Recent Blog Posts

Typically, Microsoft releases patches on ?patch Tuesday?, or every second Tuesday of the month, but because of the threats these vulnerabilities created, they went ahead and patched them. Let?s take a look at the two patches they released in their rare out-of-band patch.  Internet Explorer Zero-Day The major vulnerability that was patched was a zero-day vulnerability found in their antiquated Internet Browser, Internet Explorer. Being a zero-day vulnerability, it had already been exploited in the world, explaining the need for the unscheduled bug fix.  Not much is known about the vulnerability, but Microsoft has suggested it was a remote code execution exploit that, if taken advantage of, could give an attacker complete control over the account of another user. The exploit requires that the hacked party click on a link in a phishing email while using Internet Explorer.  Fortunately, IE is only used by under two percent of users, but attacks have already happened so remaining vigilant about any use of IE is important. Stay away from IE and you won?t have to worry about security problems coming from the old browser.  Microsoft Defender DOS Bug The second patched issue in the out-of-band patch was a denial of service exploit in Microsoft Defender, the antivirus shipped with Windows 10. The bug doesn?t seem to be overly troubling, as a hacker would need unfettered access to a computer and the ability to execute code. The code would disable Windows Defender?s components enough to give hackers access, and the ability to take over the system with malware or ransomware.  Keeping your software patched and running smoothly is extremely important. Reach out to our expert IT technicians today to see how White Mountain IT Services can help you manage your system updates and software management at (603) 889-0800.

Understanding G Suite G Suite is effectively Google?s collection of applications that businesses can leverage to assist their operations. Originally released as ?Google Apps for Your Domain? about 12 years before the time of this writing, this solution was slowly added to over the years – eventually being rebranded to ?G Suite? in September 2016. Today, the solution is kept free of any advertisements, and even better, none of the data stored within is used to inform advertisements, either. What?s Included in G Suite? G Suite includes a wide variety of solutions under its blanket, so this will not be a comprehensive list. Instead, we will focus on the commonly known highlights, as these are the ones that can clearly deliver value for you and your users. Gmail Gmail is Google?s email software, first released in 2004. As a part of a G Suite plan, it offers each user 30GB of storage and assorted email options. For instance, not only can you have unlimited Google Group email addresses (so instead of listing everyone in your customer service department as an email?s recipient, you can send one email to your entire customer service department), you can also customize your email addresses to match your business? domain. This looks much more professional than having ?@gmail? at the end of a business email. Docs, Sheets, and Slides Added to the platform in 2006, these solutions make up Google?s answer to the word processing, spreadsheet generating, and presentation building programs that have a useful place in just about any business. Featuring full collaborative capabilities, these solutions encourage your team to work together to accomplish their objectives by giving them the tools to do so simply. With all progress automatically saved – including a complete, restorable revision history – working on tasks as part of a larger, collaborative group becomes that much easier to pull off successfully. Drive Launched in 2012, Google Drive is the cloud storage platform included with G Suite. With this platform, your business users can have access to all of the content and files that they need to fulfill their responsibilities. It is also compatible with assorted file formats, eliminating the need to install plugins or additional pieces of software to view its contents. Thanks to Drive, collaboration is much more simple to accomplish, and different plans offer different storage options based on your business? specific needs. Calendar Integrating with Gmail, Google Calendar is an easy way for your team to keep their schedules and responsibilities straight. Let?s say a user has to arrange a meeting with a few coworkers. Google Calendar permits them to see their coworkers? availability, preventing the productivity-killing, ?No, that time doesn?t work for me? how about…? discussions. Other Capabilities With a Business account, you are able to access your own G Suite Admin Panel. Essentially your control room, the Admin Panel allows you to manage each and every setting. Here?s a brief overview of just a few of the options available on the Admin Panel: Users This is where you add new users to your account. From here, you can also manage what attributes your users have (or essentially, the details about them that you have recorded – like start date, location, job titles, et cetera) and when they last signed in. Groups You can organize […]

What Exactly Is Phishing? Remember those weekend fishing trips you spent as a kid, staring endlessly unsure which bait to use? The goal was for your bait to look as real as possible, ensuring you wouldn?t leave without a bite. Phishing has been appropriately named due to the similarities. Unfortunately for most businesses, your employees are the fish?s replacement and that wall-mounted trophy fish becomes an unaffordable amount of data loss.  Posing as a fraudulent website or persona with the intentions to steal data or access credentials yields a high reward for cybercriminals. Trial and error has revolutionized phishing into a much more effective means of theft. There are numerous different kinds of attacks, which can be split into two categories. The first category is general phishing. This makes use of an email that is written to apply to as many people as possible. The sheer volume of emails sent, typically rewards a cybercriminal with at least a few hits. The second is commonly known as spear phishing. This method of phishing is a much more personalized cyberattack. Cybercriminals typically do an uncomfortable amount of research to increase their odds of fooling a specific target. This method has proven to be extremely effective, especially since these messages typically appear to have been sent from an authoritative figure.  What reward does this yield? Phishing attacks can be used to steal credentials, infect a workstation or network with malware, or just fool a business user into making false orders with business funds.  Phishing 101 – Types of Bait There are many different baits cybercriminals are using. Most of them fall within the same outline, so learning what to look for applies to most cyberattack attempts.  The message?s content provides clues. Oh dear! The program I use was under an attack, so changing my password is recommended! How convenient though, the password-change link has been provided! If something is too convenient, especially password changes, chances are it?s phony. Phishing attacks are only successful if a user cooperates with the cybercriminal. If you are under the impression that an application has been a victim of a data breach, and you feel as though changing your password holds a value, then do so. However, navigate to the application?s website in order to do so. Convenient links are often spoofed links.  Observe the language within an email. If an email is sent to ?Customer? rather than you, chances are this is our first method of phishing we discussed — general phishing. Lack of personalization indicates lack of legitimacy.  Does the email make you feel threatened? If a supposed sender communicates a sense of urgency, potentially including a threat of serious consequence, ask yourself the following question. ?Does this seem like the best way for a legitimate business to communicate with a client?? If the answer is no, avoid exploring the email further.  Look before you click! As humans, we make mistakes. However, a typo in an email address is unacceptable. If a provided link says something like amzon.com or payal.com/secure, it is wise to avoid it. If there are any additional periods following a domain, but before the first forward slash, this also indicates phishy activity. Something like www.amazon.com.ru/passwords is an easily identified phony email address. If you aren?t able to see the full link provided […]

Modern times have gifted us with methods to defending ourselves from cyberattacks. There are solutions available to keep your business safe, and projections show that certain technologies will emerge that will much more effectively protect your business. Artificial Intelligence – Business? Best Friend One of the most effective ways in combating cyberthreats is introducing artificial intelligence where applicable. One of the weakest links in any business chain, are the employees. Now we aren?t recommending dismissing all of your employees and hiring robots as replacements, but by default humans are prone to making mistakes.  Whether an employee turns spiteful after not receiving a promotion, or a careless one clicks the wrong link, humans make mistakes that AI simply would not. Today?s security solutions need constant monitoring to ensure that they are operating as they should. In the near future, your business can integrate AI into your security processes. This can resolve some of the common issues. Say Carl skips work, and does not reassign someone to monitor business security systems. While some employees like Carl will play hooky from time to time, AI is able to monitor systems 24/7, once they are taught what to keep an eye out for and recognize. They also are able to monitor these systems much more effectively than any human could, including Carl.  AI can even go beyond defense, and delve deeper into prevention. As the world of artificial intelligence continues to be explored, new technology begins being implemented in business practices. AI may replace traditional access management processes, replacing passwords entirely. The idea is rather than trusting your employees are using strong password practices for every account, AI will be able to monitor the user?s behaviors, workplace roles, and common actions. If the system recognized any deviations, an additional form of authentication such as biometrics would grant or deny access.  Like the flat screen TV?s early days, this level of technology has one major obstacle – cost. However, as this technology is adopted and explored, the cost may become more feasible for small to medium sized businesses.  Why 5G Connectivity Needs to Remain on Your Mind Artificial intelligence promises to advance a wide variety of processes. The use of 5G and data-intensive tasks are amongst them.  With every new device that is connected to the internet, an additional opportunity arises for a cybercriminal to take advantage of poor security standards. The capabilities that 5G connections have need to be heavily considered. Think about this: you?re riding down the highway when suddenly your self-driving car loses all connection due to a cyberattack. Considering that on a daily basis, your self-driving vehicle will equal roughly 3,000 times your daily data output, data overload is a serious security concern.  While there?s still time before these concerns materialize, there are plenty of present-day cybersecurity concerns that your business needs to anticipate. White Mountain IT Services has the experts you need to protect your data. Give us a call at (603) 889-0800 today!

What is AR? Augmented reality, for those who don?t already know, is the act of adding information to reality through the use of cameras and displays in real-time. Some of the most popular use of AR thus far has been the mobile game Pokemon Go, and Snapchat and Instagram filters. There are also several businesses using AR in their marketing applications. Advances in AR The advances in AR to this point have been mostly limited by the devices in which the technology?s applications run on. While it is possible to use a stand-up AR display on a smartphone, the limitations of the screen (under 7? for most devices) leaves users wanting a bit.  That?s not to say that there aren?t a profusion of companies looking for a way to incorporate AR in some way. Here are some reasons AR is improving rapidly: Faster Connectivity AR has begun to find its footing on 4G LTE connections, but as 5G begins to be more prevalent the immense amount of information that AR needs to function properly will be available. The higher bandwidth that is available, the better AR systems will perform.  Better Hardware With each new year that passes, hardware gets better and better. Better processing, improved sensors, and efficient designs of face-up products have, and will be, a driving force in AR for years to come.  Applications A lot of different organizations are looking to AR to fill needs. Marketing agencies are starting to use AR in their marketing initiatives as it significantly enhances customer engagement. AR is also seeing a large jump in the training and development sector as it provides information students and workers need to know, when they need to know it. It allows for hands-on training in several different industries.  Lower Costs AR is becoming more commonplace. As a result, the cost of deploying AR systems is shrinking significantly. As the technology continues to get more applications and more devices that work with it, costs will continue to plummet.  Augmented reality is the future of training and education, marketing, and information distribution. What do you think of AR? Leave your comments below and be sure to subscribe to our blog.