More often than not, employees aren?t very aware of IT security threats or the ramifications of improper data-sharing habits. It?s not uncommon for IT security to start and end with the password for non-technical employees, and sometimes even that feels like asking a lot. This point isn?t to sound negative. You probably didn?t hire most of your employees for their knowledge and understanding of network security. The real problem lies when you, the business owner, rolls out a new security policy. As a simple example, let?s go back to passwords: A Real-World Example of Employees Rejecting IT Security Let?s say your IT provider suggests that you set up group policies on your network to enforce secure passwords across the board. That includes forcing users to reset their network password every 30 days, not repeating the same password, and having complexity requirements. If you are like most business owners, you approve the change and move on. IT implements the change, and suddenly your employees start getting prompted to change their passwords. It?s likely some users are going to simply follow the prompts and do so without a hitch, some are going to idly mutter about the change, and a few are going to protest it. This might not even get directly to you right away either – they?ll complain to their immediate manager or their friends around the water cooler. In the worst cases, seemingly simple security change can bring out the poison. When it does finally trickle up to C-level, it?s going to feel insane how much it has escalated. After all, it?s just over a simple password policy, and it is to protect the data of the business that signs their checks! I?m not even the victim of this and the idea heats me up too! This is a little bit of an extreme case and not typically the norm, but I assure you it does happen. It?s worth mentioning some other policies that could rile up your employees: BYOD (Bring Your Own Device) Policies – From employees not wanting their employer to dictate how they manage their personal mobile devices, despite setting up company email and cloud accounts to use the device for work, to bringing in unprotected devices and connecting them to the network, this security concept always seems to be a major hit or a major miss for people. Firewalls and Content Filters – ?What do you mean, YouTube is blocked?? You?d be surprised how many businesses suffer from wasted time from video streaming sites and social media, or maybe you wouldn?t. While common, it?s usually just a handful of provocateurs who regularly misuse the Internet while at work. Still, the solution is locking things down, and for some reason, that can be upsetting to some users. Implementing New Technology – This is probably the most common. Let?s say you roll out a new line of business app or move your data to the cloud. You put your managers and staff through training to learn the new system and provide instructions for proper use and follow up a week or two later only to find some employees are following the new procedures and others are pushing against the grain and going their own way. The list goes on though. Almost any kind of security implementation could […]

What Makes a Hacker? A hacker is an individual or group that, using their programming skills, finds a way into systems by identifying and exploiting gaps in the security protocols protecting them. That said, should we always be afraid of them? There are three overarching delineations that a hacker can fall into, as well as different subtypes that they could be classified into, based on their motives and modus operandi. The Three Main Types Black Hat These are the hackers that most likely first pop into your mind. Using their skills to steal the information they want from their victims or to manipulate their victims into paying them, black hat hackers are the criminals that give the term ?hacking? the reputation it has today. Their work is for their own personal gain, illegal, and usually results in the harm of others. White Hat On the side of the angels, you?ll find white hat hackers. These hackers use their skills to assist businesses and other entities in identifying weak points and vulnerabilities in their IT systems so that these weaknesses can be resolved. In fact, if we were to run a penetration test on your business, we would be acting as white hat hackers. A white hat hacker works for your benefit, and exclusively at your request – they do not hack into systems unless it is requested of them. Gray Hat As one might imagine based on their name, gray hat hackers are those hackers who are a little white hat and a little black hat. They aren?t quite black hat, because they aren?t personally profiting from the hack, but they aren?t quite white hat either, because they are hacking without the target?s consent or knowledge. Some grey hat hackers will inform an organization of their vulnerability, while others will enable others to leverage it by leaking it over the Internet. Additional Subtypes Script Kiddies Script kiddies are very amateur hackers, in that they don?t care to learn how or why the codes they use work. Instead, they leverage the code that has been written by others to launch basic attacks, often to draw attention to themselves or to impress their peers. Blue Hat A blue hat hacker can be summed up as a script kiddie with an axe to grind. Rather than trying to impress others by launching basic cyberattacks, blue hat hackers are out for revenge against those who have angered them. Again, these hackers don?t want to learn how to actually hack, they simply want to strike back. Green Hat Another variation of script kiddie, green hat hackers are the field?s equivalent of a greenhorn – new and inexperienced, but ready to learn. Green hat hackers are those that grow and become better over time and are known to ask a lot of questions among hacking communities. Red Hat These hackers are effectively the vigilantes of the hacking world, striving toward a similar goal as a white hat hacker would but taking a much different approach. Rather than reporting an attack, a red hat hacker will go on the counteroffensive and give their black hat target a taste of their own medicine. Using cyberattacks and malware as their tools of choice, a red hat hacker aims to hamstring their target?s computing ability. State-Sponsored These hackers are those […]

What is Vendor Management? Putting it simply, vendor management is how the relationships you have with your vendors are maintained and monitored. This process is what allows a business to properly utilize their vendors, down to determining if a particular vendor has met your organization?s needs. Vendor management offers a business quite a few benefits, the most apparent being the time savings involved. Why Vendor Management is a Big Time-Saver Consider, for a moment, the experience you would have in resolving a problem when you yourself have to deal with all of your vendors. Let?s assume that Vendor A provided your workstations, Vendor B provided your server, Vendor C provided your wireless networking components, and Vendor D provided your network-attached printer. What would happen if you suddenly found that you could no longer print work-essential documents? Your first response may be to reach out to your vendors, who likely have limited monitoring and diagnostic capabilities. So you call Vendor A, and they confirm that the issue isn?t with your workstations. Next, you call Vendor D, who then lets you know that your printer is also fine. Finally, you call Vendor C, who figures out that the issue lies in your router?s configuration. However, when Vendor C fixes the issue, they do so without regard for your business? security (after all, they?re only concerned with your networking, not how it ties into the rest of your business? security). As a result, you?re suddenly left with a major vulnerability that you have to figure out how to shore up? or else? all because a vendor decided that ensuring your security wasn?t their responsibility. A Better Way With our vendor management services, on the other hand, White Mountain IT Services can serve as the go-between with you and your vendors. This means that instead of having to play phone-tag to have your problem solved, you can focus on being productive while we make sure your issue is sorted out. We?ve spent the time to forge strong relationships and lines of communication with many, many vendors. As a result, you don?t sacrifice valuable time that could be better spent working on something else while your concerns are still attended to. At White Mountain IT Services, we make it our responsibility to be sure that all of your IT is working the way you need it to, and our vendor management reflects that. If you?d rather have us deal with your vendors and let you focus on putting their services to good use in your business operations, let us know! Call (603) 889-0800 today!

Alternate Communications Sure, the ability to make and take calls on-the-go is spectacularly beneficial to business processes, but what if your needs aren?t communicated well by voice? What if your information will need to be referenced for hours to come? are your employees (or you, for that matter) able to retain lots of information for that long? Probably not, which is why a smartphone is such a great communication tool–it isn?t limited to just voice. Information can be input and shared through many different outlets with these handy little devices, whether you choose to send an email or text, access a document in your company?s drive, or record instructions aloud that your employees can play back as they need. It is important to remember that we now have plenty of means to communicate, and that our smartphones can handle them all, not just one. Management Any business will require no small amount of management to remain up and running, and this includes much more than the activities performed by ?management.? For instance, when it comes to project management, many team members may need to have collaborative capabilities to go in and make changes at odd times and from odd places. Furthermore, in the interest of productivity, some employees may want to take a spare moment and arrange their upcoming day. If this impulse strikes them at home, their smartphone could very well allow them to do so. Learning Tool Of course, not all time spent productively necessarily has to be spent on a specific task. One great way to improve how you work in general, is learning better methods and strategies to do so. Smartphones are excellent learning tools, with access to plenty of materials that are delivered in a great variety of ways. Whether you read a quick blog post on your phone with your morning coffee, listen to a podcast during your commute, or squeeze in a quick video sometime during your day, you can learn new skills and strategies to use to benefit your business? operations. Organization There is no question that even the smallest business is a fairly complex machine, filled with moving parts and interwoven tasks. As a result, keeping your business organized is a prerequisite to its success. Your smartphone will have a variety of tools and features that ultimately make this much easier, from calendars that integrate with other services and task lists to keep you on schedule, with access to cloud-based tools making it easier to manage and organize your company?s documents and files. A smartphone essentially combines the communicative powers of a telephone with the access of the Internet and the capabilities of an assistant (which we?ll dive into more in a moment), so it only makes sense that its organizational tools would be one of its strongest offerings. Personal Assistant Who among us hasn?t dreamt of a personal assistant? While they may not be able to do laundry or feed your cat, the various assistants that smartphones feature are more than capable of offering a helping hand in quite a few situations. Need to make a quick call? Tell the Google Assistant to call a particular contact. Need to add a business meeting with your team to your calendar? Windows 10?s Cortana is on it. Want to set a reminder […]

The reliance the modern business has on its IT cannot be understated. As a result, to keep their computing network and infrastructure running efficiently, companies need to have a network and cybersecurity policy in place. With the development and use of organizational computer networks with multiple endpoints, understanding the basics of network security is helpful when implementing and employing network security systems. Today, we take a look at the parts of your network, their functions, and what you need to do to protect them. Network Hardware Your business? computing network consists of, at the very least, two connected machines set up to share resources. Most of the time, a business network consists of centralized computers called servers, and endpoints called workstations. Major networking components (working backward from the endpoint) include, network switches (that allow multiple workstations to be connected in packets); a router (that allows for wired or wireless connection to the network); and the modem (that connects the network to the Internet). On your network can be all types of other accessories (printers, scanners, copiers, and more). Today, wireless networks have been deployed to provide additional mobility. In this case the router, which would have to have Wi-Fi capabilities, allows mobile endpoints (laptops, smartphones, tablets, and IoT devices) to connect to, and share the files on, an organization?s network. This promotes mobility by allowing the sharing and use of files without being physically connected to the network. Network Protocol The network protocol is a set of rules that work to control communications between devices connected to the same network. They make connections and set rules for data packaging for both sent and received messages. Popular protocols include: Transmission Control Protocol and Internet Protocol (TCP/IP) Address Resolution Protocol (ARP) Domain Name System (DNS) Secure Shell (SSH) File Transfer Protocol (FTP) Dynamic Host Configuration Protocol (DHCP) Hypertext Transfer Protocol (HTTP) Hypertext Transfer Protocol Secure (HTTPS) Internet Group Management Protocol (IMAP4) Post Office Protocol version 3 (POP3) Simple Mail Transfer Protocol (SMTP) There are many more, and every protocol is basically the building blocks of a deliberate interaction. Each protocol works to connect one part of a computer to another. Much like a bank has procedures in place to help keep your money safe, protocols are the procedures at work to keep your data safe. Securing TCP/IP is especially important. TCP/IP communications are made up of four layers that work together. When a user wants to send information across networks, the information is passed through each layer, each adding data. Each layer features a header and a payload. The header contains layer-specific information, while the payload consists of the information that has come from the layer above it. To illustrate this a little better, we?ll describe the four layers in TCP/IP communications: Application Layer: This layer sends and receives the information for particular applications, with protocols such as DNS, HTTP, HTTPS, and SMTP. Each application has to have its own specific protocol. Transport Layer: This layer of connected (or connectionless) services are for transporting application layer services between networks and works to assure that connections are reliable. TCP and User Datagram Protocol are commonly used in the transport layer. Internet Layer: This layer routes the data packets across networks. Internet Protocol (IP) is at the heart of this layer. IP specifically allows […]