biggest pitfall that so many businesses fall into with technology replacement is relying too much on break-fix IT. They only replace technology when it is so broken that it cannot be repaired, and even worse, they wait until the technology breaks before they replace it. The reason this is particularly unforgivable is due to the downtime that this approach causes. For example, if you wait for the server unit to fail before you replace it, then how are you accessing the data found on that server? If a workstation breaks beyond repair, how are you going to get work done? All of this time spent waiting around while you make a decision about replacement is wasteful and unnecessary, especially when preventative maintenance and a technology roadmap could have prevented it all. The first question that needs to be addressed is, ?Should you consider new hardware in the first place?? Oftentimes businesses find themselves upgrading needlessly just to have the most up-to-date model of something. If your current technology works perfectly fine, then there is a good chance that maybe you don?t need to upgrade immediately and can instead get by with technology that, while not the top-tier hardware, will get you through the workday without incident. When your technology starts to cause disruptions to operations, on the other hand, you will have to make a decision about an upgrade or replacement. The second question is, ?What will this hardware be used for?? For example, hooking a video editor up with a thin unit or your standard office workstation probably is not going to cut it. These types of graphic-intensive devices need to have powerful specifications so that the user can fulfill their duties. If you don?t consider what the end user will need the device to do, you are going to be setting them up for failure and establishing unrealistic expectations for them, which is never a good way to implement new technology. Third and finally, you should ask, ?What is the timeline for replacing this hardware?? By this, we are circling back to earlier in this article when we mentioned a technology roadmap. This is a policy that showcases when and how you plan to approach upgrading your organization?s technology. It might include a schedule of upgrades that happen at specific points in time so that they stay current while minimizing the chances of hardware failure. This might feel a bit like preemptively replacing technology even when it is no longer needed, but it?s different in this case, as you are actively planning for it rather than making a spur-of-the-moment purchase. Regardless of your hardware implementation strategies, you can rely on White Mountain IT Services to help steer you in the right direction. To learn more about how we can help your company adopt new hardware solutions, reach out to us at (603) 889-0800.