Tip of the Week: How to Improve Your Access Control

Most businesses rely on Microsoft Active Directory (AD) to handle permissions for users across the network. Active Directory lets you determine who has access to specific capabilities and resources on your network. Regardless of the solution that you use, it?s important to follow these thought processes when determining your access control. Check Who Has Access The first step to ensuring that your business and its data are safe is to ensure that access to your business and its data is appropriately limited. After all, John Q. Public almost certainly has no reason to walk into your offices at 2:30 AM. Similarly, a new hire shouldn?t have the same access permissions as an established manager does, either. Make sure you go through your network permissions and evaluate if any need adjusting. Limit Permissions To The Minimum A good rule of thumb to follow as you are evaluating your permissions is to give each user the fewest that they need to still be able to effectively complete their assigned responsibilities. Different departments need to access and edit different kinds of data for their specific tasks. For instance, if Department 1 only needs the data in Storage D in order to do their job, it doesn?t make sense to give that department access to Storage A through N. A good rule of thumb–only give those who need access to certain resources this requisite access. Enforce Password Best Practices Enforcing your users to use strong passwords, and forcing users to change passwords regularly will help prevent password sharing and duplicate passwords. The username and password have long been the required forms of identification that most accounts demand from a user. Unfortunately, the combination of the human race?s inherent laziness and the tools and strategies that cybercriminals use to crack passwords has made it so that an additional authentication measure has effectively become a requirement for security. Requiring 2-factor authentication can help to eliminate the risks that are posed to your business. For more assistance with your access control, or any other of your business technology considerations, give the team at White Mountain IT Services a call at (603) 889-0800.

The Security Questions Surrounding Cloud Solutions

That isn?t to say that cloud resources are lacking security, but many cloud options are managed by cloud providers and don?t give organizations enough control over the infrastructure to deliver sufficient peace of mind. As a result, cloud security becomes more end-point oriented, and like any other computing platform, requires a lot of the same strategies that you?d expect. They include: Ensuring data/solutions are securely accessed. Sufficient monitoring of all user/system access Thorough alert system in the event of unusual user/system behavior Obviously, managing and maintaining local infrastructure is much more intensive than managing end-points, but when a platform is accessible from anywhere on many different types of devices, maintaining vigilant policies that dictate user accessibility will go a long way toward keeping your cloud resources secure.  Understanding Cloud Security For small business owners, there is something that is relatively unsettling about cloud computing, especially when you consider how much companies have come to depend on those resources. Some businesses run their entire business in the cloud. Consider that, in essence, to manage the financial risk that you would take on by purchasing and managing onsite equipment, you are willing to take on the risk that your hosted solutions are managed and maintained up to your standards. For millions of companies, that transfer of risk pays off, but when it doesn?t, it can be catastrophic.  That?s why cloud security isn?t just a feature that comes with your business? cloud platform, it is an ongoing strategy that needs to be maintained. Consider how you protect the systems you host locally: you control access. You control who can access certain resources, how they can access them, and what types of authentication they need for access. Part of the benefit of cloud resources is its relative ease-of-use, and since cloud resources depend on the transfer of data/resources over an Internet connection, that simplicity can be problematic. One action you can take to adjust your security strategy is to make cloud platforms a little harder to access. Many cloud services offer solutions for multi-factor authentication. This technology goes beyond the password method by adding an additional step to the sign-on process. After a user enters their login information, instead of accessing the resources, the user will have to put in a randomly generated code to gain access. By adding a step to the sign-on process, the chances are better that the person accessing the platform is authorized to do so. White Mountain IT Services can help you use the cloud from start to finish. Our experts can help you find the cloud platform that meets your organization?s needs and utilize it in the most productive and secure way possible. To learn more, call our IT professionals today at (603) 889-0800.

Too Many Healthcare Organizations Still Use Windows 7

BlueKeep Background Discovered in May of 2019, BlueKeep was patched to try and prevent the malware from emulating EternalBlue, which was the exploit that enabled the infamous WannaCry cyberattacks which, among other terrible effects, took several hospitals out of commission in the United Kingdom. Now, with precedent established as to how important it is to keep solutions patched and up-to-date, you?d think that hospitals would move fast to implement it. Unfortunately, this isn?t the case.  Worse, BlueKeep impacts Windows 7, along with Windows Server 2008 and Windows Server 2008 (R2). You may recognize these systems, because they all have recently passed their end-of-life date and are therefore no longer protected against cyberattack. So, what does this mean? Simple: Not only was BlueKeep resolved via a patch, the impacted systems should no longer be in use in the first place. Reports have also indicated that an entire 22 percent of devices vulnerable to BlueKeep have not added the patch, and that almost half (45 percent) of connected medical devices are still vulnerable. These connected medical devices include things like x-ray machines, anesthesia machines, and other components critical to care. In summation, the state of medical IT looks grim. We can help. White Mountain IT Services is here to offer our assistance to healthcare organizations–and any other organization in a similar predicament–that need to improve their IT so that their patients are safe. For assistance with your IT (even if it only supplements your internal team) give us a call at (603) 889-0800.

How to Create an IT Roadmap for Your Company

Evaluate Your Current Technology Before you can create a new IT roadmap, you should evaluate your current technology first. Make a record of the company’s total systems and programs. Are they being leveraged correctly or used to their full potential?  Do they have any limitations that may be a problem in the future? After you’ve noted the full capability and quality of the company’s technological tools, you can start working on improving it.  Determine Your Goals and Objectives Once you’ve made those evaluations, it’s time to figure out the company’s most important strategic goals and objectives. The goals should be clear and specific. Next, spend time brainstorming how technology help the business achieve those financial and operational goals more quickly and efficiently.  Anticipate the Future Companies that don’t anticipate the future rarely succeed. Consider what the company may need in the future to stay ahead of the competition. Do you anticipate any federal or regulatory changes in your industry? Does your company plan to expand into different markets or offer new products? When you plan ahead, you can have the foresight to use technology that’s flexible and can easily scale with the company.  Plan Realistic Budget and Time frame Create a realistic timeframe and budget for the IT roadmap with several milestones you can use as markers to determine your progress. The most important objective should be the highest priority. Remember to include SaaS (software as a service) subscription fees, maintenance fees and other one-time or ongoing expenses when creating the budget. Incorporate Business Continuity Plans  The IT roadmap plan should also have a section that discusses how the technology will continue to function in case of an emergency. Every process should be clearly mapped out so that there’s no confusion later on.   Make the IT Roadmap Transparent To Every Employee Your company’s IT roadmap should be transparent to every employee. That can allow everyone to understands how leadership plans to leverage technology to meet the company’s strategic goals. When management is open about the entire process it can help build trust and credibility with employees, while making it easier for them to accept the changes. Hire Professionals To Create the IT Roadmap  Not sure where to start in making a tech roadmap? Don’t worry, you can easily outsource this to an experienced managed IT company. They can evaluate your company’s needs and consult key decision-makers before helping you develop a solid plan. An objective party can facilitate communication easier between departments and get a holistic view of the company. Besides creating the IT roadmap, they can monitor the progress of the project and make assessments.  Frequently Update the Plan Let’s face it, your technology strategy will continue to grow like your business. The IT roadmap will evolve over the years due to changes in the marketplace, government regulations or competition. You can also revise the plan to capitalize on new opportunities. White Mountain IT is a New England based company that specializes in providing professional IT management and support services to small businesses. Regardless if your company needs a short-term technology solution or a dedicated outsourced IT team, we can help. Please contact us today to learn more about how our experts can assist you with developing a long term technical strategy or roadmap.

Tip of the Week: Customizing Google Docs? Dictionary

Why (And How) Does Google Do This? The ?why? is simple. Google actively works to make its services more useful to its users, just as any solutions provider should. As to ?how?, that part relies on machine learning. Basically, Google?s technology constantly incorporates data to better work around cognitive bias and adapt to the way that people work. In this case, Google processes common sentences and phrases to better understand how they are intended to be used. By doing so, Google (and again, other solutions with similar features) assists users as they try to put their best foot forward in their writing. Of course, this is precisely why trying to come up with a name for your business or a service can be frustrating, unless you know how to ?teach? Google that your invented word is acceptable.  How to Add a Word to Google?s Dictionary This process is a remarkably simple one. Open one of your documents in Google Docs. Make sure your invented word (or name, etc.) is spelled as you want it in the document. In the top-left corner, you?ll see the button for Spelling and grammar check (Ctrl+Alt+X). Clicking it will open a box at the top of the right-hand side of your window. Your invented word should appear in the box, with Google?s suggested change. You will have the ability to:  Ignore the change Accept the change, or  Access more options through a triple-dot menu  For this process, you?ll want to open the triple-dot menu.  There, you have the option to Add ?[your invented word]? to dictionary. You can also review your personal dictionary from here. Of course, you could also just right-click the word and select Add ?[your invented word]? to dictionary from there, as well. Removing a Word Accidents happen, or you may eventually decide to stop using an invented word. You can remove words from the dictionary by: Opening a Google Doc that contains the word. Right-clicking on the word. Selecting the option to Remove from personal dictionary. Of course, if you happened to access your personal dictionary by following the process to add a word, you can easily delete a word with the trash can button that appears when you hover over an entry. There you have it: how to modify your personal dictionary in Google Docs. For more IT tips, tricks, and best practices, make sure you subscribe to our blog!