Recent Blog Posts

Although the term sounds super advanced and a little intimidating, artificial intelligence simply describes the ability of a computer system to learn, perform, or automate tasks. Narrow AI is limited to performing or learning certain tasks, while General AI can adapt and learn how to perform a variety of different tasks, much like a human brain and includes everything from virtual assistants appearing on smart devices to the technology that powers self-driving cars. Today, companies can use AI to achieve a variety of goals and tasks, including processes like process automation, data analytics, and engagement. Let?s go over these three objectives and how AI can benefit them. Process Automation By adding AI to their automation efforts, businesses have been able to more efficiently see the returns of implementing it. This form of automation does its work principally in the background. It also has the benefit of being both the most affordable and quickest to return some of your investment. Data Analytics This variety of automation is responsible for processing the massive volumes of data that modern businesses rely on, assisting to identify patterns that would otherwise go unnoticed and unseen. Whether it keeps an audit of all the exchanges your business makes or predicts how your audience will respond to changes, data analytics provide businesses with information that would be unavailable just a short time ago. Engagement Finally, automation has enabled businesses to more effectively communicate with their many contacts, from clients and employees alike, with specialized tools that simplify the process. Websites have customer service tools that help direct them to the answers they need, healthcare professionals can access treatment recommendation systems that can help customize a patient?s healthcare approach, and other applications enable simpler access to the desired information. Can AI be complicated and difficult to implement? Yes? but it doesn?t have to be. White Mountain IT Services can assist you in putting together a strategy and putting it into place. Learn more about what we can do for you by calling (603) 889-0800.

People depend on mobile computing. Whether that comes in the form of content creation, app usage, or some other reason, people want a device that can handle everything they throw at it. Here are a few of the very best smartphones available right now. Samsung Galaxy s20 Ultra Samsung?s annual contribution to the smartphone market tends to be taken for granted, but they typically are some of the best devices on the market each year. The Galaxy s20 Ultra is no exception. Made on an aluminum frame with Gorilla Glass 6 front and back and featuring a ridiculous 6.9-inch Dynamic AMOLED 2x display, it runs on a Qualcomm Snapdragon 865. The Galaxy s20 Ultra comes with either 12 or 16 GB of RAM and features an in-screen fingerprint reader for security.  On the Galaxy s20 Ultra, the camera profile is elite. The rear-facing cameras include a 48 megapixel telephoto lens that zooms up to 10x, a 108 megapixel wide angle lens, a 12 megapixel ultra wide angle lens, and a DepthVision Time of Flight camera. The device can record 8K video on Android 10. It comes with a 5,000 mAh battery and 45 watt fast charging with the plug and 15 watt charging with a Qi wireless charger.  It is available in Cosmic Grey, Cloud White, and Cosmic Black and is available on all major carriers. Samsung Galaxy s20 UltraBody: Aluminum with Gorilla Glass 6 Front and BackDisplay: 6.9-inch Dynamic AMOLED 2x (~511 ppi)OS: Android 10Chipset: Qualcomm Snapdragon 865Memory: 12-to-16 GB RAMExpandable Memory: Yes (microSDXC)Cameras: Rear – 108 MP (wide), 48MP (periscope telephoto) 10x, 12 MP (ultra wide), .3 MP( Time of Flight). Front – 40 MP wide.Sounds: Stereo Speakers, No Headphone JackBattery (endurance rating): 5,000 mAh (87 hours)Security: In-screen fingerprint readerMiscellaneous: Accelerometer, Gyrometer, Proximity, Barometer, Compass, Bixby assistant, IP68 dust/water resistantOther versions: Galaxy s20, Galaxy s20+, Galaxy s20 FE iPhone 12 Pro Max Apple has been at the top of the smartphone market each year with its new iPhone. This year?s best version, the iPhone 12 Pro Max, features the same stainless steel construction as recent iterations of the iPhone with Gorilla Glass 6 front and back. This one comes with a massive 6.7-inch Super Retina OLED display with a screen resolution of 1,284 x 2,778. The iPhone 12 Pro Max features Apple?s A14 processor, the first 5 nanometer processor in any smartphone, 6 GB of RAM, and up to 512 GB of onboard storage. Unfortunately, there isn?t an option for expandable memory, but carries an efficient 3,687 mAh battery and comes with 20 watt fast charging plugged in and 15 watt wireless Qi charging. It currently runs on iOS 14.1. The cameras on the iPhone 12 Pro Max are much the same as they were in the iPhone 11 Pro Max with three 12 MP lenses, but Apple has added a Time of Flight sensor for better depth in photos. Available in Silver, Graphite, Gold, and Pacific Blue, the iPhone 12 Pro Max will be released this week in November 2020. Apple iPhone 12 Pro MaxBody: Stainless Steel with Gorilla Glass 6Display: 6.7-inch Super Retina OLED (~458 ppi)OS: iOS 14.1Chipset: A14 BionicMemory: 6 GB RAM, up to 512 GB onboard storageExpandable Memory: NoCameras: Rear: 12 MP (wide), 12 MP (ultra wide), 12 MP (telephoto) 2.5x Front: 12 MP […]

Patch Management Software is notoriously imperfect, as indicated by the constant updates and patches that are rolled out for different titles and platforms. Cybercriminals are highly motivated to identify these imperfections and take advantage of them to achieve their own ends. As a result, the importance of promptly installing these packages is elevated to help avoid experiencing the ill impacts of such threats. Many businesses will only patch after testing the update (if they manage their patches at all). While this isn?t necessarily a bad policy, it is crucial that this process happens as quickly as possible to avoid exposing you to more risk. Device Control To state it plainly, you need to have some level of control over the security of any and all devices that connect to your business? network?regardless of whether they belong to the company, or if they are privately owned. This will help to ensure that vulnerabilities aren?t making their way into your business by piggybacking in on devices that may have connected to an insecure network. As more people than ever are also taking advantage of remote work, you should also make sure that your employees are able to securely access the resources they require to successfully complete their responsibilities. Again, the networks they use at home aren?t likely to be as secure as the one your business relies on should be. Implementing the use of virtual private networking to facilitate secure remote work should be considered a must. Benchmark Comparisons It is also valuable to know A: which solutions you are currently using and B: how well your security best practices line up to what can be considered acceptable. This can be accomplished by contrasting your own with the levels that have been previously established. With the information and data gleaned from such assessments, you will be better able to identify your most pressing security shortcomings and resolve them accordingly. Identity Management Of course, we can?t discuss network security without also bringing up the idea of controlling access to data based on a user?s role and associated need for the data in question. After all, someone in one department may have no need for the very same data that another department finds absolutely essential. Even more pressing is the fact that you need to ensure that only authorized users can access the network and its stored resources at all. Many security experts have shared opinions about how best to do so, and the modern consensus is swiftly migrating away from relying solely on passwords for authentication. Instead, a shift to multi-factor authentication?where an additional proof of identity is required?has become the prevailing wisdom. This can range from implementing time-sensitive generated codes into your authentication processes, to providing your users with a hardware-based security key that will provide them with access. Are you looking to improve your company?s network security? White Mountain IT Services is here to help. Our experts have the expertise gained from years of experience to evaluate your IT infrastructure and its protections to make recommendations as to the best improvements to make. Reach out to us at (603) 889-0800 to learn more.

Cybercriminals don?t care what kind of good will you?ve forged, all they want is your data or access to your network. This blind determination is a major threat to businesses like yours. One of the most prevalent scams is what is called a Display Name Spoof. It isn?t just your regular phishing scam, and today, we?re going to teach you everything you need to know to ensure that you aren?t a cybercriminal?s next victim. What is Display Name Spoofing? Display name spoofing is a spear phishing tactic where hackers will target an individual?who typically has access to the network or resources that the hacker wants access to?and sends them a vaguely worded email that is seemingly sent from a trusted source, often an authority figure. Since the email address and title look legitimate, subordinates who forsake security for alacrity can put your whole business in jeopardy. It works like this: Many professional emails will have a signature. Display name spoofers use  this to their advantage. What they will do is target a person, research them to find someone that could potentially get them to act impulsively, and use that information to phish the user. Below is an example of a display name spoof phishing attempt: As you can see, the only thing that looks illegitimate here is the actual email address and since some email clients don?t actually show the address by default, you wouldn?t blame a dutiful employee for following the instructions in the spoofed email.  What Can You Do to Combat Display Name Spoofing?  At your business, you have cameras, You have locks on the doors. You?ve developed secure access control procedures to ensure your employees have the authorizations they need to do their jobs. Why would your strategy change when aiming to protect your business? most important asset?  Just like with physical security, you need a strategy to protect your digital assets. Part of that strategy has to confront the fact that your business is going to get phished and that it is your responsibility to ensure that your employees are well trained, and therefore knowledgeable about how to identify and respond to these situations.  Here are a few tips on how to ascertain if a message is legitimate: Thoroughly inspect both the name and sender?s email address before you take action. Check the content for misspellings or completely incorrect uses of grammar. Consider if the sender would send a message asking you to take cavalier action. Consider if the sender would ask you to send them authorization credentials through email. If there is any reason that the recipient has a notion that the email is not legitimate, implore them to verify. Getting a verification of the email?s legitimacy typically takes minutes and can really help eliminate the risks that display name spoofing can bring to your business. If you need help understanding how to identify phishing tactics, train your employees to do the same, and knowing what steps to take when you realize you are dealing with a phishing attack, contact the IT professionals at White Mountain IT Services today at (603) 889-0800.

What are the Costs of Ransomware? Here?s the situation: in today?s increasingly connected world, cybercriminal activities can be conducted from essentially anywhere and target essentially anyone. It isn?t like the old-fashioned stick-?em-up robbery, where the criminal had to be present to commit the crime. Now, someone in Portugal could presumably rob the Federal Credit Union of Poughkeepsie without getting up out of their poltrona. One particularly effective tool that many cybercriminals will now use to do so is ransomware?a malware that encrypts a system and renders it effectively useless, only offering the user the means to pay the criminal responsible some fee in exchange for resumed access to their resources. Whether the cybercriminal holds up their end of the bargain is another, highly unlikely story. As we?ve said, we recommend that you never pay these attackers? but we do understand why you may feel that is your best option. After all, it seems like the fastest way out of a bad situation and when your business is hemorrhaging money due to downtime, you?re going to want to fix the situation as quickly as possible. This is precisely what the cybercriminals are counting on. Despite this, it really is a bad practice to pay for resumed access to your data for a number of reasons, not the least of which being the fact that you?ve no guarantee that your data will actually be returned and that the money you send will only fuel more attacks. However, that?s just the start of your problems, should you elect to pay up. Uncle Sam Wants to Dissuade Businesses with Different Tactics To try and discourage ransom payments, the Treasury Department is doubling down on the advice that the Federal Bureau of Investigation has been giving for years. Rather than simply discouraging businesses from paying, the Treasury Department has warned that the federal government could severely fine the businesses that pay out these ransoms for violating terms laid out by the Treasury?s Office of Foreign Assets Control. In their Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, OFAC outlines how many cybercriminal groups?including the North Korean Lazarus Group, the Russian cybercriminal syndicate Evil Corp, and individuals tied to SamSam and Cryptolocker?operate out of regions that are already subject to economic sanctions, or have had sanctions levied against them. These sanctions make it a crime to make any transactions with them?including ransomware payments. After all, once that ransom is paid over, who’s to say that the money doesn?t wind up in the hands of some entity that poses a direct threat to security? Unless given a special license by the Treasury, a business that facilitates ransomware by paying up could not only see losses in the amount of the exorbitant ransom demands, but also in the fines that could be levied up to millions of dollars. Technically speaking, this advisory isn?t an outright ban on ransomware payments, per se. Instead, companies are encouraged to contact law enforcement to obtain clearance to pay the ransomware or to try to obtain an OFAC license to do so. However, these requests are more than likely to be denied. There is also no telling how much these policies will be enforced, but it is almost certainly wiser to take them at face value and act accordingly. Impact on the […]