You Still Have to Hit Your Marks

Small Business During COVID-19 When the first stay-at-home order was issued in March of 2020, small business owners were less phased than their employees. Some maintained that they would defy the order because they simply didn?t think they could trust their workers to be productive at home, and some weren?t set up for the type of extended remote work. Two weeks later, however, there was a completely different song being sung. Governors were serious about closing businesses to protect the health of workers and to ensure that the healthcare facilities weren?t overrun with sick people.  The small businesses that were able to move their operations offsite quickly realized the benefit of having solutions in place that allowed for remote workers. The ones that didn?t either scrambled around to try and get digital or had to suspend operations. Unfortunately, some of those companies will never reopen. Relying on remote productivity was the only way forward, and for the past three months, business owners have reaped the benefits of this technological shift.  Many workers have been asking to have work-from-home flexibility for years. Employers, up until the beginning of May, weren?t really that receptive. In fact before the pandemic hit, just under five million–or 3.4-percent–workers in the United States worked remotely for one company. 13 million total (including gig economy workers) worked remotely at least one day at the end of February. By April 31, however, 63-percent of eligible workers had worked from home for at least two days. That number continues to climb. Some would say that the stigma that went along with it is all but completely lifted and expect that work-from-home flexibility will be here to stay. That, of course, remains to be seen, but one thing is for sure, employees are generally staying productive during this crisis.  Why Was There a Stigma on Remote Work? In the early 2010s there was a major shift towards allowing remote workers, but it was stigmatized when productivity figures for companies that embraced the policy were down. About the same time Yahoo!, which at that point was a failing Internet behemoth, decided to recall their remote workers after it was found out that remote executives were outsourcing their work offshore and collecting large paychecks. Other notable Silicon Valley firms followed and startups, not wanting to waste on unproductive remote workers, created their own policies with this very public scandal as the impetus.  If you take the very public stigma and you add in the fact that employers have more control over their staff if they are working on the same computing network at the same location, it was a perfect storm. Coupled with the possible distractions people have while they work from home, you can?t really blame employers for making the decision to not offer remote work to their employees.  Now, having been forced into it by the COVID-19 pandemic, the stigma has all been lifted. Some people work better remotely, and while it may have taken your staff a little bit of adjustment, after some time, most businesses are seeing that their operations can work, and often excel with the use of remote workers.  On the other hand, the workers themselves, after the initial adjustment period have met the challenge head on. Whether they will be as productive when society reopens […]

Reopen Your Business with Confidence

Defend Your Staff Regardless of where your employees are doing business from, having the protections in place to cover your data and infrastructure is important. Since data security is extremely important for almost every business, it won?t hurt to remind your team how they fuel data and network security. Here are some practices you should consider training your staff on: Maintain password hygiene: Passwords and passphrases need to be unique and complex enough as to not be guessed by hackers. Best practices for password hygiene include: Not reusing your passwords Updating your passwords frequently Not sharing your passwords Using a password manager Only use secure connections: Data can be intercepted and stolen when sending it from an insecure connection. Be sure to have the tools, like a VPN, that will allow for reliable and secure data transmission, regardless of what network it is on. Push software updates: You?ll want to update and patch software regularly.  Use MFA: Multi-factor authentication gives authentication a second step, further securing your data behind an alternate, randomly-generated passcode.  Secure Your Business? Physical Assets You would be surprised how much digital theft is done by someone who gained access to credentials in person. To secure your place of business, you will want to: Control access: The best way to secure physical access to your hardware is to control who has access to what. By requiring authentication to get access to physical assets, you won?t have to worry as much about theft and user-based catastrophe.  Keep an eye on your business: Monitoring your business using digital cameras, and access logs is a great way to both deter people, and allow for quick resolution if something were to happen.  Insulate Your Data Storage Systems Possibly the largest risk to continuity that your business will face, your data isn?t inherently resilient. It can be damaged, deleted, and manipulated. That?s why you will want to: Track your data: Knowing where data is, how it is being used, and who is using it are important considerations.  Restrict access to those who need it: The less exposed your data is, the less that can go wrong. To protect your data from loss, you should be diligent about controlling access to it. Maintain a data backup: You will need to keep your data secured by backing it up. Using the 3-2-1 rule is a solid practice here. That is keeping three copies of your data on two separate types of media, one of which is offsite. There is a lot to take in here, but we think that once you understand, your data will be safer than ever. Call the IT professionals at White Mountain IT Services today at (603) 889-0800 if you need more information.

Why You Need to Audit Your Security

What Is Involved in a Security Audit? The goal of a security audit is to determine that your security solutions are doing their job, but it doesn?t just stop with hardware. Some security audits can test the strength of your network policies, your overall infrastructure, and even your employees. The point is to determine if your overall security strategy is adequate. Sometimes the end result might be decommissioning or consolidating security hardware and software, and other times it might require additional solutions to be installed, or additional configuration to your current environment. At the end of an audit, you should have a clear understanding of what vulnerabilities were detected, and how to deal with them. Since technology changes so fast, especially in a business environment, it?s important to run regular security audits, as even process changes and software updates could result in new vulnerabilities that weren?t there before. Documentation is key here. A proper audit will result in very extensive, very clear documentation on what was discovered, how business objectives related to security were (or were not) met, and the steps or tools required to meet those goals. Sometimes this might mean breaking down objectives to individual departments – your HR department might have more stringent requirements than your sales floor. The end result should be clear, prioritized action items to resolve issues all across the board. Some Things an IT Security Audit Might Discover This isn?t a comprehensive list, as there are hundreds of issues that could be flagged in a thorough audit, but these are some of the most common items that are often discovered: Poor password hygiene Data retention/backup policies not getting followed Granting permissions to users who don?t need them Misconfigured or outdated security software Inconsistent access control levels on folders on the network Non-compliant, unauthorized software installed on workstations Sensitive data being stored incorrectly Undocumented, outdated, or untested incident response plans Insufficient (or non-existent) activity auditing …and many more. Security Audits are Required for Compliance If your business needs to comply with one of the many types of regulatory compliance standards, you need to perform regular audits in order to stay compliant. Here are just a few of the more common types of compliance audits. SOC 2 type I SOC 2 type II ISO 27001 GDPR (General Data Protection Regulation) SOx (Sarbanes-Oxley Act) HIPAA PCI-DSS FINRA FISMA …and many more. If any of these apply to your business, then regularly scheduled security audits are required in order to maintain compliance. If you aren?t sure, or you need to have your security checked, reach out to the IT security experts at White Mountain IT Services. Give us a call at (603) 889-0800 to set up a consultation to discuss your cybersecurity posture.

Tip of the Week: How to Encourage Remote Collaboration

1.  Set the Precedent for Communication The importance of communication is always present, but it is even more critical to your operations when your people are working from home. To encourage your team to communicate with one another properly, you will need to actively take the first steps and establish procedures that require them to. What do I mean by this? It?s simple enough. Rather than relying on your team to take it upon themselves to reach out to their coworkers, add a morning meeting time that involves everyone on a given team or within a certain department. By requiring your team to actively communicate with one another you are establishing a standard for your employees to live up to throughout their workday. Don?t be afraid to reach out to your employees on an individual basis to check in on them and see how they are doing as well, whether this happens each week or even every other week. 2.  Provide the Tools Needed for Collaboration Again, when people are working in the office setting, collaboration is frequently as simple as facing one another and starting a dialogue. Remote work complicates this process considerably. You can simplify it again by making sure your team has the solutions they need to communicate efficiently with one another. Plenty of tools are now available that give your team the means to communicate their messages in the best way possible. You should make sure that your team has the tools needed to do so, including email, instant messaging, VoIP (Voice over Internet Protocol), and conferencing platforms that provide them with different options for the assorted kinds of communication that will have to be exchanged. Emails aren?t the best for quick-response-needed messages, for instance, so having a combination of programs at your team?s disposal will help. 3.  Embrace Business Casual No, I?m not talking about the work-from-home dress code. One of the big shortcomings of remote work is the inherent lack of company engagement it can frequently cause. To counter this and prevent the burnout that many remote workers can see, make use of your communication tools and share some fun, not-strictly-work-related things. Encourage your employees to share what they?re having for lunch with each other, or any pictures they took while out on a weekend walk. The unity and low-key competition that these activities foster will help your team keep up the coworker relationships that help move business along. With the tools and support that we offer, White Mountain IT Services can provide your team with the means to exercise this kind of collaboration. Give us a call at (603) 889-0800 to learn more today.

Business Improvements to Consider as You Resume Operations

Let?s go over a few of the technologies that we recommend you embrace as you get back to business. Updated Solutions It is no secret that many cybercriminals have taken advantage of the current situation to hit businesses while they are down. This means that you need to prepare to deal with these attempts moving forward. The first step to doing so is to make sure that your business? assorted hardware and software solutions are up to date with any applicable updates and have been replaced when a better option becomes available. Not only will this make your solutions more secure, you will also see improved productivity and overall capability from newer solutions. As a result, your team will be able to accomplish their goals safely and effectively with the best tools available. Monitoring and Maintenance Once your team is back in the office, they will need to work at maximum efficiency to make up for lost ground. To accomplish this, they will need their tools and solutions to be available to them as much as is possible. Working with an IT resource who has the capability to monitor your solutions and resolve any issues they find remotely will prevent challenges from interrupting your staff. Oftentimes, these issues can be mitigated before your team is even aware that they are present. Cloud-based Technology The increasing development of cloud-based tools has opened possibilities to many businesses across the industry spectrum, with solutions to see to general business needs to the highly specified needs of each vertical. In addition to that, using the cloud also has the potential to expand your business? functional mobility through telework, as we will touch on next. With cloud technology by your side, you can have the mobility and efficiency that your successful operations require. Telework and Communication If conditions once again cause businesses to shut their doors, the right solutions can help prevent this from interrupting your operations a second time. Remote work is far easier with the support of the right technology, especially when paired with the communication tools your team will need when not working side-by-side. Fortunately, the cloud can cover many of these needs through Software-as-a-Service, Voice over Internet Protocol, and the far too many options to list here that it can support. If you elect to go through this route, however, you will want to be certain that your team isn?t inadvertently exposing your data to risks as they work. This will require a few safeguards to be in place. Security and Authentication To ensure your use of remote operations and telework doesn?t do more harm than good, you need to be sure that your employees are following the proper procedures. The use of a Virtual Private Network, or VPN, will help protect the data that your employees access as they are working remotely, in addition to the security solutions that you should have installed on each endpoint your team uses. Furthermore, your team should also be required to use authentication measures that meet best practices. This includes passwords that are sufficiently secured and multi-factor authentication wherever it is available. In the office, your solutions should have all the requisite defenses against downtime as well, to eliminate the possibility that they could be rendered unavailable to your team. White Mountain IT Services can help you […]