Recent Blog Posts

Habit 1: Too Few, Too Weak Passwords This habit is a particularly bad one, as an employee with a weak password can potentially undermine your entire organization?s security. While nobody likes having to remember a different, complex password for every account they have, many users will default to reusing one password. What?s worse, these passwords are often very simple – simple enough for a hacker to decipher will little trouble. While some will require a little detective work on the hacker?s part, like a personal detail that can be found somewhat easily, an unfortunate number will use something too easy, like ?password? or ?12345.? You need to hold your staff to a higher standard. In addition to establishing minimum password requirements, make sure these passwords are updated regularly. If remembering these passwords proves to be a challenge, suggest alternatives, like a password management solution or using passphrases. Habit 2: On Top of Having Too Few, Too Weak Passwords, Sharing Them One thing that all of your employees will have in common? Whether you call it ?being efficient? or ?cutting corners,? they will always be on the lookout for ways to simplify their work processes. One simple way (in their eyes) to do so? Sharing credentials! Now, for the record, this isn?t in reference to company-owned accounts that are often set up, such as company social media accounts and shared resources. However, since these should be managed by (surprise, surprise) the company, these aren?t really applicable to our considerations. The main takeaway here is that anyone in your company could create a very bad situation through the wrong actions, and any safeguards you have (such as password protection) are in place to keep the company safe. Habit 3: Storing Company Files in Personal Storage Solutions While cloud computing provides a vast amount of value and utility for businesses, there are also a few concerns you need to be aware of. For instance, it isn?t uncommon for employees to utilize their own personal cloud solutions to store company files. It is important to address the fact that their motives for doing so are oftentimes pure. If an employee wants to commit a little extra time to a project, they very well may simplify things for themselves by sharing a company document with their personal cloud account. However, by doing so, this employee is also taking this document out from behind the protections your company should have in place for its data. This simply should not be done, despite the good intentions that motivate your employees – after all, we all know what they say about good intentions. Fortunately, there are solutions out there to allow your employees to safely access work materials, boosting their productivity without undermining your data security. Habit 4: Introducing Shadow IT Shadow IT is software (or hardware) that has been installed (or implemented) on your business? solutions without the knowledge or approval of IT. This usually happens when your employees are unfamiliar with the solutions you provide to them, so they instead seek out an alternative that they prefer to use. Unfortunately, shadow IT is often the cause of severe issues, so your users need to be compliant to a policy of clearing any technology not provided by IT past IT, helping ensure nothing problematic pops up. Habit […]

There are three ways you can organize your files. You can distribute them based on clients (or projects), dates, or file types. We?ll focus on how it can be beneficial to organize your files based on the file type. A file-based setup helps you group all files in folders designed to hold a specific file type. If you have a lot of ebooks, for example, they would be placed in a folder that is labeled ?ebooks,? meaning they are all located in the same place, not all over your desktop or Downloads folder. This file organization method focuses on making sure all files are in places where they belong. This could take some work, but it?s well worth the effort. If you work for a business, chances are they use a shared network of some sort with its own custom file storage nomenclature, so be sure to do your research before making any major changes in file storage. Tip #1: Stick to Your Filing System Once you?ve made your choice on a filing system, it?s important to stick to it. File things away as soon as you can; this keeps folders like Downloads from getting too out of control. Plus, you mitigate the risk of misplacing files by putting them in the right location as soon as possible. Tip #2: Avoid the Desktop & Download Folders That being said, it might be tempting to just choose your desktop or the downloads folder for storing files, but you should avoid doing so at all costs. The issue stems from the fact that your desktop only has so much real estate, meaning that it will fill up before long and leave you with a giant mess to clean up. If you put the files where they are supposed to go as soon as possible, you can avoid clutter and wasted time by knowing exactly where files are located soon after the download. Tip #3: Sort Once a Week If you aren?t able to file away files where they belong immediately, you need to make it a point to do it periodically. We suggest once every week or once every 10 days or so. If you go any longer than this, chances are it will get pretty messy. Tip #4: Naming Practices A great way to sort out of your files, even in folders, is to use a naming convention that distinguishes them from each other. That being said, having a ton of files with the same names will be confusing. Therefore, you should shoot for specifics when putting together file names. Managing your files doesn?t have to be challenging. White Mountain IT Services can help you out with that. To learn more, reach out to us at (603) 889-0800.

Here?s what we know: Capital One has admitted that the personally identifiable information (PII) of over 100 million American and Canadian credit applicants? information has been exposed. The company did admit that no credit card account numbers or authentication credentials were compromised in the hack. They also go on to mention that in 99 percent of the files, social security numbers were not compromised. The largest category of information that was accessed were individual and small business credit applications that span from 2005 to 2019. The perpetrator, Paige Thompson of Seattle, Washington, was a former software developer for Amazon Web Services (AWS), which took advantage of a firewall misconfiguration to gain access to the information, AWS confirmed Monday. The flaw came as a result of a setup error and not a flaw within the massively popular AWS. The breach happened on March 22 to 23, 2019. Thompson was apprehended as a result of being reported to Capital One for storing incriminating evidence on her Github and Slack accounts. Capital One contacted the FBI on July 19, 2019 and after a short investigation, Thompson was arrested and indicted by the Western District of Washington. The CEO of Capital One, Richard Fairbank released the following statement: ?While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.? For a full report of the event, visit: https://www.capitalone.com/facts2019/ Capital One has said that it will inform you if you have been a victim of this massive attack, but if like many of us, too much is at stake to wait for the company to reach out to you, you can take some immediate steps to safeguard your personal information. Check your accounts – Account monitoring and fraud detection should be a major part of any action you take to secure personal information. Change passwords – One great way to at least feel more secure after a major hack like this is to immediately change your passwords. Freeze your credit report – One option you can take to protect yourself is to freeze your credit report, this won?t let any credit reporting services check your credit, meaning if someone were to try to take money out in your name that the banks wouldn?t be able to authorize credit. Avoid scams – A big part of keeping any data secure is to not give unauthorized parties access to it. That means avoiding phishing attacks and other scams. Continued vigilance – Vigilance over your account information, your personally identifiable information, and your overall financial health is more important than ever. As mentioned above, credit monitoring and fraud detection services give users tools to combat unauthorized access. Keeping yourself and your business secure online is more difficult than ever. To learn more about data security, subscribe to our blog.

Here, we?ll review what you need to address if you are to properly attend to each. Properly Preparing a Data Backup There are numerous considerations to keep in mind as you go about arranging a backup solution for your data. Have Data Handling Policies and a Scalable Solution – Your first order of business should be to determine: Which of your data needs to be backed up, how often backups will be taken, how these backups can be accessed, and what tools will enable backups to be taken. What data your business needs to retain, for how long, and in what format. Which data should be destroyed, when it will be destroyed, and how it will be destroyed. Unless you?re planning on going out of business in the near future for some reason, you need to keep in mind that your backup solution is going to need to hold an increasing amount of data as time passes. In light of this, you will want to be sure that you can efficiently scale your backup solution to maintain its cost-efficacy. Your Backup Needs to Fit Your Needs – Not only will your particular business and its data require certain things of your backup solution, best practices and good sense will demand that your backup meets certain criteria as well. In order to remain secure, you should maintain multiple copies of your backup, with some of those copies located in an off-site location. Many businesses keep to the 3-2-1 Rule, with at least three copies of their data, stored in at least two places, at least one of those places being accessed remotely. Some industries require more stringent regulations and requirements to be adhered to, which may influence your backup needs. Make sure you are familiar with any demands that your industry vertical imposes. Does Your Backup Solution Pass the Test? – If your backup solution isn?t confirmed to be effective before you need it, you might as well not have one. This means you will need to evaluate your backup by testing it periodically – before you?re stuck relying on it. Designing Your Disaster Recovery Strategy You will also need to take certain factors into account as you put together your disaster recovery strategy. Keep in mind, a disaster could be as simple as the power going out in your office, or a flood taking out your entire office. Know Who Needs to Know – When a disaster strikes, who is the first person that needs to be notified? The second? The third, and so on? In the midst of a disaster, it is important for company leadership to be engaged and taking charge so things don?t dissolve into chaos. Taking the time to determine who needs to be alerted should a disaster strike is a critical piece that can easily be overlooked. This kind of list should also be composed for your entire staff in order to keep them apprised. Know Which Job is Whose – On a related note, the midst of a disaster event is no time to be unsure of who is responsible for what during the recovery process. You need to ensure that everyone knows what their responsibilities are, as well as the responsibilities they will pick up if the person originally responsible is unavailable. Review […]

In addition to Windows 7, Windows Server 2008 R2 will also reach the End of Support date on January 14th, 2020. Don?t look at this six-month window as an opportunity to wait until the last minute–that?s the last thing you should do. In fact, you need to take action now to upgrade away from Windows 7 and these other solutions, as it takes much longer than just a few weeks to work through this process the right way. What Does End of Support Mean? You may have noticed the messages on your device telling you that there are updates waiting to be installed. While they might be annoying, it?s entirely in your benefit to implement them, as without these updates your devices could become security hazards. In other words, these updates are essential to a healthy infrastructure, and with the End of Support coming soon, you will stop receiving them unless you take action to upgrade away from these solutions now. Why is This an Issue? Security updates are critical to patching up known security flaws, but patches are also meant to respond to operational deficiencies that might plague certain software solutions–including operating systems. Furthermore, hackers are waiting to take advantage of these security threats, inefficiencies, and vulnerabilities to make your life miserable. We can assure you that it?s in your best interest to nip this issue in the bud before it even becomes a problem. Besides, isn?t it better to take action now than wait until it?s too late to do so? You?ll save a considerable amount of time and resources by upgrading away from your soon-to-be obsolete software. It?s much better to upgrade away now than wait until you?re already experiencing security issues and inefficiencies, so don?t waste any more time. White Mountain IT Services can help your organization upgrade away from antiquated software solutions that will soon lose support. To learn more, reach out to us at (603) 889-0800.