First, we would be amiss if we didn?t start with what makes them different. HIPAA and HITRUST, contrary to what you may assume, aren?t both regulatory frameworks. HIPAA very much is, but HITRUST is actually an organization that itself developed its own framework (the Common Security Framework, or CSF) that assists businesses in complying with HIPAA, as well as PCI DSS, NIST guidelines, and other regulations. What is the Health Insurance Portability and Accountability Act? Signed into law in August of 1996, HIPAA establishes the many requirements that healthcare organizations and their partners must adhere to, with these requirements expanded upon further by the addition of the HIPAA Omnibus Rule that better integrated the demands of the HITECH (Health Information Technology for Economic and Clinical Health) Act. What Does the Health Information Trust Alliance Do? HITRUST, as a coalition, works to integrate the tenets of HIPAA into its own CSF. By establishing certain requirements of businesses that align with what HIPAA mandates, the HITRUST CSF makes the portability and accountability act far more actionable. How Do These Two Acronyms Coexist? Building on HIPAA, the HITRUST CSF creates a standardized framework and certification process for the healthcare industry to abide by, while also integrating the demands of HIPAA with those passed down by other compliances and frameworks, as we mentioned above. In many ways, HITRUST is therefore the larger challenge to comply with. Speaking plainly. HIPAA lays out the rules that healthcare providers, organizations, and affiliated businesses must abide by. HITECH gives them the strategies and solutions needed to do so. As a result, both are critically important considerations for any healthcare-affiliated business that wishes to avoid considerable challenges. Do You Need Assistance in Keeping Your Business Compliant? There is no shortage of security protocols and protections that assorted businesses in different industries must be cognizant of in order to continue their operations without being subjected to assorted fines. White Mountain IT Services is here to help you and your practice see to it that you are, with all the technical parts handled for you. Find out exactly what our team can put in place for you and assist you in managing by calling (603) 889-0800 today.

Let?s take a look at how some of the most popular browsers integrate password management, as well as how you can disable them should they be deemed untrustworthy or insecure. Just How Secure Are They? See below for a quick rundown of how the major browsers on the market handle password management. Google Chrome Chrome?s password manager is tied to the user?s Google account. It offers quite a few features that you might expect to see from a password manager, such as two-factor authentication and random password generation. This password generation encourages users to use different, secure passwords for each of their accounts rather than recycling the same old one–a practice that could put the user at risk of a data breach. Mozilla Firefox Whenever you access an account through Firefox, the browser will ask you if you want to save the username and password used on the device so that it can be viewed through the browser?s Options menu. These credentials can be saved, though it should be noted that the default setting for this is quite insecure. One way that this is addressed is through a master password that can be used to protect the browser?s contents. Microsoft Edge Compared to the other browsers, Microsoft lagged behind in terms of password management. As of January 2021, Microsoft Edge now has this feature. One of the coolest new features associated with this is Password Monitor which can inform the user of data breaches, as well as the ability to create a password whenever a new account is created. Apple?s Safari Safari holds a password generator and management tool which gives the user the ability to autofill passwords on websites they visit. But that?s only the start? they can also save contact and credit card information, both of which can be accessed through iCloud Keychain. Unfortunately, this platform is only available on Apple devices, which is not that bad of a loss when you consider the fact that most third-party password management tools offer similar options, as well as two-factor authentication not being available. What?s the Most Secure Offering? If there are no other options available to you, these integrated password managers are passable, but we do recommend that you use a dedicated password management tool. Most integrated password management platforms do not require that the passwords be secure, which is absolutely not the case with dedicated password management programs. While these might sacrifice convenience, improved security is worth every penny. In addition to your password management tool, we recommend that you supplement password security with the use of two-factor authentication, as well as additional best practices. Here are some key ones to keep in mind: Always update your browsers and devices; doing so will keep security as optimal as possible. Steer clear of unsecured websites; if the website does not have ?https? in its URL, that means that the website is not secured and could potentially be at risk on public Wi-Fi connections. You can also look for the little lock icon in the browser?s address bar. Stay vigilant about your browser extensions and installed software. Don?t put yourself at risk unnecessarily! Deactivate Your Built-In Browser Password Management In the event that you do not wish to use your built-in password management, you can always disable these features. Here?s […]

The blockchain first gave us a look at what the benefits of a decentralized ledger could be, and the many ways they could be put into practice. However, some of the aspects of Bitcoin (namely, how much energy it requires to operate, amongst other shortcomings) made that form of blockchain a poor choice for many businesses and their needs. While we?ll discuss it in more detail momentarily, this is because Bitcoin operates on the public blockchain? something that obviously can?t be used to store sensitive information or proprietary data. As such, other forms quickly emerged to meet these needs, so there are for all intents and purposes now four varieties of blockchain to consider. Public Blockchain The public blockchain is the most open form of blockchain, where anyone can participate in transactions and maintain their own copy of the ledger so long as they can access the Internet. This was the first form of blockchain, as we mentioned, and commonly powers the assorted cryptocurrencies that suddenly became all the rage to talk about. Other potential uses for the public blockchain involve voting and fundraising, thanks to the openness of the system as a whole. This openness is one of the public blockchain?s greatest advantages, along with its inherent transparency and trust-based nature. However, the public blockchain does have a few issues. For one, it can only register transactions at a very slow rate. This compounds into a second disadvantage: the fact that the blockchain network itself is limited in scope, simply to prevent the rate of transactions dipping down further. Private Blockchain A private blockchain is very similar to the public blockchain, with a few key differences setting it apart and resulting in a different sample of advantages and disadvantages, alike. Instead of being accessible by anyone, a private blockchain is kept in a closed network and maintained by a singular entity?typically, a business that wants to see a similar level of trust and security within its own operations?requiring permissions to be extended to any participants. Apart from this more centralized nature, the private blockchain is made in very much the same way that the public one is. While adding this level of centralization to the blockchain makes the entire system much more efficient, it also requires the sacrifice of some of its security. This is important to consider as a private blockchain is often used for key internal processes like supply chain management, internal voting, and asset ownership. Hybrid Blockchain Combining public and private blockchains, a business can take advantage of the capabilities that each presents in concert. These capabilities make it possible to connect to public networks while maintaining privacy, with customizable rules allowing an organization to keep its data close to the chest. For all these advantages, there are some drawbacks to hybrid blockchains?namely, the fact that the hybrid blockchain lacks some of the transparency of other blockchains, and there is no prerogative for a business to undergo the extensive and challenging adoption process. However, there are still effective use cases in real estate, retail, and various other markets that are beholden to steep regulations. Federated Blockchain Finally, we come to federated blockchains. Similar to the hybrid blockchain, the federated blockchain combines the beneficial features present in both the public and private blockchains. This makes some records […]

You Will Likely Have to Make Cuts While technology has helped millions of businesses from all over the world stay relevant during the pandemic, we?re seeing that IT is one of the elements of a business that is seeing the most obvious cuts, even as more technology is needed. This is not a good situation. Most businesses have to cut some costs just to make everything work, of course, but analysts are saying that after things ease back into normalcy, the remaining recession will actually cut IT expenses by two or more percent for the next year. To sustain profitability businesses will need to free up as much capital as they can, and many businesses?including ones that operate in the hospitality and manufacturing industries?are already seeing massive declines in revenue. This suggests that their 2021 technology investments will probably be less than their 2019 spends.  Depending on your situation, you may be using your capital to fill in any potential holes in your workforce and your operational capabilities, and while IT can help you make some headway there, ultimately new technologies aren?t going to be as in demand in the near future. How Managed IT Services Can Help If your business is looking to make some cuts to your operational technology, choosing the right IT service provider can be a great solution. Not only will you be able to maintain your current IT infrastructure, but we can help you find and implement the solutions you are going to need to get through this situation.  Let?s start with the remote workforce. Before the pandemic only around eight percent of full-time workers were able to have the flexibility to consistently work from home. With states mandating people stay at home during this situation, telework has exploded. If your company was one of the few that provided telework options before the stay-at-home orders hit, you probably have had a much easier transition to supporting a completely remote workforce. Most businesses, however, didn?t, and with the vaccine rollout, you are beginning to see companies going to more hybrid employment strategies.  The challenges of supporting a staff that works remotely aren?t necessarily the same as you would have envisioned. Many businesses didn?t provide the work-from-home flexibility out of the fear that they would lose substantial amounts of productivity (and therefore revenue). While this is still somewhat of a concern, most workers that work remotely understand what their responsibilities are and go above and beyond to ensure that they aren?t the weak link. It’s been said multiple times over the past several weeks, but if you have an employee that does not work well from home, it’s a pretty good bet that he/she wasn’t working that well from the office, either.  One consideration that does have to be made if you are going to continue to offer remote work after the pandemic is over, however, is how to secure your endpoints and data-in-transit. If this wasn?t already a main consideration of your disaster recovery policy, it has to be now. Working with remote access and virtual private networks can go a long way toward mitigating the risk your company will see. White Mountain IT Services can quickly help you find solutions that will not only keep your data safe and protect your existing infrastructure, it can provide you with […]

Microsoft?s Solution for Anxiety Filed in October of 2019, and finally being published a short time ago (as of this writing), Microsoft?s patent describes their ?Emotion Detection From Contextual Signals For Surfacing Wellness Insights? technology. By collecting and compiling data from assorted sources, including biometrics from fitness trackers and smart watches and usage data from Microsoft?s Office software, an employee ?anxiety score? can be generated and alert the employee of their emotional change. The platform would then provide recommendations to help them wind back down, like taking a break or a brief walk. For instance, let?s say that James has an important meeting coming up, and is starting to feel anxious about it. This anxiety could manifest itself in a few different ways?perhaps increased typos and spelling errors are popping up in the emails he?s composing, or the email is taking longer than it generally would to write up. If James? behaviors suggest that he?s feeling anxious, a notification will pop up to inform him of his stress and how it was calculated, along with a recommendation based on his schedule to help him relieve this stress. This Technology May or May Not Be Implemented Let?s make something clear: filing a patent is much different than including certain capabilities in a product or service, so there?s no guarantee that these features will ever appear in Microsoft?s software solutions. Having said that, it does show that software developers?even those of as much renown as Microsoft?are more seriously considering the importance of employee wellness and how impactful it can be to the workplace. This Isn?t All Microsoft Has Done, Either (Along With Other Software Developers) This patent is one more in a line of solutions that Microsoft and other software developers have designed to help promote the wellbeing of their employees. Microsoft has also introduced MyAnalytics, an individualized wellness and productivity tool, as well as Viva, a Teams-based tool that combines the benefits of MyAnalytics with Workplace Analytics, an analytics tool intended to deliver insights to managers and business leaders. Cisco has implemented People Insights into its Webex collaboration platform, with data broken down by individual employees, the entire team, as well as the workplace as a whole. Google has also made plans to make similar data available to workers in the interest of self-awareness and improvement. Do People Really Need An Application to Tell Them That They?re Stressed? At first glance, this all may sound a little silly. Is (yet another) notification really the best way for one of your employees to find out that they?re feeling anxious? In so many words: it very well could be. While we aren?t saying that all of your team members are incapable of identifying their own emotions, they may not feel totally comfortable in responding to them in the appropriate way?in this case, stepping away from a task for a moment to decompress. This kind of feature could potentially not only help make them more aware of their own mental state in the workplace, it signals that their needs are important, that it is okay to take a break if they need one. With the kind of stress that so many have felt over this past year, this message has perhaps never been so pertinent. What do you think? Is this kind of feature […]