What are You Willing to Risk?When devising a policy for your company concerning the IoT, you need to establish what (or how much) you?re willing to leave vulnerable. This has a lot to do with your employees and what they are able to access. The more data an employee has access to, the riskier it is to allow that particular user to utilize the IoT in the office. Likewise, the less data an employee can access, the less of a relative risk it is to allow them to use Internet of Things devices. However, it is important to remember that the term ?relative? is an important one. IoT devices are notorious for their iffy security measures, and so it is important to take many factors into consideration. First of all, how sensitive is the data that a particular employee can access? If they are pretty well separated from any confidential or sensitive data, allowing them to make basic use of the IoT may be a valid option. This may very well depend on the industry that your company serves, as well as the security standards of the company itself. Check what has been outlined in your company?s handbook to ensure that you meet any established security practices. A Well-Trained Staff is a Prepared StaffNaturally, more than one person in any organization needs to be mindful of its security, including (and especially) where the IoT is concerned. It isn?t enough for organizational leadership to campaign for mindful and secure practices. If a business is to be protected against the issues that the IoT still presents, security has to be a team effort. Everyone in an organization has to not only be aware of the risks that the IoT may pose, they need to know and subscribe to the organization?s use policies. Furthermore, it also becomes important for staff members to be able to identify and handle the warning signs of a threat leveraging the IoT. Leading by ExampleFinally, in order to establish a real awareness of IoT risks in the workplace, office leadership needs to take the first steps. By subscribing to the guidelines that are placed upon employees themselves, management can set an example as to how the IoT can be appropriately utilized. Prudence is the key to safely and wisely utilizing the Internet of Things. For more assistance with implementing technology solutions, give White Mountain IT Services a call at (603) 889-0800.

BlockchainThe rise of cryptocurrencies have brought the blockchain into the spotlight, but the abilities of the blockchain that permits cryptocurrencies to function also have applications in the business world. Simply put, blockchain technology allows for information to be secured and protected. Furthermore, business processes can be streamlined and made more secure as well, replacing third parties with smart contracts that are able to confirm actions without exposing data to security risks. Internet of ThingsThe Internet of Things, or the IoT, is already becoming a standby in daily life. Countless devices are able to connect to the Internet as a means of their general function, communicating with other devices and activating processes based on predetermined factors. This allows for tasks to be completed without the risk of user error. However, there are still some concerns about the IoT, namely, a general lack of security incorporated into the devices. As a result, it may be best to simply monitor how the IoT is being improved upon–waiting until its security is up to standards before diving in. With any luck, improving the security of these devices will be a focus during 2019. ChatbotsWhile the importance of maintaining an open line of communication with clients and customers is indisputable, many companies lack the internal resources to dedicate the commitment to comprehensive support. Improvements in chatbot interfaces have made them an increasingly viable option for companies to field incoming messages, as artificial intelligence attends to many concerns and greatly reduces the number of problems that your staff has to deal with. As a result of these improvements, more industries are likely to increase their use of chatbots for a variety of purposes. Subscription ModelThe ability for most solutions to be delivered and maintained via an Internet connection has led to a shift in software deployment. Instead of needing to buy a new version of the software every year, the subscription model allows companies to pay a monthly fee for the security of knowing that the software they are using is the most recent (and secure) version available. AutomationIt should come as no surprise that a technology that allows focus to be shifted from menial tasks to other, more pressing considerations would be welcomed in the business world. Automation permits exactly this, with artificial intelligence and predetermined processes stepping in and providing certain business needs. While there are many processes and fields that still require a human touch, automation allows for more time to be committed to them, and less to ?busy? work. Which of these technologies do you see having the biggest benefit for your business? Let us know in the comments, and make sure you subscribe to our blog!

Lesson One: Track Your DataThe Yahoo and Equifax data breaches led to countless individuals losing track of their data and how it?s used online. These breaches made it unbearably clear that even some of the largest organizations in the world aren?t immune to the dangers of the Internet, and even they could become victims if they didn?t pay particularly close attention to their security. In some cases, these breaches remained unannounced for months. This observation led to the belief that small and medium-sized businesses must be much more careful with their data than they previously had been. If large companies can be toppled by security threats, then so too can small businesses (since they likely have smaller security budgets and less comprehensive solutions put in place). Therefore, a small business should also take as many measures as possible if it should hope to secure its future. Lesson Two: Patches Are Extremely ImportantPatches and security updates are one of the best ways to prevent data breaches. In the Equifax case previously mentioned, it would have been vital. Patches are implemented by developers with the express purpose of resolving holes in their solutions. Yet, 2017 has shown that some companies need to put a higher priority on patching, as many of the issues that 2017 saw could have been prevented with proactive patching. Everything starts with the developers, though. If the developers don?t issue the patches and updates in the requisite timetable, the problems posed by the threats could have plenty of time to cause as much damage as possible. For example, the bug that allowed the EternalBlue exploit wasn?t patched until a month after the issue had become known. The exploit was then used alongside other threats, like WannaCry and NotPetya, to cause even more trouble for organizations and individuals, alike. Therefore, we recommend that you apply patches as soon as possible after they are released. We also recommend that you maintain a consistent patching schedule, routinely deploying them as you can. After all, the longer you wait to deploy a patch, the longer you have to become infected by the very bugs that they are designed to fix. Plus, the longer the patch is available, the longer it is available to hackers. These nefarious actors could take it apart and discover what vulnerability is being addressed, affording them time to create code that would negate the effects of the designated patch. Lesson Three: So Many Ways for Data TheftCisco has found that business email and account compromise attacks are five times more profitable than your typical ransomware attacks. In fact, the Federal Bureau of Investigation estimates that BEC attacks have lost businesses over $5 billion. Therefore, your organization needs to take a stand against common security threats. One way you can shore up defenses for your infrastructure is with traditional endpoint security. If you can keep threats from accessing your network in the first place, you?re setting yourself up for success. You can use access controls to ensure that a hacker can?t access your entire infrastructure from a single unsecured endpoint. We also recommend educating your employees through security training so that they are made more aware of their role in network security for your organization. Don?t let your business fall victim to security threats in 2018. To learn more […]

The breaches that were seen throughout 2017 actually had a lower average cost than other years, dropping by 10%. However, this still makes the average cost of a breach a considerable $3.62 million, and the particular bodies that were breached are cause for equally considerable concern. Furthermore, while there was a decrease in the average cost of a data breach, there was more data lost in the first half of 2017 than there was in the whole of 2016. Looking back at the nature of some of these data breaches, there?s little wonder that so much data was lost. The Equifax breach provides one of the most stunning examples of a data breach, and on a related note, one of the biggest examples of how a breach shouldn?t be handled. Not only were 143 million customers made vulnerable between May and July of 2017, the credit monitoring company waited until September to come clean that a breach had occurred. As a result, a little over a third of the American population was put at risk by having their personally identifiable information like social security numbers and birth dates stolen, without any knowledge of it. The CEO of Equifax put out an apology video that was widely seen as insincere, before losing his job. In March, a database belonging to business analytics firm Dun & Bradstreet was exposed, allowing 33.7 million contact information records to be accessed. The database included contact information from a variety of recognizable organizations, including Walmart, AT&T, and most disconcertingly, 100,000 employee records from the Department of Defense. This information included the names and job titles of these employees as well. Verizon also found itself in hot water in July when 14 million of their customers had enough data to access their accounts exposed. While there was no indication that this database was actually ever accessed by a cybercriminal, the fact that it could be accessed by anyone who happened to type it the right URL provides proof, along with the countless other examples of data breaches, that businesses need to take their data security more seriously than they are. The most effective means of doing so may be to outline the cost that each industry faced for each breached record. Reportedly, records for the following industries cost the breached business the associated amounts, for each record that was breached. Healthcare: $355 Education: $246 Financial: $241 Services: $208 Life science: $195 Retail: $172 Communications: $164 Industrial: $156 Energy: $148 Technology: $145 Hospitality: $139 Consumer: $133 Media: $131 Transportation: $129 Research: $112 Public: $80 These are the numbers for 2016, so while 2017?s average cost per breached record will be lower, it is important to remember how many more breaches were seen in 2017, and how many more records were therefore accessed. As a result, while the average cost will be lower, the total can be expected to be much, much higher. This applies to more than just the major companies and other large businesses and enterprises that are out there, as well. Reports have indicated that, not only do over 70% of attacks target small businesses, but over half of all small businesses have been a target of a cyberattack. Even worse for the small business, the estimated cost per breach can reach over half a million […]

Be Aware of Return on InvestmentAny technology that your business implements should present a clear return on investment. If it doesn?t, then you can?t justify implementing it. A good IT project manager will be able to identify whether or not a project will yield sufficient return on investment for your business. Some questions you should ask yourself are if it will bring more profits in and if your operations will become more efficient. If the answer to either of these is a yes, chances are the solution is worth implementing, and an IT project manager needs to know how to read these situations. Identify Potential IssuesAn analytical mind is critical to the success of any IT initiative. Your IT project manager needs to not only be able to identify potential roadblocks, but how to respond to them as well. This includes extensive knowledge of how IT systems work, including networking components, software solutions, hardware (like servers and workstations), and cloud-based applications. The true IT professional will be able to identify what your business needs, any roadblocks that will be encountered along the way, and the ideal way to approach them. Have Patience with Non-Technical WorkersLet?s be realistic; nobody knows the ins and outs of IT terms, definitions, and technologies quite like a project manager. Therefore, you?re likely to run into situations where your business will have non-technical employees or administrators who don?t necessarily know all of the details regarding your project. It?s up to the project manager to bridge this gap of understanding and ensure that even the most untechnical workers understand both the benefits and shortcomings of the various technologies you?ll implement. Make Tough CallsIt?s not always easy working with technology, and nobody knows that more than your IT project manager. Sometimes they will need to make decisions that nobody likes, be it the implementation of a content filter to limit employee use of social media networks or pulling the plug on a solution when it?s just proving to be too stubborn to yield a return on investment. These tough choices are what ultimately defines the project manager position, and you only want one who can separate the bad from the good to make an objective decision. Does your business need a quality project manager? White Mountain IT Services can give you a whole team of IT experience ready and willing to help you ensure success. To learn more, reach out to us at (603) 889-0800.