Tip of the Week: Taking Your Password Practices to the Next Level

Don?t Neglect the Tried and True Rules While we want a password to be easy to remember, we also don?t want it to be easy to guess. This is why we can?t help but shake our heads at the top-15 results of an analysis of data collected from the security website Have I Been Pwned: 123456  123456789  qwerty  password 1111111  12345678  abc123  1234567   Password1 12345  1234567890 1123123  000000  Iloveyou 1234  Many of these passwords clearly break some of the cardinal rules of password security, such as ensuring that there is a mix of character types included in the password, making sure that the password is of sufficient length, or using obvious words, like ?qwerty? or ?password.? What?s worse, it is probably a safe bet that many of the owners of these passwords had a tendency to recycle them across their accounts, putting more of their accounts at risk. None of this is a good thing for security, of course.  You definitely should not be using the same password to get into different accounts. This is not a good practice. The reason is pretty easy to explain: If a password were to be compromised for one account, that would mean that multiple accounts would be compromised.  A Proven Means of Securing Your Accounts There are several different ideas about how to do this. One means is to use a passphrase – a series of random words, rather than characters, that is both significantly more secure than most passwords and is easier for a user to remember. However, as is so often the case, you can start to encounter difficulties once the human element is introduced. We, as a species, tend to gravitate towards patterns, so we have difficulties creating a truly random series of words in our own. To counter this, an IT professional named Arnold Reinhold developed Diceware, a reliable means of generating a passphrase for yourself. Referencing the Diceware word list, roll five dice (or one die, five times) and find the corresponding word to the values you rolled. Repeat this process until you have a total of six or seven words, and you?ve got your passphrase. Why the dice? Simple – it makes it much more random, even than a user ?randomly? selecting words from the list of potential words to include. A Demonstration Let?s say we were to use this method now, and rolled the following number sets: 21633 16521 31336 13263 52452 33535 Referencing the word list, this gives us the following words… Criss Choke Gluing Bambi Rust Ice …and, as a result, our passphrase. The webcomic xkcd provides an illustrated explanation of why passphrases are so effective: However, many users will understandably hesitate to use passphrases, because this means that – assuming they subscribe to best practices – they will have to remember a series of six completely random words for each of their accounts. This is where password managers prove their worth. Utilizing a password manager to save your passphrases, and securing it with one, allows you to optimally secure your accounts without the need to worry about forgetting all of your access credentials. For more means of improving your business? use of technology, subscribe to our blog, or reach out to us directly at (603) 889-0800.

Some of the Worst Data Breaches Since September

This year we decided to keep a detailed ledger of all of the major data breaches to see where organizations dealing with these issues are going wrong. Here is a comprehensive list from the beginning of September.  September 9/5  Providence Health Plan – 122,000 members of the Providence Health Plan had personal information leaked when an unauthorized party accessed the company?s servers. Information that was stolen included plan member names, addresses, email addresses, dates of birth, Social Security numbers, member ID numbers, and subscriber numbers. Facebook – Facebook had an unprotected server with over 419 million records accessed.  Users had their Facebook?s user ID and phone number exposed. In some cases, user?s names, genders, and locations were also leaked. 9/16 Dealer Leader, LLC. – 198 million prospective car buyers were left exposed by an unprotected server. The information that was left out there included names, email addresses, phone numbers, addresses, and IPs. 9/27 DoorDash – The popular food delivery app had 4.9 million customers? information breached by a third-party. The information left exposed included the names, delivery addresses, phone numbers, hashed passwords, order history, and the last four numbers of each?s credit card number. In the same hack, over 100,000 delivery drivers had their driver’s license information leaked.  9/30 Zynga – The mobile game maker, Zynga, the developer of popular mobile games such as Farmville and Words with Friends has announced that 218 million players had their data exposed after their network was breached by a hacker.  The company had player names, email addresses, login IDs, phone numbers, Facebook IDs and more left exposed. October 10/17  Methodist Hospitals of Indiana – The Methodist Hospitals of Indiana fell victim to an email phishing scam and it allowed hackers to steal 68,000 records that included names, addresses, dates of birth, Social Security numbers, driver?s licenses, and more.  10/21 Autoclerk – Autoclerk, a hotel property management software developer had an open database infiltrated exposing data that included names, dates of birth, home addresses, phone numbers, dates of travel, travel costs, room numbers, and some masked credit card details of hundreds of thousands of guests.  10/22 Kalispell Regional Healthcare – Over 130,000 Social Security numbers, addresses, medical record numbers, dates of birth, medical histories and treatment information, and names of treating physicians were exposed by hackers. 10/26 Adobe – Data was exposed that included email addresses, usernames, location, Adobe product licenses, account creation dates, and payment statuses. 7.5 million users were affected. 10/27 Network Solutions – The world?s oldest domain name provider has exposed in a hack. Millions of individual?s data that include names, addresses, phone numbers, email addresses, and service information were compromised. November  11/9  Texas Health Resources – The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information, and more.  11/16  Magic the Gathering – The popular online strategy game has reported that an unsecured website database has exposed 452,000 player records that include names, usernames, and more.  11/18 State of Louisiana – The State of Louisiana has been a victim of a ransomware attack that took down many state agencies? servers. Although no data is said to be lost, the state?s crucial computing infrastructure was down for several days as systems were restored from backup. […]

Automation Plays a Critical Role in Cybersecurity

The global cost of cybercrime is on the rise, and is now estimated to be near $600 billion total. Cyberattacks are becoming more frequent which means your cybersecurity needs to be more vigilant. Automation is what is causing these frequent attacks, and the only way to combat this is to fight fire with fire.  There are a few ways automation does just that.  Security Automation Has Become Intelligent Data needs to be processed and analyzed in order to become usable information. Often times, the rate in which data needs to be processed simply cannot be achieved manually. This inability to meet required data processing rates can leave your business vulnerable.  Look at it this way. Every device on your network, from your workstations, to your servers, to your firewall, your antivirus, and everything else that handles cybersecurity, all generate logs of what goes through them. These logs can help you determine problems and threats on the network, but there tends to be so much data in the logs to go through that a single person can?t be thorough enough to catch everything. Automation can utilize machine learning and spot anomalies and only report the important things back to IT. This system can also be set up to automatically isolate a device from the rest of the network as soon as a potential problem is detected, to prevent it from spreading. Automation processes data at a rate which cannot be matched by employees. More so, automation has the ability to learn and adapt. This makes the accuracy in which it processes data unsurpassable. Automation Cybersecurity Beneficiaries  Where does automation provide the greatest value in advancing your business? cybersecurity?  Data-Supported Interfaces Without data organization or processing, drawing conclusions or making predictions is a difficult task. Reading and comprehending the data that has been organized by automation ensures you will catch threats more effectively.  A Stronger Defense Than Offence Cybersecurity is almost like a game of football. However, if your defense fails the cybercriminal doesn?t get a point on the scoreboard. Instead, they receive all of your data, and your business will experience devastating effects. Cybersecurity relies on defending against threats before they make it far enough down the field. Automation utilizes machine learning and rapid processing rates to protect your business from threats you otherwise never would have seen coming.  Detecting Threats When automation is utilized, your business will be able to detect faults in your cybersecurity. Even if your IT staff is on site for eight hours a day, five days a week, if a fault is detected, time is of the essence. You don?t want your business? data being served on a silver platter over the weekend if a fault is detected and nobody is available to react to the insecurity. White Mountain IT Services is your local leading expert in cybersecurity. Implementing automation does not need to feel like a troublesome task, in fact it can be quite simple. Our experts have the know-how to optimize your cybersecurity strategy, so call us today at (603) 889-0800!

Getting to Know Technology: Fiber Optics

Fiber optic cabling can help everyone to do so. A type of network cable, fiber optic cables contain tiny strands of glass fibers, each wrapped in an insulated casing. These fibers, not much thicker than a human hair, transmit data by providing a pathway for it to travel through. These signals are maintained by the light being reflected by the cladding – a layer of glass that surrounds the core to insulate it. As you may imagine, this is a very efficient way to transmit data – light is famous for being fast, after all. Furthermore, fiber optic cables can support a higher bandwidth as well as keep transmitted data more stable over longer distances. Now, a lot of the infrastructure that we use every day is supported by fiber optic cabling – including a lot of the Internet, telephone systems, and cable television. The benefits of using fiber optic cabling include: Higher Data Capacities – A fiber optic cable is capable of carrying far more data than copper cables could. Fiber cables can transmit 10 Gbps, 40 Gbps, and 100 Gbps. Longer Distance – Light can go much further without losing its strength, eliminating the need for as many signal boosters. Less Interference – By its nature, copper cabling is susceptible to external electromagnetic interference, and the shielding that is implemented to prevent this interference isn?t always effective. Fiber optic cable isn?t susceptible, and so interference of this kind isn?t a problem. This makes fiber-optic cabling the preferred choice for long-distance connections, but some Internet providers use it for direct access for customers. Here are the ways these cables are deployed: Fiber to the Premises (FTTP) – Fiber used to deliver media services to residential buildings. Fiber to the Building/Block/Premises (FTTB) – This is fiber optic cables used to support commercial buildings. Fiber to the Curb of a Node (FTTC/N) – This cable is connected to a node, which then uses copper cables to connect to customers. Direct fiber – The is fiber optic cable that runs directly from the central hub to the customer, which costs a pretty penny. Shared fiber – Essentially the same as direct fiber, but split to serve multiple customers. While it is possible to get a fiber optic connection to your business, it is extremely expensive to do – prohibitively expensive, in fact. With the costs that it comes with, it may only become an option if your provider is actively rolling out a new infrastructure. To learn more about the technology that powers today?s businesses, and how you can put it to use for you, keep reading our blog!

5 Ways Your Company Can Benefit from Leveraging Technology and Working with a Managed IT Provider

Benefit #1: Technology Can Help Your Business Operate More Efficiently Successful businesses know how to leverage technology so that their organization runs smoothly and efficiently. Software and other programs can help employees save time so they can be more productive. Key integrations, automated tools, and other technological tools can help everyone complete their work faster with less effort. Benefit #2: The Right Technology Can Elevate Your Brand Image  Technology can also help elevate your company’s brand image or give it a certain cache. If your business uses the latest software and equipment, you will be considered an early adopter – especially if your industry is not that tech-savvy. Chatbot marketing, a polished Customer Relationship Management system and responsive web design will give your customers the impression that your business is up-to-date and very tech-savvy.  Benefit #3: Certain Types of Technology Can Reduce Overall Liability  Every business owner must carefully manage risk for their company to survive. One of the great things about technology is that it can reduce overall liability. IT technicians can download backup copies of important files, web developers can put up firewalls to protect the company’s website and other IT staff can encrypt sensitive information so that it would be less susceptible to malicious cybercriminals.  Benefit #4: Technology Can Help You Take Advantage of Other Business Opportunities There are certain opportunities that your company as a whole may not be able to enjoy if it doesn’t have the right technology. For example, your business won’t be able to leap into the smart home device space and set up Google Home or Amazon Alexa skills if your business is not prepared or doesn’t have the right technological tools. You also won’t be able to take advantage of several opportunities that are available online if your business does not have a website or social media presence.  Benefit #5: Technology Can Help Your Business Save Money  Technology can also make it easy for companies to scale faster and more efficiently, which can help them save money overall. An example of this is when a software system can do the job of three people and you can lower your payroll expenses since you won’t have to hire more employees.  Now that we have discussed several ways your business can benefit from using technology, here are several reasons why you should consider working with a managed IT service provider: Managed IT Service Providers Can Help You Strategize Additional Ways to Save Money If you (or anyone else on your staff) are not subject matter experts when it comes to technology, you should seriously partner with an outside IT provider. Their team can help you make informed decisions and guide you towards technological strategies that can usher in additional cost savings. They can also assist you and other leaders in making educated budgets and provide other guidance.  Managed IT Service Providers Have a Team of Experienced Professionals Another advantage of working with an outside Managed IT Service Provider is that you will never again have to worry about finding and hiring qualified staff for an in-house IT department. The Managed IT Service Provider you select will have already vetted their workers and assembled a large team of experienced professionals who can handle your company’s concerns. They can also provide very fast technical support at all […]