Recent Blog Posts

Let?s dive into the details and see what can be learned from this ransomware attack. What is Kaseya? Kaseya is a software vendor that works closely with managed service providers (MSPs) to provide IT solutions. The software designed by Kaseya is meant to be used by managed service providers and large enterprises to manage and support technology across multiple networks. As reported by ZDNet, at least 40,000 companies worldwide use at least one tool created by Kaseya. The attack in question leveraged a vulnerability in Kaseya?s VSA service, which is basically a remote monitoring and management tool.  Since Kaseya plays such a key role in connecting IT companies to the businesses that they support, it should come as no surprise that such a ransomware attack could have profound effects on both the MSP service industry and the countless businesses that are supported by them. If your IT provider happened to use this particular software, there is a good chance that you were unlucky enough to become a victim of this attack, especially if other countermeasures weren?t in place. The Attack?s Timeline To give you an idea of how this attack has progressed, let?s take a look at the timeline, as it was reported by ZDNet: July 2, 2021: Kaseya CEO Fred Voccola announced that the company experienced an attack against the VSA that was limited to ?a small number of on-premise customers.? Voccola also urged users of the VSA service to disconnect all servers hosting the solution in an effort to prevent further infections. Kaseya informed those potentially affected by the attack, as well as shut down their own SaaS servers as a safety precaution. July 3, 2021: Kaseya released a Compromise Detection Tool to help customers determine if they have been compromised by the ransomware or not. The tool analyzes the endpoint or server to see if there is any indication of compromise on the system. July 4, 2021: Kaseya declared that they had become a ?victim of a sophisticated cyberattack,? and brought in external security experts, including Mandiant, to aid in learning more about the attack and resolving the issue. July 5, 2021: Kaseya issued the following update: “We are developing the new patch for on-premises clients in parallel with the SaaS Data Center restoration. We are deploying in SaaS first as we control every aspect of that environment. Once that has begun, we will publish the schedule for distributing the patch for on-premises customers.” The attack itself is thought to have been administered via an automated malicious software update, bypassing authentication and executing commands remotely. More information on this attack can be found in Kaseya?s briefing on the incident here. The Takeaway Since this particular issue was caused by a zero-day vulnerability (a previously unknown vulnerability) in a provider?s systems, it is hard to fault anyone in particular for this hack, but it does further reinforce the importance of monitoring your system for irregularities, as this attack was only uncovered as a result of such monitoring. Imagine the damage that could have been caused by this threat if it were to remain undiscovered for an extended period of time. It just goes to show that even businesses that do everything right can still become victims of ransomware attacks. While there are countermeasures to prevent ransomware attacks and […]

Security The biggest and perhaps most noteworthy issue that arises with cloud migration is security, and it?s easy to see why. When you move data or applications to the cloud, you are essentially letting it live in an online environment where it can be accessed as needed. This presents all sorts of complications that must be considered. How is it accessed? Where is it stored? What kind of cloud is the best fit for the security needs of this particular data or application? A good example is the public cloud versus the private cloud; while the public cloud might be great for accessibility and ease of use, the private cloud will enhance security considerably by giving you more options. Traditionally, the public cloud does not allow for the dynamic security solutions that businesses might want for their cloud infrastructures, but private clouds do. Compatibility Whether or not you should migrate to the cloud is a serious question to entertain, as well. Just because you can move applications or data into the cloud doesn?t mean that you always should. Sometimes it?s better in terms of privacy regulations to keep data stored in-house where it is ?safer? and easier to centralize compared to the cloud. You also might need to consider whether or not the applications that you want to host in the cloud are compatible or user-friendly in a cloud-based environment. Some resource-intensive applications might require significant amounts of bandwidth in order to function properly, and it might turn into a question of whether the convenience and ease of access is worth the monetary investment. Scalability How easy is it for you to add more data storage, more users, or more features to your cloud-based applications or storage solutions? You will want to have a solid understanding of each of these for every application of the cloud you have for your organization. It also helps to plan for change and scale for growth in this regard; failing to do so could lead to your business spending too much time and too many resources than anticipated, potentially killing your budget and increasing the cost of implementation far beyond what you had initially expected. If you are unsure of how to progress toward cloud migration, White Mountain IT Services can help your business navigate through these challenges. Most important of all, we can do all of the work of migrating your data to the cloud so that you can instead focus on the process of keeping your organization?s operations in proper working order, minimizing downtime and the risk of a botched migration. To learn more, reach out to us at (603) 889-0800.

What?s Going to Happen with Google Drive? Anyone who uses Google Workspace for collaboration is more than likely familiar with the link-sharing feature that Drive offers. For those who haven?t used it, it?s a feature that enables you to share the documents you?re working on with others with varying permissions so that multiple people can collaboratively contribute to the work done on them. It?s an intensely useful feature, especially since you can just copy and paste a link into a quick message to expeditiously share this access. However, the pending update to Google Workspace will throw a wrench into these links? at least, ones that were generated before these updates.  Basically, Some Links Will Break Here?s the crux of the situation: once these updates are applied, a resource key will be added to the URLs generated when sharing a link. As a result, there will likely be an influx of new access requests for businesses to manage. Google?s dedicated support page has made it clear that admins can choose how to apply this update until July 23. After July 26, end users will start to receive notifications alerting them to any files they manage that were impacted. If admins allow it, users will be able to choose how these updates apply to their files until September 13. Need Assistance? White Mountain IT Services is here to help businesses with IT management needs just like this. Find out what more we can do for you by calling (603) 889-0800.

Keep Things Clean and Tidy Technology solutions like workstations and server units are complex pieces of machinery with tons of moving parts. As such, it makes sense that they will function at their best when things are kept clean. You may have noticed that dust and other particles can gather in particular spots on your computer, such as near the fans and any small grates that give the machinery room to breathe. Take a moment every so often to clean things up a bit. Just make sure that you don?t blow or wipe the dust into the machine, as dust accumulating in the case itself could lead to damaging the internal components. Apply Patches and Security Updates If keeping your technology clean externally is important, then that goes doubly for making sure that it is cleaned up internally as well. By this, we mean making sure that everything is spick and span with your computer?s software and operating system. Developers issue updates periodically throughout a software?s lifetime designed to keep it safe from hackers and vulnerabilities. Apply these patches as they are released and you should have minimal opportunities to suffer from a data breach (in theory, anyway–it?s never quite this simple). Perform a Routine Network Assessment When it comes to network health and IT maintenance, it helps to zoom out and get a bird?s eye view of your entire network infrastructure. While it certainly is beneficial to look at network health on a micro level, the macro level can also provide valuable insights. For example, if you look at the whole, you might find bottlenecks where data is getting held up, which is not necessarily something that you would find unless you were looking in the right place. A network assessment can also give you information regarding network security and efficiency. Contact Us! If you are not comfortable performing maintenance on your technology, don?t worry. You?re not alone in this regard. In fact, we highly encourage and recommend that you have only qualified and experienced technicians perform maintenance on your business? technology. Remember, these devices are assets, and they must be protected with proactive maintenance whenever possible. To this end, White Mountain IT Services can help. We can administer proactive maintenance designed to keep issues from evolving into major problems later on down the line. You can know with certainty that we are keeping a close watch on your technology solutions for any signs of wear and tear. To learn more, reach out to us at (603) 889-0800.

Software Licenses vs Software as a Service Anyone who has ever purchased a piece of software knows that it can be expensive up-front. Normally you would pay a fee upon purchase, then upgrade to the latest version of the software as time goes on, constantly purchasing and repurchasing the same software, just updated with a new coat of paint. This can be seen as a wasteful practice, and some small businesses simply do not have the funds to make this happen for multiple employees. Furthermore, if licenses for all software cannot be purchased, businesses might opt to use older and less secure versions of the software, leading to increased likelihood of data breaches and data loss; and that?s not even mentioning the productivity issues that could result from using older, defunct software. No, it?s far easier to use the most recent, up-to-date versions of software whenever possible. That?s where Software as a Service comes into play. The Benefits of Software as a Service Generally speaking, when you use a cloud-based version of an application, you are likely using it as a ?software as a service? model. When you utilize Software as a Service, you are always using the most recent version of the program in question. There is no concern that you are using an outdated or unsecure version of the software. Adding new users is easy, too. Rather than purchasing new licenses, you are simply adding user accounts and adjusting your monthly rate. Furthermore, since you are paying for the software on a month-by-month basis, the payments are smaller and easier to fit into a budget than the larger up-front costs of investing in a certain number of software licenses. It?s just one way that the ?as a service? model can make running a business easier. Get Started Today White Mountain IT Services can equip your organization with the software tools it needs to succeed in today?s rapid-fire business environment. To learn more about how we can help you manage not just your software, but also your entire IT infrastructure, give us a call at (603) 889-0800.