Recent Blog Posts

Here are four ways you can improve your social media security practices. Be Selective with Friend and Follow Requests Social media gives users a lot of control over who they can connect with and who can follow them. One of the best ways to keep yourself safe while using social media is to choose carefully who you allow to follow your accounts. Only connect with those who you would not mind connecting with in real-life and those you can trust. Set Your Profiles to Private Another great way to protect your profiles is to keep them set to ?private?. This gives you the ability to share content with only people who you allow to view your profile. You essentially limit access to your personal or sensitive data. Some social media even let you customize who can see what content on a user level, giving you the ability to modulate privacy in a sense. Stay Aware of How Much You Share Security questions like ?What is your pet?s name,? or ?What is your mother?s maiden name,? are common enough that hackers can find these things by just scouring your social media profiles. This is one reason why many people choose to not share personal information like this on social media, and you can hardly fault people for using an abundance of caution in this regard. If you want to prioritize privacy and security, you could probably take a page out of their book as well. Stay Cognizant of Phishing Scams Even if you take all of the necessary precautions, there is a chance that someone might try to use phishing scams to steal credentials or sensitive information from you. You might receive messages from people you haven?t heard from in years asking for information or sharing suspicious links. Be careful not to let your guard down until you can confirm the identity of the one sending you these requests. For more great tips on how to stay secure online, be sure to subscribe to our blog and reach out to us at (603) 889-0800.

Let?s take a closer look at the needs that a law firm has in terms of its security, and how these needs can be attended to with the right cybersecurity tools. What a Law Firm Needs in Terms of Security Naturally, a law firm needs the same kind of cybersecurity that any other modern business should have. However, this simply isn?t enough to sufficiently protect the sensitive data that a law firm will accumulate over time. Law firms deal in trust and confidentiality, so your capability to uphold these standards is critical. However, in addition to the typical standards, the modern law firm should also prioritize the use of advanced protections that prevent specific issues. With some of the data they store potentially being useful for an insider trading scheme, a law firm could find itself in some serious hot water. In addition to this, ransomware is a serious issue that could easily put the kibosh on a firm?s capacity to operate. Plus, is it really so unheard of that a stressed member of your staff might overlook the warning signs of an attack? Law firms need to have a way to ensure their security is comprehensive. This will require a few steps to be taken: Keep Permissions in Check It?s a simple fact that not everyone will need access to every bit of information that a law firm holds. Not only does it make it easier for your workers when they only have access to what they need, it is the more secure way of operating. Monitoring these permissions and updating them promptly as circumstances change is a solid strategy. Maintain Compliance Various laws and other regulations exist that dictate what precautions need to be taken for many different industries in terms of their data security. The legal industry is no exception, so it is necessary to understand what is required and what that will dictate your law firm to do. Enforce Authentication Standards Identity authentication is crucial, with the strength of your authentication measures needing to be substantial. While your passwords need to meet certain standards (with your infrastructure rejecting any that don?t), it is always better to secure yourself with additional requirements. Using multi-factor authentication is a very effective way to do so. Keep an Access Record Finally, any law firm should have the means to detect when data has been accessed in a way that doesn?t align with the firm?s use. This kind of technology can assist in the identification of various issues, as unusual behaviors become easier to identify. We Can Help Any Business Put These Needs First If you?re interested in putting these defensive capabilities to work in your law firm?or indeed, whatever kind of business you operate?give us a call today. Our team of experienced professionals are waiting for you to dial (603) 889-0800.

A Brief History of Work and Labor Let?s begin at the Industrial Revolution, where the morning-to-dusk hours of farmers and independent tradesmen were replaced by the inhumane hours that the factory system demanded of its workers. These conditions helped to inspire the limits that President Roosevelt placed on working hours as part of the New Deal, with the United Kingdom capping work at 40 hours not long afterwards. With women surging into the workforce in unprecedented numbers during World War II and remaining there after the fact, and the surge in African American employment rising in the ?50s, the factory layout returned to the office, desks crammed tightly together to make the most of available space. It wasn?t until the late 1960s that the cubicle was developed. Along with the cubicle came other technologies intended to boost productivity. IBM introduced its electric typewriter and a business computer system. Technological innovations continued coming into the workplace throughout the 1970s, with the fax machine, laser printer, and floppy disk all being developed amid economic insecurity and rising sexual harassment awareness. The 9-to-5 as we know it, as well as a focus on corporate culture, really arose in the 1980s. The World Wide Web was also introduced, opening the door for most of our processes today. The ?90s saw the introduction of a few long-lasting business tools (mobile phones and email) and ones that didn?t last quite as long (the PDA). After the turn of the century, employment opportunities largely shifted to knowledge-based roles, with many platforms and collaborative tools rising up in the aughts. The 2010s specifically saw services rise in importance, powered by technology solutions, which has continued into the 2020s. Throughout this entire time, the 5-day/40-hour workweek implemented in the New Deal era has remained unchanged? despite our technological capabilities improving exponentially. Let?s examine some of the reasons this may be the case. How Things Have (and Haven?t) Changed It is important that we look back at how technology has developed and how it has influenced the way we work. For instance, while the technology available in the ?50s and ?60s may not have been as productive as the solutions we have today, it is also important to remember that it also allowed for a hard break from the office. Nowadays, we have the technology that keeps us in contact with work for all hours. This means that the lines can become blurred between work and home much more easily. However, household roles have not changed nearly as much, with working mothers continuing their workday by caring for the family and preparing meals. This demographic also tends to be employed in high-stress positions, like those in hospitality, education, or healthcare. A Four-Day Workweek Could Help Resolve These Issues In addition to promoting an improved work/life balance, reducing the time spent in the office by employees (crucially, without reducing their take-home pay) can help make household responsibilities more equitable and easier to manage. It also improves the delineation between home and office by assigning an additional day as ?off.? Furthermore, it has to be said that a four-day workweek could significantly benefit the environment. Commuting creates a huge carbon burden through gasoline-powered vehicles and other ways, like meals in single-use packaging and the like. If you?re worried that shortening the workweek […]

Redundancy Defined When you search ?redundancy? in an online dictionary, you will generally get two different definitions with completely different connotations and meanings. For example, let?s take a look at Merriam-Webster?s definitions. One defines ?redundancy? as ?the quality or state of being redundant,? which can be further elaborated as ?exceeding what is necessary or normal.? Other words that are synonymous with this definition for redundancy might include ?unnecessary? or ?superfluous,? so it?s easy to see how redundancy gets a bad rap? at least in this context. When discussing technology or engineering, on the other hand, redundancy has a much different meaning. Merriam-Webster defines ?redundant? as ?serving as a duplicate for preventing failure of an entire system (such as a spacecraft) upon failure of a single component.? Suddenly it all makes sense; when something within your infrastructure is redundant, it means there is more room for error, and faulty components or user error are far less likely to sink operations in any meaningful way. Flipping the Conversation In a way, redundancy?s two definitions are polar opposites of each other. While one suggests that too much of one thing is superfluous and unnecessary, we would argue that having options and, more importantly, a contingency plan in the event that something unexpected happens is far from unnecessary. If anything, it?s even more of a necessity these days, especially considering the significant threats posed by advanced cybersecurity threats like ransomware. Achieve True Data Redundancy Today If you want to achieve complete redundancy for your business? technology, we know of a couple places to start. In particular, you should focus on redundant data backup and disaster recovery with operations in a close second. If you can keep access to data consistent, then you should have no problem keeping operations going, provided you have a plan in place to address any operational challenges that might arise while you are in the midst of an emergency or disaster. White Mountain IT Services can assist your business with the implementation of any new technology that might be used to achieve this redundancy. To learn more about how we can use technology to aid your efforts at redundancy, reach out to White Mountain IT Services today at (603) 889-0800.

Let?s take some time to break down the National Institute of Standards and Technology?s definition of zero trust, and the seven ?tenets? that must be followed, as found in their Special Publication 800-207. How Does NIST Define Zero Trust? Such a definition can be found in that special publication: ?Zero trust (ZT) provides a collection of concepts and ideas designed to minimizeuncertainty in enforcing accurate, least privilege per-request access decisions ininformation systems and services in the face of a network viewed as compromised. Zerotrust architecture (ZTA) is an enterprise?s cybersecurity plan that utilizes zero trustconcepts and encompasses component relationships, workflow planning, and accesspolicies. Therefore, a zero trust enterprise is the network infrastructure (physical andvirtual) and operational policies that are in place for an enterprise as a product of a zerotrust architecture plan.? In other words, zero trust seeks to not only make it more difficult for a threat to get in, it also simplifies the task of identifying how such a threat would get in. NIST?s Seven Tenets, Reviewed Let?s go through the list and discuss what each of these policies requires that a business do to abide by them. ?All data sources and computing services are considered resources.? In other words, anything that connects to the network needs to abide by any security requirements and access controls that have been established on that network.  ?All communication is secured regardless of network location.? Regardless of whether a device is on the network or not, all communication between it and other network resources needs to maintain the security it would have if external networks were involved. ?Access to individual enterprise resources is granted on a per-session basis.? It is entirely possible that one of your users might only need one of your company?s assets for a limited time, if not for a single session. Locking down your business? resources and requiring authentication each time these resources are accessed helps to limit the chance that unauthorized usage takes place. ?Access to resources is determined by dynamic policy?including the observable state of client identity, application/service, and the requesting asset?and may include other behavioral and environmental attributes.? The hard fact of the matter is that business technology is increasingly complicated, especially now that remote work has become a viable option. This gives the business access to a lot of data that can be used to help its authentication measures. Taking this data into account when determining access permissions in the moment can make a business? access more secure. ?The enterprise monitors and measures the integrity and security posture of all owned and associated assets.? At the risk of sounding cliche, zero trust means that you trust nothing and no one. As this would imply, the zero trust model requires all assets to be monitored constantly?whether an asset is owned by the workplace or the employee. This helps to prevent threats from intruding, as well as ensures that patch management is seen to appropriately. ?All resource authentication and authorization are dynamic and strictly enforced before access is allowed.? Putting it simply, a zero trust approach continues to confirm access permissions even after the user has been initially confirmed and created in the system. This continuous process takes a lot of different inputs into consideration to determine whether trust can be given. ?The enterprise collects as […]