Recent Blog Posts

A Good Data Backup Means More Than One Copy Let me put it this way: how useful is a backup that was also destroyed in some disaster, along with the original copy of your data? In short? it isn?t. There is a non-zero chance that something could make your backups unavailable to you, so you need to have a backup backup plan, stored someplace separate from your other backup or the original data. A Good Backup Means Keeping Your Backups Safe If you?re around any of us at White Mountain IT Services for any length of time, you?ll see how seriously we take data security around here. Failing to properly secure your backups is a rookie mistake to make, as it contains exactly the same data that your default data storage does. Therefore, it is crucial that you make sure these copies are just as securely protected. A Good Data Backup Contains More Than One Version While cybercriminals have taken to showing their hand earlier and earlier, this isn?t always how they operate. Sometimes, they prefer to work in the background, corrupting your data?and any backups taken of it?for some time. Therefore, it is wise to keep a few copies of your data going back a ways. That way, should you need to restore your data, you are more likely to have a copy from before the infiltration occurred. Maintaining a Backup Takes Strategy. Let Us Help. Establishing a good data backup and implementing the processes to make it seamless will take a fair amount of time. While this would not be time wasted by any stretch, it can be hard to reconcile that with the opportunities you could miss as a result. White Mountain IT Services is the best option for the business that needs assistance with their IT in New Hampshire. Hand off the responsibility of taking care of your backup to us. Focus your energies on growing your business? we?ll make sure it?ll still be there and ready. Call us at (603) 889-0800 today.

Damage Control Your first step needs to be getting a handle on the situation at hand. While hacking on any scale is a bad thing to experience, cutting it off as quickly as possible will serve you well. Here are a few steps that you need to take in order to do so: Contact Your IT Provider IMMEDIATELY If your IT provider is anything like us, they are more than likely aware of something happening on your network if they are monitoring it closely. That said, you?ll want to notify them immediately if you are suspicious of malevolent activity.  Depending on what the issue is, IT will take specific actions to remove the threat, mitigate the damage, and then harden your network to prevent it from happening. Threats can sometimes be removed easily, or it could take a lot of hunting to chase down the cause of the problem if it isn?t being done proactively. Here?s an example of a nightmare recovery scenario. IT may decide it?s best to take the nuclear option and wipe all affected devices completely before restoring them from a data backup. Doing so should remove the chance that a lingering threat could continue causing problems. We strongly recommend that you reach out to us for assistance with this, as we?ve seen plenty of cases where the business goes through an intense amount of labor only to experience the same hack after everything is back online. It has to be done carefully, and it has to be done correctly, and even then, the risks are still there. Once that?s been accomplished, you need to be sure that all of your cybersecurity protections are fully updated and that you are as secure as possible. Check your firewalls, antivirus, spam protection, everything. Seek Out Assistance Many small businesses fully place their IT issues (or more accurately, dealing with them) on their staff members. Obviously, this isn?t a good situation. For a business? purposes, it is much better to have a professional, dedicated resource to answer any questions your team has. A solid and reliable expert, like the ones that we employ here at White Mountain IT Services, can be key to making it through these kinds of situations in the best position possible. Be Prepared to Inform Clients and Prospects Finally, we come to the last (but by no means least) part of making it through a cybersecurity incident: disclosing it. Of all of your interactions with your clientele or staff, this is the time when clarity and concision is most crucial. Bring everyone up to speed on the situation, what the possible ramifications are, and what needs to be done next to minimize the damage the event ultimately causes. The hard truth of the matter is that you will ultimately lose some people when this happens. Of course you will. While the data practices of some people in their personal lives are questionable at best, the onus is still on you if they?ve entrusted you with the same data? and they?re not wrong. This means that you are accountable, and therefore need to be open and forthcoming with anyone involved. Every state and most industries have their own rules and requirements for data privacy, so you?ll want to understand exactly how you need to handle the communication involved with a […]

The Less Inclusive Internet We all use the Internet for multiple purposes, and we all get extremely annoyed when we come across a webpage or an app that is poorly designed and provides a terrible user interface. For people with disabilities it can be even more frustrating. In fact, for some, it makes getting the goods and services they desperately need all but impossible to do online.  Defining Accessibility  In the context we mean here, accessibility is basically the usability of a website or app. When people can?t properly navigate, understand, and successfully interact with a web-based platform, its accessibility is limited. A few standards have been outlined, known by the acronym POUR:  Content and the overall user interface must be perceivable by everyone, accounting for those who rely primarily on visuals as well as those who require sound or tactile input. A website must be operable, which requires that those with limitations must be able to identify and navigate through different elements of a webpage. A user must also find the website understandable, with the information presented on it in such a way that the meaning is clear, and the formatting is consistent. Finally, a website must be robust, which here means capable of operating properly on a variety of technologies?including assistive technologies. As the COVID-19 pandemic hit, social distancing guidelines were implemented, making the accessibility of services to people with disabilities extremely important. With everyone thrust into a new system, the inconsistency of the accessibility of applications and websites became frightfully apparent. In America, one-in-every-four people have been diagnosed with some form of disability, so the pandemic made things difficult for nearly a billion people.  Common Disabilities Here are a few common disabilities that may make it difficult to work with web pages and apps that don?t work:  Visual disabilities, including blindness, color blindness, and low vision. Hearing disabilities, including deafness and hearing impairments. Neurological disabilities, including conditions and disorders that impact the nervous system. Cognitive disabilities, including those that impact attention, learning, and logic. Motor disabilities, including those that limit fine motor skills, slow muscles, or prevent the full use of one?s hands. These are officially listed in the Web Content Accessibility Guidelines, a standard that was created by the World Wide Web Consortium and specifically designed to establish some basic oversight over the Internet. It became clear that it woefully neglects some people with disabilities. The WCAG has been a foundational guideline for disabled Internet use around the globe. This includes Title III of the Americans with Disabilities Act (ADA), while others (like the European Standard EN 301 549 of the EU Web Accessibility Directive) incorporate the WCAG?s guidelines into its own contents. While it?s a good start, these guidelines still seemingly come up short.  The pandemic exposed the lack of inclusivity. Take a look at the state unemployment sites. Based on research completed by the Information Technology and Innovation Foundation, 86 percent of these sites failed at least one basic evaluation for mobile loading speed, mobile friendliness, or accessibility.  Additionally, telehealth interfaces, something that has gained a lot of traction during the pandemic, have been exposed for their lack of usability, consistency, and availability of services like closed captioning have underperformed.  Furthermore, a survey conducted by Pew Research Center in 2016 revealed that adults with […]

Keep Your Software Up to Date To spy on you through your webcam, a cybercriminal (which is what that person would be) needs to have access to it. This can be as simple as simply hijacking an insecure program that has already been granted this desired access. Keeping your software up to date helps to eliminate the likelihood that the hacker will have that opportunity, from the programs and apps you have installed to the operating system itself. When working on a PC, navigating to Settings and to Update & Security will bring you to the option to schedule your Windows Update. Rather than being interrupted mid-workflow, you can Change active hours to have these updates implemented after hours. Maintain a Firewall When it comes to keeping unwanted guests out of your network, a firewall is one solution you certainly need to prioritize. Making sure it is up, activated, and effective is a relatively simple process. In Settings, once again under Update & Security, you should find Firewall & network protection in the left sidebar. The menu that opens when you click it will offer Windows Defender Firewall, one rudimentary way to stave off threats. This is a good enough solution for home users, but businesses will want to deploy an enterprise-level firewall that is designed to protect every facet of their network. Securing Your Wi-Fi It isn?t uncommon that attackers will target your network via the router, rather than the computer that uses it to connect to the Internet. If they can access this piece of your network infrastructure, there?s a considerable list of devices they?ll then be able to access. Better securing your router equates to better securing your entire network. The first step is to rename your wireless network to something that doesn?t tie back to your business and lock it down with a strong, complex password. You?ll need to remember it, of course, but using a passphrase with some added symbols and alphanumeric switching will help keep it memorable to you and bamboozling to cybercriminals. Cover Up Your Webcam If you?re really and truly worried that someone may be peeping at you through your webcam, the simplest way to prevent the possibility is to simply obscure their view. Covers are available to make it simple to ?deactivate? the camera when it is not needed, and in a pinch, a sticky note will do the job just fine. Privacy always needs to be prioritized, in the office, the home, and in the home office. For more tips, practices, and advice on keeping your data secured, make sure to check back on our blog every few days.

Let?s explore this trend, and what it implies for your cybersecurity. Understanding the Concept of Dwell Time Dwell time is the term for the duration that a cyberattack is present on the network before it is detected. According to figures compiled by Mandiant, their researchers have found that the median dwell time around the world is 24 days. This number continues a decade-long trend of shortening dwell durations, with 2011 seeing a median dwell time of 416 days. So, over the past ten years, the median dwell time has shrunk to about a fifth of what it once was. On the surface, this sounds great? and it makes sense, too. Organizations are investing more into their cybersecurity, so their policies are better and they are simply more able to detect threats. Therefore, cyberattacks aren?t spending nearly as much time on a network before the infiltrated business becomes aware of them, so the damage they can do should be limited? right? As much as we?d like to wrap this blog up right here and say ?Right, and here are some best practices to follow?? we can?t. The situation is just a bit more complicated, and those complications are important. The Shifting Threat Landscape Plays a Role Here?s the thing: as the dwell time that cyberattacks spend on a network undetected has shrunk, the methodology behind the attacks?more specifically, the type of attacks commonly being used?has shifted. Nowadays, ransomware plays a much larger part, increasing from 14 percent in 2019 to 25 percent in 2020. Ransomware (the malware that locks down a targeted system and demands payment to release it) has a much shorter dwell time than most other attacks. Taken as a group, other attack methods had a median dwell time of 45 days. Ransomware: just five. This difference is what contributed to the overall median dwell time of 24 days. So, these shorter dwell times can be attributed to ransomware intrusions progressing to full-scale attacks much more quickly. Ransomware Has Gotten Worse Unfortunately, a business? troubles don?t end there. In addition to these accelerating attacks, hackers have grown more aggressive. This has translated to higher ransom demands, as well as the unsettling development of so-called ?multifaceted extortion??where the attacker threatens to also publish the data they steal if payment isn?t made. Other Attacks Are Still Prevalent, Too Businesses still need to worry about other methods of attack as well. For instance, exploits (codes that take advantage of programming bugs or other vulnerabilities) have risen in popularity again as a way for an attacker to first get into a business? network. They?re now seen in 29 percent of intrusions, as compared to phishing attacks and their 23 percent prevalence. Other commonly used tools included misused tools meant to provide security teams with the resources needed to run their evaluations. These backdoors were found in 24 percent of incidents. Moreover, privately-developed malware?the kind that makes responding to a security incident more challenging?was seen in 78 percent of attacks. This Is All Concerning, So Your Business Needs to Prepare Accordingly How do you do that? Proactively, and keeping in mind that the modern threat landscape is just too diverse to be covered by a single, simple fix. The measures needed to respond to each are all very different. If you?re finding this to […]