Numbers are still coming in as far as how widespread this issue is. As of Monday, cybersecurity firm Kaspersky Lab said potentially thousands of Asus computers were infected, but on Tuesday that number has potentially broken a million. How Could My Asus Laptop Get Hacked? This type of attack is called a Supply-Chain Compromise and is one of the most frightening kinds of cybersecurity threats out there. Asus?s software update system was compromised by hackers, putting a backdoor into consumer devices. The scariest part is that this backdoor was distributed last year and it?s just being noticed now. The good news is this has given Asus plenty of time to plug up the security holes on their end, but if you own an Asus device there is still a chance that it is infected with malware from the initial attack. What Do I Do Now? First and foremost, no matter what brand of computer or laptop you have, you need to make sure you have antivirus, and that antivirus needs to be licensed and kept up-to-date. If you have an Asus device, Asus has released an update in the latest version of their Live Update Software. They?ve also patched their internal systems to help prevent similar attacks from happening in the future. You?ll want to make sure you have Live Update 3.6.9 installed. Asus has also released a security diagnostic tool that will check your system to see if it has been affected. Click here to download the tool. We HIGHLY encourage you to reach out to White Mountain IT Services if you are running any Asus hardware. It?s better to be safe than sorry.

The modern work environment is a scary place, and you never know when someone is looking. Hackers have used spyware for ages to lurk on a device and collect data for various purposes, but the threat needs to be directly installed on the device in order for this to work. It doesn?t work when the data is most vulnerable–while it?s in transit. This is the issue that created the need for a virtual private network. A virtual private network is an encrypted network that gives you a secure way of connecting to your organization?s in-house infrastructure. In this case, the encryption protects your data by scrambling it into an undecipherable mess of characters while it?s in transit. The only way that anyone can unscramble the data is by having the decryption key that goes with the encrypted message. In essence, only those authorized by your organization can make heads or tails of the data. Otherwise, it?s just a jumble of something useless to hackers. This is why a virtual private network is so important to the security of your business. Often times data can be intercepted while it?s in transit to or from a device, placing it at risk. With the VPN, the tunnel between your infrastructure and the receiving device is a bit more opaque, meaning that it?s not as easy to see the true data, as it will be obscured and unreadable should it be stolen by anyone who doesn?t have the encryption key. VPNs are useful for any business correspondence where sensitive or proprietary information is sent over an unsecured Internet connection. This provides the security needed to send files and data when being asked to connect to wireless or other Internet connections that may be risky. White Mountain IT Services can help you implement the right VPN for your business. To learn more, reach out to us at (603) 889-0800.

Defining Disasters Any business, particularly those that are reliant on their technology solutions, are susceptible to a variety of disasters. These disasters can be split into three categories: natural disasters, technological disasters, and human disasters. Natural Disasters – With effectively every environment on the planet having one form of extreme weather or another, these events are always a risk for a business. Whether a business needs to contend with flooding, severe storms, earthquakes, or any other extreme environmental event, these kinds of disasters can have very real business ramifications if not mitigated. Technological Disasters – While there are some ways to reduce the risk of a technological disaster striking your business, like maintaining your hardware to ensure it doesn?t fail or keeping your critical applications up to date, others are unfortunately out of your control. For instance, if your power goes out, it?s unlikely that operations can continue, and any unsaved data from before your systems died will be lost. What if your suppliers make a mistake, and leave you without a critical component to your processes? These kinds of events can easily suspend operations. Human Disaster – Unfortunately, one of the key components of your company is also the thing that can cause the widest variety of issues in your operations. From workplace accidents to human error to issues with former employees, your business is arguably most vulnerable from the inside. Of course, there are some disasters that can arise from typical events going awry? What happens when one of your key employees needs to go on an extended leave of absence? Which Risks Concern You? Each of these can have serious consequences to your business, its processes, and ultimately, its success. However, your level of risk for each will vary. This means that the first consideration you make is which events will have the greatest impact on your operations. Once you?ve established this, you are ready to tackle the rest of your plan with your priorities more effectively planned out. What Your Strategy Should Cover As you prepare your business for a potential disaster in the future, you need to focus your efforts toward accomplishing three benchmark goals: Protecting your employees and infrastructure Preserving your data and proprietary information Permitting operations to be resumed quickly (if not maintaining business continuity through the disaster) With these goals in mind, you need to take everything in your business into account before you run into an issue, putting measures into effect proactively. This means your backup plan needs to address how your data backups are to be managed and maintained, that your backup will remain operational throughout the disaster, and any processes that your business will need to replace resources after the disaster has ended. Preparing the Business as a Whole You should also be sure to keep the entire team in the loop as far as backup procedures are concerned, as well as what to do in case of disaster. Not only is there a chance that one of them may have to enact it, new employees are going to need someone to introduce them to your business? processes. Furthermore, as your business continues to develop over time, you should regularly return to your backups and reevaluate the data you?re protecting, and how it ties into your greater business continuity […]

From Apple?s Siri, to the Google Assistant, to Microsoft?s Cortana, to Amazon?s Alexa, these voice-activated solutions have appeared in our computers, our mobile devices, and in stand-alone devices. As they have become more commonplace, they have grown in capabilities. Many of these capabilities are admittedly well-suited for the workplace – but the always-on microphones that these devices rely on to function make many pauses. After all, there?s the potential for sensitive data to be sent along to a third party if it is merely spoken aloud in this device?s presence. This has created a quandary for those wishing to leverage these devices – do the benefits outweigh the potential risks of such an implementation? Here, we?ve assembled a few considerations that should help make these risks less of a factor. Just Another Internet of Things Device The risks inherent in Internet of Things devices have been clearly documented. One notable example was the Mirai botnet, which enslaved IoT devices to power its attacks. Furthermore, it seems to be easy to forget that these virtual assistants are simply another Internet-connected device. However, if you keep that in mind, you may find it much simpler to outline policies for these devices that can help to reduce your potential security risk. For instance, if there is a location in your office where sensitive information is spoken aloud, a virtual assistant shouldn?t be placed there. Furthermore, you don?t want to put your business? network at risk, so it would make more sense to establish a secondary wireless network for these devices to use. That way, even if these devices are infiltrated, the rest of your network isn?t made vulnerable as a result. Whose Devices are They? Data privacy and ownership is a big deal in business, which could potentially complicate our issue further. Let?s say an employee were to bring in their own virtual assistant. While this may reduce the business? capital investment into the use of a virtual assistant, there are a lot of concerns regarding security and privacy. How can you enforce data privacy if the data is being accessed by a device that you can?t control? Policies Are Your Greatest Asset In order to keep your business safe, while still embracing the benefits that virtual assistants can bring to the workplace, you need to set firm controls on how they can be used. There should be the assumption that one of these devices can always be listening, leading to a policy of keeping these assistants out of areas where sensitive information is regularly discussed. This awareness should also spread over to your other devices. There are already plenty of microphones and potential vulnerabilities in the office. Phones can have their firmware hacked, and laptops can have monitoring software installed without your knowledge. White Mountain IT Services can help you be sure that your business remains secure against a variety of threats while still enjoying the use of different technologies. Call us at (603) 889-0800 to learn more.

The Everyday SituationSmall businesses sometimes have issues working within their constraints. More often than not, budgeting issues mean that a dedicated in-house IT department is nothing but a pipe dream. Instead, they rely on employees doing more than they are trained to do. This means that many IT-related tasks may be done incorrectly, leading to more issues than would otherwise be present. Alternatively, small organizations that do have an in-house IT department likely generate a lot of duties that fall into that department?s purview. Countless little tasks can pile up and get in the way of critically important responsibilities, like patching and network maintenance. How the Right Tools Can HelpMany automated management solutions are seen as most effective because their processes can be done remotely, meaning that technicians don?t have to be on-site to make sure the work gets done properly. Whether it?s scheduling updates or automating processes, these solutions can be deployed so that minimal involvement is needed on your end. With these tools, you can also identify suspicious activity on your network. This is especially helpful to detect logins in remote locations to ensure that they aren?t coming from, say, halfway across the world. You can be alerted if someone accesses your network from a suspicious IP address. To learn more about how a we can deploy such a solution to help your business, reach out to White Mountain IT Services at (603) 889-0800.